Merge pull request #98 from Triumers/dev

[Fix] 댓글 예외처리 수정

src/main/java/org/triumers/kmsback/comment/command/Application/controller/CommentController.java

@@ -8,6 +8,7 @@
 import org.triumers.kmsback.comment.command.Application.dto.CmdCommentDTO;
 import org.triumers.kmsback.comment.command.Application.service.CommentService;
 import org.triumers.kmsback.common.exception.NotAuthorizedException;
+import org.triumers.kmsback.common.exception.NotLoginException;
 
 
 @RestController
@@ -19,38 +20,49 @@ public class CommentController {
 
     @PostMapping
     public ResponseEntity<CmdCommentDTO> addComment(@RequestBody CmdCommentDTO comment) {
+
         try {
             return ResponseEntity.ok(commentService.addComment(comment));
+        } catch (NotLoginException e) {
+            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(null);
         } catch (Exception e) {
-            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(null);
+            return ResponseEntity.badRequest().body(null);
         }
+
     }
 
     @PutMapping("/{commentId}")
     public ResponseEntity<CmdCommentDTO> updateComment(@PathVariable Integer commentId, @RequestBody CmdCommentDTO comment) throws NotAuthorizedException {
         try {
             return ResponseEntity.ok(commentService.updateComment(commentId, comment));
+        } catch (NotLoginException e) {
+            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(null);
         } catch (Exception e) {
-            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(null);
+            return ResponseEntity.badRequest().body(null);
         }
     }
 
     @DeleteMapping("/{commentId}")
-    public ResponseEntity<Void> deleteComment(@PathVariable Integer commentId, @RequestParam Long userId, @RequestParam boolean isAdmin) throws NotAuthorizedException {
+    public ResponseEntity<Void> deleteComment(@PathVariable Integer commentId) {
         try {
-            commentService.deleteComment(commentId, userId, isAdmin);
+            commentService.deleteComment(commentId);
             return ResponseEntity.noContent().build();
+        } catch (NotLoginException e) {
+            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(null);
+        } catch (NotAuthorizedException e) {
+            return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
         } catch (Exception e) {
-            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(null);
+            return ResponseEntity.badRequest().body(null);
         }
     }
 
     @ExceptionHandler(NotAuthorizedException.class)
     public ResponseEntity<String> handleNotAuthorizedException(NotAuthorizedException ex) {
         try {
+
             return ResponseEntity.status(HttpStatus.FORBIDDEN).body(ex.getMessage());
         } catch (Exception e) {
-            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(null);
+            return ResponseEntity.badRequest().body(null);
         }
     }
 }

src/main/java/org/triumers/kmsback/comment/command/Application/service/CommentService.java

@@ -2,9 +2,11 @@
 
 import org.triumers.kmsback.comment.command.Application.dto.CmdCommentDTO;
 import org.triumers.kmsback.common.exception.NotAuthorizedException;
+import org.triumers.kmsback.common.exception.NotLoginException;
 
 public interface CommentService {
-    CmdCommentDTO addComment(CmdCommentDTO comment);
-    CmdCommentDTO updateComment(Integer commentId, CmdCommentDTO comment) throws NotAuthorizedException;
-    void deleteComment(Integer commentId, Long userId, boolean isAdmin) throws NotAuthorizedException;
+    CmdCommentDTO addComment(CmdCommentDTO comment) throws NotLoginException;
+    CmdCommentDTO updateComment(Integer commentId, CmdCommentDTO comment) throws NotAuthorizedException, NotLoginException;
+
+    void deleteComment(Integer commentId) throws NotAuthorizedException, NotLoginException;
 }

src/main/java/org/triumers/kmsback/comment/command/Application/service/CommentServiceImpl.java

@@ -2,37 +2,52 @@
 
 
 
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.triumers.kmsback.comment.command.Application.dto.CmdCommentDTO;
 import org.triumers.kmsback.comment.command.Domain.aggregate.entity.CmdComment;
 import org.triumers.kmsback.comment.command.Domain.repository.CommentRepository;
 import org.triumers.kmsback.common.exception.NotAuthorizedException;
+import org.triumers.kmsback.common.exception.NotLoginException;
+import org.triumers.kmsback.user.command.Application.service.AuthService;
+import org.triumers.kmsback.user.command.domain.aggregate.entity.Employee;
+import org.triumers.kmsback.user.command.domain.aggregate.enums.UserRole;
+
+import java.time.LocalDateTime;
 
 
 @Service
 public class CommentServiceImpl implements CommentService {
 
-    @Autowired
-    private CommentRepository commentRepository;
+    private final CommentRepository commentRepository;
+    private final AuthService authService;
+
+    public CommentServiceImpl(CommentRepository commentRepository, AuthService authService) {
+        this.commentRepository = commentRepository;
+        this.authService = authService;
+    }
 
     @Override
-    public CmdCommentDTO addComment(CmdCommentDTO comment) {
+    public CmdCommentDTO addComment(CmdCommentDTO comment) throws NotLoginException {
+
+        Employee currentUser = getCurrentUser();
         CmdComment cmdComment = new CmdComment();
         cmdComment.setContent(comment.getContent());
-        cmdComment.setAuthorId(comment.getAuthorId());
+        cmdComment.setAuthorId((long) currentUser.getId());
         cmdComment.setPostId(comment.getPostId());
-        cmdComment.setCreatedAt(comment.getCreatedAt());
-        cmdComment.setDeletedAt(comment.getDeletedAt());
+        cmdComment.setCreatedAt(LocalDateTime.now());
         commentRepository.save(cmdComment);
         return comment;
     }
 
     @Override
-    public CmdCommentDTO updateComment(Integer commentId, CmdCommentDTO comment) throws NotAuthorizedException {
+    public CmdCommentDTO updateComment(Integer commentId, CmdCommentDTO comment) throws NotAuthorizedException, NotLoginException {
         CmdComment existingComment = commentRepository.findById(commentId)
                 .orElseThrow(() -> new IllegalArgumentException("Comment not found"));
-        if (!existingComment.getAuthorId().equals(comment.getAuthorId())) {
+
+        Employee currentUser = getCurrentUser();
+
+        if (existingComment.getAuthorId() != currentUser.getId() && currentUser.getUserRole() != UserRole.ROLE_ADMIN
+                && currentUser.getUserRole() != UserRole.ROLE_HR_MANAGER) {
             throw new NotAuthorizedException();
         }
         existingComment.setContent(comment.getContent());
@@ -41,12 +56,22 @@ public CmdCommentDTO updateComment(Integer commentId, CmdCommentDTO comment) thr
     }
 
     @Override
-    public void deleteComment(Integer commentId, Long userId, boolean isAdmin) throws NotAuthorizedException {
+    public void deleteComment(Integer commentId) throws NotAuthorizedException, NotLoginException {
         CmdComment comment = commentRepository.findById(commentId)
                 .orElseThrow(() -> new IllegalArgumentException("Comment not found"));
-        if (!comment.getAuthorId().equals(userId) && !isAdmin) {
+
+        Employee currentUser = getCurrentUser();
+
+        if (comment.getAuthorId() != currentUser.getId() && currentUser.getUserRole() != UserRole.ROLE_ADMIN
+                && currentUser.getUserRole() != UserRole.ROLE_HR_MANAGER) {
             throw new NotAuthorizedException();
         }
         commentRepository.delete(comment);
     }
+
+
+    private Employee getCurrentUser() throws NotLoginException {
+
+        return authService.whoAmI();
+    }
 }

src/main/java/org/triumers/kmsback/comment/command/Domain/aggregate/entity/CmdComment.java

@@ -2,6 +2,8 @@
 
 import jakarta.persistence.*;
 import lombok.*;
+import org.hibernate.annotations.SQLDelete;
+import org.hibernate.annotations.Where;
 import org.triumers.kmsback.post.command.domain.aggregate.entity.CmdPost;
 import org.triumers.kmsback.user.command.domain.aggregate.entity.Employee;
 
@@ -13,6 +15,8 @@
 @NoArgsConstructor
 @AllArgsConstructor
 @ToString
+@SQLDelete(sql = "UPDATE tbl_comment SET deleted_at = CURRENT_TIMESTAMP WHERE ID = ?")
+@Where(clause = "deleted_at IS NULL")
 @Table(name = "tbl_comment")
 public class CmdComment {
 

src/main/java/org/triumers/kmsback/comment/command/Domain/repository/CommentRepository.java

@@ -7,4 +7,6 @@
 
 
 public interface CommentRepository extends JpaRepository<CmdComment, Integer> {
+
+    CmdComment findById(int id);
 }

src/main/resources/org/triumers/kmsback/comment/query/repository/CommentMapper.xml

@@ -10,13 +10,15 @@
         FROM tbl_comment c
                  JOIN tbl_employee e ON c.AUTHOR_ID = e.ID
         WHERE c.POST_ID = #{postId}
+          AND c.DELETED_AT IS NULL
         ORDER BY c.CREATED_AT ASC
     </select>
 
     <select id="selectCommentsByUserId" parameterType="long" resultType="org.triumers.kmsback.comment.query.aggregate.entity.QryComment">
         SELECT c.ID, c.POST_ID, c.CONTENT, c.CREATED_AT
         FROM tbl_comment c
         WHERE c.AUTHOR_ID = #{userId}
+          AND c.DELETED_AT IS NULL
         ORDER BY c.CREATED_AT ASC
     </select>