Merge pull request #140 from The-Monitor-Dev/develop

Merge to Main

src/main/java/the_monitor/application/dto/request/ReportArticleUpdateRequest.java

@@ -29,7 +29,7 @@ public class ReportArticleUpdateRequest {
     private String publishedDate;
 
     @NotBlank(message = "미디어는 필수입니다.")
-    private String pulisherName;
+    private String publisherName;
 
     @NotBlank(message = "기자명은 필수입니다.")
     private String reporterName;
@@ -43,16 +43,15 @@ public ReportArticleUpdateRequest(String categoryType,
                                       String articleTitle,
                                       String url,
                                       String publishedDate,
-                                      String pulisherName,
-                                      String reporterName,
-                                      Long reportCategoryId) {
+                                      String publisherName,
+                                      String reporterName) {
 
         this.categoryType = categoryType;
         this.category = category;
         this.articleTitle = articleTitle;
         this.url = url;
         this.publishedDate = publishedDate;
-        this.pulisherName = pulisherName;
+        this.publisherName = publisherName;
         this.reporterName = reporterName;
 
     }
@@ -63,7 +62,7 @@ public ReportArticle toEntity(ReportCategory reportCategory) {
                 .title(articleTitle)
                 .url(url)
                 .publishDate(publishedDate)
-                .publisherName(pulisherName)
+                .publisherName(publisherName)
                 .reporterName(reporterName)
                 .reportCategory(reportCategory)
                 .build();

src/main/java/the_monitor/application/service/AccountService.java

@@ -29,8 +29,9 @@ public interface AccountService {
 
     List<Account> getAccountList();
 
-//    String resetPassword(AccountPasswordResetRequest request) throws UnsupportedEncodingException;
-
     ApiResponse checkTokenValidity(HttpServletRequest request, HttpServletResponse response);
+
+    String setClientId(Long clientId);
+
 }
 

src/main/java/the_monitor/application/serviceImpl/AccountServiceImpl.java

@@ -6,6 +6,7 @@
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.context.annotation.Lazy;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
@@ -21,6 +22,7 @@
 import the_monitor.domain.model.Account;
 import the_monitor.domain.repository.AccountRepository;
 import the_monitor.infrastructure.jwt.JwtProvider;
+import the_monitor.infrastructure.security.CustomUserDetails;
 
 import java.util.List;
 
@@ -242,17 +244,30 @@ public ApiResponse checkTokenValidity(HttpServletRequest request, HttpServletRes
         }
     }
 
-//    @Override
-//    public String resetPassword(AccountPasswordResetRequest request) throws UnsupportedEncodingException {
-//
-//        Account account = accountRepository.findAccountByEmail(request.getEmail());
-//
-//        if (account.getPassword().equals(request.getPassword())) throw new ApiException(ErrorStatus._SAME_PASSWORD);
-//        account.resetPassword(request.getPassword());
-//        accountRepository.save(account);
-//
-//        return "비밀번호 재설정 완료";
-//
-//    }
+    private Long getAccountId() {
+
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        CustomUserDetails userDetails = (CustomUserDetails) authentication.getPrincipal();
+        return userDetails.getAccountId();
+
+    }
+
+    private Account findAccountById() {
+
+        return accountRepository.findById(getAccountId())
+                .orElseThrow(() -> new ApiException(ErrorStatus._ACCOUNT_NOT_FOUND));
+
+    }
+
+    public String setClientId(Long clientId) {
+
+        Account account = findAccountById();
+        account.setClientId(clientId);
+        accountRepository.save(account);
+
+        return "클라이언트 ID 설정 완료";
+
+    }
+
 
 }

src/main/java/the_monitor/application/serviceImpl/ClientServiceImpl.java

@@ -129,9 +129,11 @@ public Client findClientById(Long clientId) {
 
     @Override
     public ClientGetResponse getClient(Long clientId){
+        Long accountId = getAccountIdFromJwt();
 
-        Client client = clientRepository.findById(clientId)
-                .orElseThrow(() -> new ApiException(ErrorStatus._CLIENT_NOT_FOUND));
+        // clientId와 accountId를 동시에 검증
+        Client client = clientRepository.findByIdAndAccountId(clientId, accountId)
+                .orElseThrow(() -> new ApiException(ErrorStatus._CLIENT_FORBIDDEN));
 
         // Client 객체를 ClientResponse로 변환
         return ClientGetResponse.builder()
@@ -186,9 +188,11 @@ public String deleteClientById(Long clientId) {
     @Override
     @Transactional
     public String updateClient(Long clientId, ClientUpdateRequest request, MultipartFile logo) {
-        // 1. 고객사 조회
-        Client client = clientRepository.findById(clientId)
-                .orElseThrow(() -> new IllegalArgumentException("Client not found with id: " + clientId));
+        Long accountId = getAccountIdFromJwt();
+
+        // clientId와 accountId를 동시에 검증
+        Client client = clientRepository.findByIdAndAccountId(clientId, accountId)
+                .orElseThrow(() -> new ApiException(ErrorStatus._CLIENT_FORBIDDEN));
 
         String logoPath;
         logoPath = (logo != null) ? s3Service.uploadFile(logo) : defaultLogoUrl;

src/main/java/the_monitor/application/serviceImpl/EmailServiceImpl.java

@@ -91,8 +91,8 @@ public EmailResponse getEmails(Long clientId) {
         CustomUserDetails userDetails = (CustomUserDetails) authentication.getPrincipal();
         Long accountId = userDetails.getAccountId();
 
-        Client client = clientRepository.findById(clientId)
-                .orElseThrow(() -> new ApiException(ErrorStatus._CLIENT_NOT_FOUND));
+        Client client = clientRepository.findByIdAndAccountId(clientId, accountId)
+                .orElseThrow(() -> new ApiException(ErrorStatus._CLIENT_FORBIDDEN));
 
         List<String> recipients = clientMailRecipientRepository.findAllByClient(client)
                 .stream()
@@ -123,8 +123,8 @@ public EmailResponse updateEmails(Long clientId, EmailUpdateRequest emailUpdateR
         CustomUserDetails userDetails = (CustomUserDetails) authentication.getPrincipal();
         Long accountId = userDetails.getAccountId();
 
-        Client client = clientRepository.findById(clientId)
-                .orElseThrow(() -> new ApiException(ErrorStatus._CLIENT_NOT_FOUND));
+        Client client = clientRepository.findByIdAndAccountId(clientId, accountId)
+                .orElseThrow(() -> new ApiException(ErrorStatus._CLIENT_FORBIDDEN));
 
         clientMailRecipientRepository.deleteAllByClient(client);
         clientMailCCRepository.deleteAllByClient(client);

src/main/java/the_monitor/application/serviceImpl/KeywordServiceImpl.java

@@ -55,10 +55,11 @@ public KeywordResponse updateKeywords(Long clientId, KeywordUpdateRequest keywor
 
         Map<CategoryType, List<String>> keywordsByCategory = keywordUpdateRequest.getKeywordsByCategory();
 
-        Long accountId = getAccountIdFromAuthentication();
+        Long accountId = getAccountIdFromAuthentication(); // JWT에서 accountId 추출
 
-        // 클라이언트 확인
-        Client client = findClientById(clientId);
+        // accountId와 clientId를 함께 검증
+        Client client = clientRepository.findByIdAndAccountId(clientId, accountId)
+                .orElseThrow(() -> new ApiException(ErrorStatus._CLIENT_FORBIDDEN));
 
         // 기존 키워드 삭제
         keywordRepository.deleteAllByClientId(clientId);

src/main/java/the_monitor/domain/model/Account.java

@@ -44,6 +44,9 @@ public class Account extends BaseTimeEntity {
     @JsonIgnore
     private List<Client> clients;
 
+    @Column(name = "account_selected_client_id")
+    private Long selectedClientId;
+
     @Builder
     public Account(String email,
                    String password,
@@ -65,4 +68,8 @@ public void resetPassword(String password) {
         this.password = password;
     }
 
+    public void setClientId(Long clientId) {
+        this.selectedClientId = clientId;
+    }
+
 }

src/main/java/the_monitor/domain/repository/ClientRepository.java

@@ -6,8 +6,12 @@
 import the_monitor.domain.model.Client;
 
 import java.util.List;
+import java.util.Optional;
 
 public interface ClientRepository extends JpaRepository<Client, Long> {
     List<Client> findAllByAccountId(@Param("accountId") Long accountId);
 
-    List<Client> findByAccountAndNameContainingIgnoreCase(Account account, String name);}
+    List<Client> findByAccountAndNameContainingIgnoreCase(Account account, String name);
+
+    Optional<Client> findByIdAndAccountId(@Param("clientId") Long clientId, @Param("accountId") Long accountId);
+}

src/main/java/the_monitor/infrastructure/security/CustomUserDetails.java

@@ -25,7 +25,7 @@ public Collection<? extends GrantedAuthority> getAuthorities() {
 
     @Override
     public String getPassword() {
-        return null;  // 필요 시 암호화된 비밀번호
+        return null; // 필요 시 암호화된 비밀번호
     }
 
     @Override

src/main/java/the_monitor/presentation/AccountController.java

@@ -72,4 +72,11 @@ public ApiResponse<String> sendPasswordChangeEmail(@RequestBody @Valid AccountEm
 
     }
 
+    @PostMapping("set-client")
+    public ApiResponse<String> setClient(@RequestParam("clientId") Long clientId) {
+
+        return ApiResponse.onSuccess(accountService.setClientId(clientId));
+
+    }
+
 }