[#108] Article에서 userid를 username으로 변경

Principal을 사용해서 user 검증

Author: harrisleesh

community-backend/app/app-monolith/src/main/java/org/kiworkshop/community/article/api/ArticleController.java

@@ -7,6 +7,8 @@
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 
+import java.security.Principal;
+
 @RestController
 @RequestMapping("/article")
 @RequiredArgsConstructor
@@ -19,19 +21,19 @@ public ResponseEntity<ArticleResponseDto> read(@PathVariable Long id) {
     }
 
     @PostMapping
-    public ResponseEntity<Long> create(@RequestBody ArticleRequestDto articleRequestDto) {
-        return ResponseEntity.ok(articleService.create(articleRequestDto));
+    public ResponseEntity<Long> create(@RequestBody ArticleRequestDto articleRequestDto, Principal principal) {
+        return ResponseEntity.ok(articleService.create(articleRequestDto, principal));
     }
 
     @DeleteMapping("/{id}")
-    public ResponseEntity<Void> delete(@PathVariable Long id) {
-        articleService.delete(id);
+    public ResponseEntity<Void> delete(@PathVariable Long id, Principal principal) {
+        articleService.delete(id, principal);
         return ResponseEntity.ok().build();
     }
 
     @PutMapping("/{id}")
-    public ResponseEntity<Void> update(@PathVariable Long id, @RequestBody ArticleRequestDto articleRequestDto) {
-        articleService.update(id, articleRequestDto);
+    public ResponseEntity<Void> update(@PathVariable Long id, @RequestBody ArticleRequestDto articleRequestDto, Principal principal) {
+        articleService.update(id, articleRequestDto, principal);
         return ResponseEntity.ok().build();
     }
 }

community-backend/app/app-monolith/src/main/java/org/kiworkshop/community/article/api/dto/ArticleRequestDto.java

@@ -9,19 +9,19 @@
 @NoArgsConstructor
 public class ArticleRequestDto {
     private String title;
+    private String content;
 
     @Builder
     public ArticleRequestDto(String title, String content) {
         this.title = title;
         this.content = content;
     }
 
-    private String content;
-
-    public Article toEntity() {
+    public Article toEntity(String username) {
         return Article.builder()
                 .title(title)
                 .content(content)
+                .username(username)
                 .build();
     }
 }

community-backend/app/app-monolith/src/main/java/org/kiworkshop/community/article/entity/Article.java

@@ -3,25 +3,39 @@
 import lombok.Builder;
 import lombok.Getter;
 import org.kiworkshop.community.common.domain.BaseEntity;
+import org.springframework.util.Assert;
 
+import javax.persistence.Column;
 import javax.persistence.Entity;
 
 @Entity
 @Getter
 public class Article extends BaseEntity {
+    @Column(nullable = false)
     private String title;
+    @Column(nullable = false)
     private String content;
-    private Long userId;
+    @Column(nullable = false)
+    private String username;
 
     @Builder
-    public Article(String title, String content, Long userId) {
+    private Article(String title, String content, String username) {
+        Assert.hasLength(title, "title must have length.");
+        Assert.hasLength(content, "content must have length.");
+        Assert.hasLength(username, "username must have length.");
         this.title = title;
         this.content = content;
-        this.userId = userId;
+        this.username = username;
     }
 
     public void update(Article article) {
+        // TODO: 20. 8. 31. Error Code 가 400이 되어야 할지? 403이 되어야 할지 고민
+        Assert.isTrue(this.username.equals(article.username), "unauthorized username");
         this.title = article.title;
         this.content = article.content;
     }
+
+    public boolean isAuthor(String name) {
+        return this.username.equals(name);
+    }
 }

community-backend/app/app-monolith/src/main/java/org/kiworkshop/community/article/service/ArticleService.java

@@ -8,13 +8,15 @@
 import org.kiworkshop.community.article.exception.ArticleException;
 import org.springframework.stereotype.Service;
 
+import java.security.Principal;
+
 @Service
 @RequiredArgsConstructor
 public class ArticleService {
     private final ArticleRepository articleRepository;
 
-    public Long create(ArticleRequestDto articleRequestDto) {
-        Article article = articleRepository.save(articleRequestDto.toEntity());
+    public Long create(ArticleRequestDto articleRequestDto, Principal principal) {
+        Article article = articleRepository.save(articleRequestDto.toEntity(principal.getName()));
         return article.getId();
     }
 
@@ -23,13 +25,18 @@ public ArticleResponseDto read(Long id) {
         return ArticleResponseDto.from(article);
     }
 
-    public void update(Long id, ArticleRequestDto articleRequestDto) {
+    public void update(Long id, ArticleRequestDto articleRequestDto, Principal principal) {
         Article article = findById(id);
-        article.update(articleRequestDto.toEntity());
+        article.update(articleRequestDto.toEntity(principal.getName()));
     }
 
-    public void delete(Long id) {
-        articleRepository.deleteById(id);
+    public void delete(Long id, Principal principal) {
+        Article article = findById(id);
+        // TODO: 20. 8. 31. soft delete를 할지? hard delete를 할지 고민
+        if (!article.isAuthor(principal.getName())) {
+            throw new IllegalArgumentException("unauthorized user");
+        }
+        articleRepository.delete(article);
     }
 
     private Article findById(Long id) {

community-backend/app/app-monolith/src/test/java/org/kiworkshop/community/article/entity/ArticleTest.java

@@ -6,7 +6,7 @@
 
 public class ArticleTest {
     public static Article createArticleTestFixture() {
-        Article article = Article.builder().title("title").content("content").build();
+        Article article = Article.builder().title("title").content("content").username("username").build();
         ReflectionTestUtils.setField(article, "id", 1L);
         ReflectionTestUtils.setField(article, "updatedAt", ZonedDateTime.now());
         ReflectionTestUtils.setField(article, "createdAt", ZonedDateTime.now());

community-backend/app/app-monolith/src/test/java/org/kiworkshop/community/article/service/ArticleServiceTest.java

@@ -11,6 +11,7 @@
 import org.mockito.Mock;
 import org.mockito.junit.jupiter.MockitoExtension;
 
+import java.security.Principal;
 import java.util.Optional;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -26,6 +27,8 @@ class ArticleServiceTest {
     private ArticleService articleService;
     @Mock
     private ArticleRepository articleRepository;
+    @Mock
+    private Principal principal;
 
     @BeforeEach
     void setUp() {
@@ -38,11 +41,13 @@ void create() {
         ArticleRequestDto articleRequestDto = ArticleRequestDto.builder().title("title").content("content").build();
         Article article = createArticleTestFixture();
         given(articleRepository.save(any(Article.class))).willReturn(article);
+        given(principal.getName()).willReturn("username");
         //when
-        Long id = articleService.create(articleRequestDto);
+        Long id = articleService.create(articleRequestDto, principal);
         //then
         assertThat(id).isNotNull();
         then(articleRepository).should().save(any(Article.class));
+        then(principal).should().getName();
     }
 
     @Test
@@ -64,18 +69,47 @@ void update() {
         ArticleRequestDto articleRequestDto = ArticleRequestDto.builder().title("title1").content("content1").build();
         Article article = createArticleTestFixture();
         given(articleRepository.findById(anyLong())).willReturn(Optional.of(article));
+        given(principal.getName()).willReturn("username");
         //when
-        articleService.update(1L, articleRequestDto);
+        articleService.update(1L, articleRequestDto, principal);
         //then
         then(articleRepository).should().findById(anyLong());
     }
 
+    @Test
+    void update_throw_exception() {
+        //given
+        ArticleRequestDto articleRequestDto = ArticleRequestDto.builder().title("title1").content("content1").build();
+        Article article = createArticleTestFixture();
+        given(articleRepository.findById(anyLong())).willReturn(Optional.of(article));
+        given(principal.getName()).willReturn("username1");
+        //when & then
+        assertThrows(IllegalArgumentException.class, () -> articleService.update(1L, articleRequestDto, principal));
+        then(articleRepository).should().findById(anyLong());
+    }
+
     @Test
     void delete() {
+        //given
+        Article article = createArticleTestFixture();
+        given(articleRepository.findById(anyLong())).willReturn(Optional.of(article));
+        given(principal.getName()).willReturn("username");
         //when
-        articleService.delete(1L);
+        articleService.delete(1L, principal);
         //then
-        then(articleRepository).should().deleteById(anyLong());
+        then(articleRepository).should().findById(anyLong());
+        then(articleRepository).should().delete(article);
+    }
+
+    @Test
+    void delete_throw_exception() {
+        //given
+        Article article = createArticleTestFixture();
+        given(articleRepository.findById(anyLong())).willReturn(Optional.of(article));
+        given(principal.getName()).willReturn("username1");
+        //when
+        assertThrows(IllegalArgumentException.class, () -> articleService.delete(1L, principal));
+        then(articleRepository).should().findById(anyLong());
     }
 
     @Test
@@ -84,6 +118,6 @@ void findByIdThrowsException() {
         ArticleRequestDto articleRequestDto = ArticleRequestDto.builder().title("title1").content("content1").build();
         //when & then
         assertThrows(ArticleException.class, () -> articleService.read(1L));
-        assertThrows(ArticleException.class, () -> articleService.update(1L, articleRequestDto));
+        assertThrows(ArticleException.class, () -> articleService.update(1L, articleRequestDto, principal));
     }
 }