f-lab-edu · yyy9942 · Jan 16, 2020 · Jan 12, 2020 · Jan 14, 2020 · f-lab-dev
diff --git a/src/main/java/com/delfood/aop/AuthCheckAspect.java b/src/main/java/com/delfood/aop/AuthCheckAspect.java
@@ -1,9 +1,16 @@
 package com.delfood.aop;
 
+import java.lang.reflect.Method;
+import java.lang.reflect.Parameter;
+import java.util.Objects;
 import javax.servlet.http.HttpSession;
+import org.apache.commons.codec.binary.StringUtils;
 import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.codehaus.commons.compiler.util.StringUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Component;
@@ -27,9 +34,8 @@ public class AuthCheckAspect {
    * 로그인되어있지 않을 시 해당 메서드 로직을 중지시킨 후 리턴한다.
    * @OwnerLoginCheck 해당 어노테이션이 적용된 메서드를 검사한다.
    * @author jun
-   * @param pjp
-   * @return 로그인시 SUCCESS, 비로그인시 NO_LOGIN
-   * @throws Throwable
+   * @param jp 조인포인트
+   * @throws Throwable 발생 가능한 예외
    */
   @Before("@annotation(com.delfood.aop.OwnerLoginCheck)")
   public void ownerLoginCheck(JoinPoint jp) throws Throwable {
@@ -49,25 +55,46 @@ public void ownerLoginCheck(JoinPoint jp) throws Throwable {
    * 세션에서 사장님 로그인을 체크 한다.
    * 그 후 입력받은 파라미터 값 중 매장 id를 검색하여 해당 매장이 접속한 사장님의 것인지 검사한다.
    * @author jun
-   * @param pjp
-   * @return 비로그인시 NO_LOGIN, 해당 매장의 사장이 아닐 시 UNAUTHORIZED, 권한이 있을 시 SUCCESS
-   * @throws Throwable
+   * @param jp 조인포인트
+   * @throws Throwable 발새 가능한 예외
    */
-  @Before("@annotation(com.delfood.aop.OwnerShopCheck)")
-  public void ownerShopCheck(JoinPoint jp) throws Throwable {
+  @Before("@annotation(com.delfood.aop.OwnerShopCheck) && @annotation(ownerShopCheck)")
+  public void ownerShopCheck(JoinPoint jp, OwnerShopCheck ownerShopCheck) throws Throwable {
     log.debug("AOP - Owner Shop Check Started");
 
 
-    HttpSession session = ((ServletRequestAttributes)(RequestContextHolder.currentRequestAttributes())).getRequest().getSession();
+    HttpSession session =
+        ((ServletRequestAttributes) (RequestContextHolder.currentRequestAttributes())).getRequest()
+            .getSession();
     String ownerId = SessionUtil.getLoginOwnerId(session);
-    
-    if(ownerId == null) {
+
+    if (ownerId == null) {
       log.debug("AOP - Owner Shop Check Result - NO_LOGIN");
       throw new HttpStatusCodeException(HttpStatus.UNAUTHORIZED, "NO_LOGIN") {};
     }
 
     Object[] args = jp.getArgs();
-    Long shopId = (Long) args[0];
+
+    // 메소드 파라미터 추출
+    MethodSignature signature = (MethodSignature) jp.getSignature();
+    Method method = signature.getMethod();
+    Parameter[] parameters = method.getParameters();
+
+    Long shopId = null;
+
+    // 파라미터의 이름과 어노테이션의 value를 비교하여 검사
+    for (int i = 0; i < parameters.length; i++) {
+      String parameterName = parameters[i].getName();
+      if (StringUtils.equals(ownerShopCheck.value(), parameterName)) {
+        shopId = (Long) args[i];
+      }
+    }
+
+    // 어노테이션 value로 설정된 값과 같은 변수 이름이 없을 경우 예외처리
+    if (Objects.isNull(shopId)) {
+      throw new IllegalArgumentException("OwnerShopCheck 어노테이션 설정이 잘못되었습니다. value와 변수 명을 일치시켜주세요.");
+    }
+
 
     if (!shopService.isShopOwner(shopId, ownerId)) {
       log.debug("AOP - Owner Shop Check Result - UNAUTHORIZED");
@@ -78,9 +105,8 @@ public void ownerShopCheck(JoinPoint jp) throws Throwable {
   /**
    * 고객의 로그인을 체크한다.
    * @author jun
-   * @param pjp
-   * @return
-   * @throws Throwable
+   * @param jp 조인포인튼
+   * @throws Throwable 발생 가능한 예외
    */
   @Before("@annotation(com.delfood.aop.MemberLoginCheck)")
   public void memberLoginCheck(JoinPoint jp) throws Throwable {
@@ -93,4 +119,54 @@ public void memberLoginCheck(JoinPoint jp) throws Throwable {
       throw new HttpStatusCodeException(HttpStatus.UNAUTHORIZED, "NO_LOGIN") {};
     }
   }
+
+  /**
+   * 라이더 로그인을 체크한다.
+   * @author jun
+   * @param jp 조인포인트
+   * @throws Throwable 발생 가능한 예외 설정
+   */
+  @Before("@annotation(com.delfood.aop.RiderLoginCheck)")
+  public void riderLoginCheck(JoinPoint jp) throws Throwable {
+    log.debug("AOP - Rider Login Check Started");
+
+    HttpSession session =
+        ((ServletRequestAttributes) (RequestContextHolder.currentRequestAttributes())).getRequest()
+            .getSession();
+    String riderId = SessionUtil.getLoginRiderId(session);
+
+    if (Objects.isNull(riderId)) {
+      throw new HttpStatusCodeException(HttpStatus.UNAUTHORIZED, "RIDER_NO_LOGIN") {};
+    }
+  }
+
+  /**
+   * 공통 로그인 체크 AOP.
+   * 고객, 사장님, 라이더의 로그인 체크 기능을 하나로 모아두었다.
+   * @param jp 조인포인트
+   * @throws Throwable 발생 가능한 예외
+   */
+  @Before("@annotation(com.delfood.aop.LoginCheck) && @ annotation(loginCheck)")
+  public void loginCheck(JoinPoint jp, LoginCheck loginCheck) throws Throwable {
+    log.debug("AOP - Login Check Started");
+
+    HttpSession session =
+        ((ServletRequestAttributes) (RequestContextHolder.currentRequestAttributes())).getRequest()
+            .getSession();
+
+    if (LoginCheck.UserType.MEMBER.equals(loginCheck.type())) {
+      memberLoginCheck(jp);
+    }
+
+    if (LoginCheck.UserType.OWNER.equals(loginCheck.type())) {
+      ownerLoginCheck(jp);
+    }
+
+    if (LoginCheck.UserType.RIDER.equals(loginCheck.type())) {
+      riderLoginCheck(jp);
+    }
+
+
+  }
+
 }
diff --git a/src/main/java/com/delfood/aop/LoginCheck.java b/src/main/java/com/delfood/aop/LoginCheck.java
@@ -0,0 +1,28 @@
+package com.delfood.aop;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 로그인의 상태를 확인한다. 
+ * 회원, 사장님, 라이더의 로그인 상태를 확인하여 로그인 되지 않았다면 예외를 발생시킨다.
+ * @author jun
+ *
+ */
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.METHOD)
+public @interface LoginCheck {
+
+  /**
+   * 로그인을 체크하고 싶은 유저의 로그인 타입.
+   * 회원(MEMBER), 사장님(OWNER), 라이더(RIDER)중 선택할 수 있다.
+   * @return
+   */
+  UserType type();
+
+  public static enum UserType {
+    MEMBER, OWNER, RIDER
+  }
+}
diff --git a/src/main/java/com/delfood/aop/OwnerShopCheck.java b/src/main/java/com/delfood/aop/OwnerShopCheck.java
@@ -1,15 +1,22 @@
 package com.delfood.aop;
 
 import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;
 
 /**
- * <b>매장 id가 첫 번째 파라미터로 와야한다.</b>
+ * <b>매장 id를 파라미터로 주어야 한다.</b>
  * 접속한 사장님이 해당 매장의 주인인지 확인한다.
  * @author yyy99
  *
  */
 @Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
 public @interface OwnerShopCheck {
-
+  /**
+   * 해당 변수의 이름.
+   * @return
+   */
+  String value();
 }
diff --git a/src/main/java/com/delfood/aop/RiderLoginCheck.java b/src/main/java/com/delfood/aop/RiderLoginCheck.java
@@ -0,0 +1,9 @@
+package com.delfood.aop;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Target;
+
+@Target(ElementType.METHOD)
+public @interface RiderLoginCheck {
+
+}
diff --git a/src/main/java/com/delfood/controller/CartControllelr.java b/src/main/java/com/delfood/controller/CartControllelr.java
@@ -1,5 +1,7 @@
 package com.delfood.controller;
 
+import com.delfood.aop.LoginCheck;
+import com.delfood.aop.LoginCheck.UserType;
 import com.delfood.aop.MemberLoginCheck;
 import com.delfood.dto.ItemDTO;
 import com.delfood.service.CartService;
@@ -23,31 +25,31 @@ public class CartControllelr {
   private CartService cartService;
 
   @PostMapping("/members/cart/menus")
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public void addMenu(@RequestBody ItemDTO item, HttpSession session) {
     cartService.addOrdersItem(item, SessionUtil.getLoginMemberId(session));
   }
 
   @GetMapping("/members/cart/menus")
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public List<ItemDTO> getCart(HttpSession session) {
     return cartService.getItems(SessionUtil.getLoginMemberId(session));
   }
 
   @DeleteMapping("/members/cart/menus")
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public void clearCart(HttpSession session) {
     cartService.claer(SessionUtil.getLoginMemberId(session));
   }
 
   @DeleteMapping("/members/cart/menus/{index}")
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public void deleteCartMenu(HttpSession session, @PathVariable long index) {
     cartService.deleteCartMenu(SessionUtil.getLoginMemberId(session), index);
   }
 
   @GetMapping("/members/cart/price")
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public CartPriceResponse cartPrice(HttpSession session) {
     String memberId = SessionUtil.getLoginMemberId(session);
     return new CartPriceResponse(cartService.getItems(memberId), cartService.allPrice(memberId));

diff --git a/src/main/java/com/delfood/controller/CouponIssueController.java b/src/main/java/com/delfood/controller/CouponIssueController.java
@@ -1,5 +1,7 @@
 package com.delfood.controller;
 
+import com.delfood.aop.LoginCheck;
+import com.delfood.aop.LoginCheck.UserType;
 import com.delfood.aop.MemberLoginCheck;
 import com.delfood.dto.CouponIssueDTO;
 import com.delfood.service.CouponIssueService;
@@ -31,7 +33,7 @@ public class CouponIssueController {
    */
   @PostMapping
   @ResponseStatus(HttpStatus.CREATED)
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public void addCouponIssue(HttpSession session, @RequestBody Long couponId) {
 
     couponIssueService.createCouponIssue(SessionUtil.getLoginMemberId(session), couponId);
@@ -43,7 +45,7 @@ public void addCouponIssue(HttpSession session, @RequestBody Long couponId) {
    * @return
    */
   @GetMapping
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public List<CouponIssueDTO> getCouponIssues(HttpSession session) {
     return couponIssueService.getCouponIssues(SessionUtil.getLoginMemberId(session));
   }

diff --git a/src/main/java/com/delfood/controller/LocationController.java b/src/main/java/com/delfood/controller/LocationController.java
@@ -43,7 +43,7 @@ public class LocationController {
    * @return
    */
   @PostMapping("deliveries/{shopId}/possibles")
-  @OwnerShopCheck
+  @OwnerShopCheck("shopId")
   @ResponseStatus(HttpStatus.CREATED)
   public void addDeliveryLocation(
       @PathVariable(name = "shopId") Long shopId,
@@ -60,7 +60,7 @@ public void addDeliveryLocation(
    * @return
    */
   @GetMapping("deliveries/{shopId}/possibles")
-  @OwnerShopCheck
+  @OwnerShopCheck("shopId")
   public List<DeliveryLocationDTO> getDeliveryLocations(
       @PathVariable(name = "shopId") Long shopId) {
     return shopService.getDeliveryLocations(shopId);
@@ -76,7 +76,7 @@ public List<DeliveryLocationDTO> getDeliveryLocations(
    * @return
    */
   @DeleteMapping("deliveries/{shopId}/possibles/{deliveryLocationId}")
-  @OwnerShopCheck
+  @OwnerShopCheck("shopId")
   public void deleteDeliveryLocation(
       @PathVariable(value = "shopId") Long shopId,
       @PathVariable(value = "deliveryLocationId") Long deliveryLocationId,

diff --git a/src/main/java/com/delfood/controller/MemberController.java b/src/main/java/com/delfood/controller/MemberController.java
@@ -1,5 +1,7 @@
 package com.delfood.controller;
 
+import com.delfood.aop.LoginCheck;
+import com.delfood.aop.LoginCheck.UserType;
 import com.delfood.aop.MemberLoginCheck;
 import com.delfood.dto.MemberDTO;
 import com.delfood.error.exception.DuplicateIdException;
@@ -69,7 +71,7 @@ public class MemberController {
    * @return MemberDTO
    */
   @GetMapping("myInfo")
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public MemberInfoResponse memberInfo(HttpSession session) {
     String id = SessionUtil.getLoginMemberId(session);
     MemberDTO memberInfo = memberService.getMemberInfo(id);
@@ -149,7 +151,7 @@ public ResponseEntity<LoginResponse> login(@RequestBody @NonNull MemberLoginRequ
    * @return 로그인 하지 않았을 시 401코드를 반환하고 result:NO_LOGIN 반환 로그아웃 성공시 200 코드를 반환
    */
   @GetMapping("logout")
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public void logout(HttpSession session) {
     SessionUtil.logoutMember(session);
   }
@@ -162,7 +164,7 @@ public void logout(HttpSession session) {
    * @return
    */
   @PatchMapping("password")
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public void updateMemberInfo(HttpSession session,
       @RequestBody @NotNull UpdateMemberPasswordRequest passwordRequest) {
     String passwordBeforeChange = passwordRequest.getPasswordBeforeChange();
@@ -183,7 +185,7 @@ public void updateMemberInfo(HttpSession session,
    * @return
    */
   @DeleteMapping("myInfo")
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public void deleteMemberInfo(HttpSession session) {
     String id = SessionUtil.getLoginMemberId(session);
     memberService.deleteMember(id);
@@ -198,7 +200,7 @@ public void deleteMemberInfo(HttpSession session) {
    * @param session 현재 로그인한 고객의 세션
    */
   @PatchMapping("address")
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public ResponseEntity<UpdateMemberAddressResponse> updateMemberAddress(
       @RequestBody @NotNull UpdateMemberAddressRequest memberInfo, HttpSession session) {
     ResponseEntity<UpdateMemberAddressResponse> responseEntity = null;
@@ -225,7 +227,7 @@ public ResponseEntity<UpdateMemberAddressResponse> updateMemberAddress(
   }
 
   @PostMapping("token")
-  @MemberLoginCheck
+  @LoginCheck(type = UserType.MEMBER)
   public void addToken(HttpSession session, String token) {
     String memberId = SessionUtil.getLoginMemberId(session);
     pushService.addMemberToken(memberId, token);