From 4e7d21eefaba751376814b1e09d2d3c969277010 Mon Sep 17 00:00:00 2001 From: parkduhwan Date: Thu, 22 Aug 2024 15:16:39 +0900 Subject: [PATCH] =?UTF-8?q?=ED=88=AC=EB=8D=B0=EC=9D=B4=20=EB=8C=93?= =?UTF-8?q?=EA=B8=80=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 투데이 댓글 CRUD 추가 및 시큐리티 추가 --- .../config/security/SecurityConfig.java | 4 +- .../controller/TodayCommentsController.java | 65 +++++++++++++------ .../entity/TodayCommentsEntity.java | 3 - .../repository/TodayCommentsRepository.java | 4 +- .../service/CommunityCommentsService.java | 7 +- .../service/TodayCommentsService.java | 37 +++++++++-- 6 files changed, 81 insertions(+), 39 deletions(-) diff --git a/src/main/java/com/example/healthylife/config/security/SecurityConfig.java b/src/main/java/com/example/healthylife/config/security/SecurityConfig.java index 2c0a5d5..0d3caea 100644 --- a/src/main/java/com/example/healthylife/config/security/SecurityConfig.java +++ b/src/main/java/com/example/healthylife/config/security/SecurityConfig.java @@ -31,9 +31,11 @@ protected void configure(HttpSecurity http) throws Exception { .cors().configurationSource(corsConfigurationSource()) // CORS 설정 추가 .and() .authorizeRequests() - .antMatchers("/community/register", "/community/update", "/community/delete/**","/community/recommend/**","/community/myCommunityContents").authenticated() .antMatchers("/user/one","/user/delete","/user/update").authenticated() + .antMatchers("/community/register", "/community/update", "/community/delete/**","/community/recommend/**","/community/myCommunityContents").authenticated() + .antMatchers("/communityComments/insert", "/communityComments/update", "/communityComments/delete/**").authenticated() .antMatchers("/today/create","/today/myTodayContents","/today/update/**","/today/delete/**","/today/todayDetail/**").authenticated() + .antMatchers("/todayComments/register", "/todayComments/update", "/todayComments/delete/**").authenticated() .anyRequest().permitAll() .and() .addFilterBefore(new JwtAuthenticationFilter(jwtUtil), UsernamePasswordAuthenticationFilter.class); diff --git a/src/main/java/com/example/healthylife/controller/TodayCommentsController.java b/src/main/java/com/example/healthylife/controller/TodayCommentsController.java index 45051bc..45b2d6c 100644 --- a/src/main/java/com/example/healthylife/controller/TodayCommentsController.java +++ b/src/main/java/com/example/healthylife/controller/TodayCommentsController.java @@ -4,43 +4,66 @@ import com.example.healthylife.service.TodayCommentsService; import io.swagger.annotations.ApiOperation; import lombok.RequiredArgsConstructor; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.security.core.Authentication; import org.springframework.web.bind.annotation.*; -import java.util.List; @RestController @RequestMapping("/todayComments") @RequiredArgsConstructor public class TodayCommentsController { - private final TodayCommentsService todayCommentsService; - - @ApiOperation(value = "오운완 댓글 전체조회") - @GetMapping("/todayCommentsAll") - public List todayCommentsList (){ - return todayCommentsService.todayCommentsList(); - } + private final TodayCommentsService todayCommentsService; @ApiOperation(value = "오운완 댓글 작성") @PostMapping("/register") - public TodayCommentsEntity register(@RequestBody TodayCommentsEntity todayCommentsEntity){ - return todayCommentsService.insertTodayComments(todayCommentsEntity); - } + public ResponseEntity register(@RequestBody TodayCommentsEntity todayCommentsEntity, Authentication authentication){ + String userId = authentication.getName(); + TodayCommentsEntity savedComment = todayCommentsService.insertTodayComments(todayCommentsEntity,userId); + return ResponseEntity.status(HttpStatus.CREATED).body(savedComment); + } - - @ApiOperation(value = "오운완 내가 쓴 댓글 조회") - @GetMapping("/myTodayCommentsContents") - public List myTodayCommentsContents(@RequestParam String userId){ - return todayCommentsService.findMyTodayComments(userId); - + @ApiOperation(value = "오운완 댓글 수정") + @PostMapping("/update") + public ResponseEntity todayCommentsUpdate(@RequestBody TodayCommentsEntity updateTodayCommentsEntity, Authentication authentication){ + String userId = authentication.getName(); + try { + TodayCommentsEntity updatedComment = todayCommentsService.updateComments( + updateTodayCommentsEntity.getTodayCommentsSq(), + updateTodayCommentsEntity, + userId + ); + return ResponseEntity.ok(updatedComment); + } catch (SecurityException e) { + return ResponseEntity.status(HttpStatus.FORBIDDEN).build(); + } catch (RuntimeException e) { + return ResponseEntity.status(HttpStatus.NOT_FOUND).build(); + } } @ApiOperation(value = "오운완 댓글 삭제") - @PostMapping("/todayCommentsDelete") - public Boolean todayCommentsDelete(@RequestParam long todayCommentsSq){ - todayCommentsService.deleteByTodayCommentsSq(todayCommentsSq); - return true; + @PostMapping("/delete/{todayCommentSq}") + public ResponseEntity todayCommentsDelete(@PathVariable("todayCommentSq") Long todayCommentsSq, Authentication authentication){ + String userId = authentication.getName(); + + try { + todayCommentsService.deleteByTodayCommentsSq(todayCommentsSq,userId); + return ResponseEntity.noContent().build(); + } catch (SecurityException e) { + return ResponseEntity.status(HttpStatus.FORBIDDEN).build(); + } catch (RuntimeException e) { + return ResponseEntity.status(HttpStatus.NOT_FOUND).build(); + } } + // @ApiOperation(value = "오운완 내가 쓴 댓글 조회") + // @GetMapping("/myTodayCommentsContents") + // public List myTodayCommentsContents(@RequestParam String userId){ + // return todayCommentsService.findMyTodayComments(userId); + // + // } + } diff --git a/src/main/java/com/example/healthylife/entity/TodayCommentsEntity.java b/src/main/java/com/example/healthylife/entity/TodayCommentsEntity.java index 5458633..03f06fa 100644 --- a/src/main/java/com/example/healthylife/entity/TodayCommentsEntity.java +++ b/src/main/java/com/example/healthylife/entity/TodayCommentsEntity.java @@ -39,9 +39,6 @@ public class TodayCommentsEntity implements Serializable { @JoinColumn(name = "user_sq") private UserEntity user; - - - //builder @Builder(toBuilder = true) public TodayCommentsEntity(long todayCommentsSq, String todayCommentsContents, Date todayCommentsCreated, diff --git a/src/main/java/com/example/healthylife/repository/TodayCommentsRepository.java b/src/main/java/com/example/healthylife/repository/TodayCommentsRepository.java index fae2459..294c5c8 100644 --- a/src/main/java/com/example/healthylife/repository/TodayCommentsRepository.java +++ b/src/main/java/com/example/healthylife/repository/TodayCommentsRepository.java @@ -1,12 +1,10 @@ package com.example.healthylife.repository; -import com.example.healthylife.entity.CommunityEntity; import com.example.healthylife.entity.TodayCommentsEntity; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.stereotype.Repository; import java.util.List; -import java.util.Optional; @Repository public interface TodayCommentsRepository extends JpaRepository { @@ -14,5 +12,5 @@ public interface TodayCommentsRepository extends JpaRepository findByUserUserId(String userId); - List findByTodayEntity_todaySq(long todaySq); + List findByTodayCommentsSq(Long todayCommentsSq); } diff --git a/src/main/java/com/example/healthylife/service/CommunityCommentsService.java b/src/main/java/com/example/healthylife/service/CommunityCommentsService.java index 5e89b87..d61f275 100644 --- a/src/main/java/com/example/healthylife/service/CommunityCommentsService.java +++ b/src/main/java/com/example/healthylife/service/CommunityCommentsService.java @@ -17,7 +17,7 @@ public class CommunityCommentsService { private final CommunityCommentsRepository communityCommentsRepository; private final UserRepository userRepository; - // 댓글 작성 + // 커뮤니티 댓글 작성 public CommunityCommentsEntity insertComments(CommunityCommentsEntity communityCommentsEntity, String userId) { UserEntity user = userRepository.findByUserId(userId) .orElseThrow(() -> new RuntimeException("유저를 찾을 수 없습니다.")); @@ -25,7 +25,7 @@ public CommunityCommentsEntity insertComments(CommunityCommentsEntity communityC return communityCommentsRepository.save(communityCommentsEntity); } - // 댓글 수정 + // 커뮤니티 댓글 수정 public CommunityCommentsEntity updateComments(Long commentsSq, CommunityCommentsEntity updatedCommunityCommentsEntity, String userId) { CommunityCommentsEntity existingComment = communityCommentsRepository.findById(commentsSq) .orElseThrow(() -> new RuntimeException("댓글을 찾을 수 없습니다.")); @@ -51,11 +51,10 @@ public void deleteBySq(Long commentsSq, String userId) { if (!existingComment.getUser().getUserId().equals(userId)) { throw new AccessDeniedException("해당 댓글을 삭제할 권한이 없습니다."); } - communityCommentsRepository.delete(existingComment); } - + // 추후 리팩토링 시 삭제예정 public List getCommentsByCommunitySq(Long communitySq) { return communityCommentsRepository.findByCommunityCommunitySq(communitySq); } diff --git a/src/main/java/com/example/healthylife/service/TodayCommentsService.java b/src/main/java/com/example/healthylife/service/TodayCommentsService.java index 5c46784..df3ca59 100644 --- a/src/main/java/com/example/healthylife/service/TodayCommentsService.java +++ b/src/main/java/com/example/healthylife/service/TodayCommentsService.java @@ -1,32 +1,55 @@ package com.example.healthylife.service; import com.example.healthylife.entity.TodayCommentsEntity; +import com.example.healthylife.entity.UserEntity; import com.example.healthylife.repository.TodayCommentsRepository; import com.example.healthylife.repository.UserRepository; import lombok.RequiredArgsConstructor; +import org.springframework.security.access.AccessDeniedException; import org.springframework.stereotype.Service; import java.util.List; @RequiredArgsConstructor @Service public class TodayCommentsService { + private final TodayCommentsRepository todayCommentsRepository; private final UserRepository userRepository; - - public List todayCommentsList() { - return todayCommentsRepository.findAll(); + // 오운완 댓글 작성 + public TodayCommentsEntity insertTodayComments(TodayCommentsEntity todayCommentsEntity, String userId) { + UserEntity user = userRepository.findByUserId(userId) + .orElseThrow(() -> new RuntimeException("유저를 찾을 수 없습니다.")); + todayCommentsEntity.setUser(user); + return todayCommentsRepository.save(todayCommentsEntity); } - public TodayCommentsEntity insertTodayComments(TodayCommentsEntity todayCommentsEntity) { - return todayCommentsRepository.save(todayCommentsEntity); + // 오운완 댓글 수정 + public TodayCommentsEntity updateComments(Long todayCommentsSq, TodayCommentsEntity updatedTodayCommentsEntity, String userId) { + TodayCommentsEntity existingComment = todayCommentsRepository.findById(todayCommentsSq) + .orElseThrow(() -> new RuntimeException("댓글을 찾을 수 없습니다.")); + + if (!existingComment.getUser().getUserId().equals(userId)) { + throw new AccessDeniedException("해당 댓글을 수정할 권한이 없습니다."); + } + existingComment.setTodayCommentsContents(updatedTodayCommentsEntity.getTodayCommentsContents()); + existingComment.setTodayCommentsCreated(updatedTodayCommentsEntity.getTodayCommentsCreated()); + + return todayCommentsRepository.save(existingComment); } - public void deleteByTodayCommentsSq(long todayCommentsSq) { - todayCommentsRepository.deleteById(todayCommentsSq); + // 오운완 댓글 삭제 + public void deleteByTodayCommentsSq(Long todayCommentsSq, String userId) { + TodayCommentsEntity existingComment = todayCommentsRepository.findById(todayCommentsSq) + .orElseThrow(() -> new RuntimeException("댓글을 찾을 수 없습니다.")); + if(!existingComment.getUser().getUserId().equals(userId)) { + throw new AccessDeniedException("해당 댓글을 삭제할 권한이 없습니다."); + } + todayCommentsRepository.delete(existingComment); } + // 추후 리팩토링 시 삭제예정 public List findMyTodayComments(String userId) { return todayCommentsRepository.findByUserUserId(userId); }