Merge pull request #286 from CSE-Shaco/develop

 refactor/recruit-member-and-recruit-core-repository-cleanup

Author: CSE-Shaco

database_schema.sql

@@ -19,6 +19,9 @@ CREATE TABLE IF NOT EXISTS users (
     created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
     updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
 );
+CREATE INDEX IF NOT EXISTS idx_users_student_id ON users(student_id);
+CREATE INDEX IF NOT EXISTS idx_users_phone_number ON users(phone_number);
+CREATE INDEX IF NOT EXISTS idx_users_email_lower ON users((lower(email)));
 
 -- 2. 리크루팅 멤버 (recruit_member)
 CREATE TABLE IF NOT EXISTS recruit_member (
@@ -33,12 +36,14 @@ CREATE TABLE IF NOT EXISTS recruit_member (
     gender VARCHAR(20) NOT NULL,
     birth DATE NOT NULL,
     major VARCHAR(255) NOT NULL,
-    double_major VARCHAR(255),
     is_payed BOOLEAN NOT NULL DEFAULT FALSE,
     admission_semester VARCHAR(10) NOT NULL,
     created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
     updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
 );
+CREATE INDEX IF NOT EXISTS idx_recruit_member_email_lower ON recruit_member((lower(email)));
+CREATE INDEX IF NOT EXISTS idx_recruit_member_created_at ON recruit_member(created_at DESC);
+CREATE INDEX IF NOT EXISTS idx_recruit_member_name_lower ON recruit_member((lower(name)));
 
 -- 3. 답변 (answer) - recruit_member와 1:N
 CREATE TABLE IF NOT EXISTS answer (
@@ -50,6 +55,8 @@ CREATE TABLE IF NOT EXISTS answer (
     created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
     updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
 );
+CREATE INDEX IF NOT EXISTS idx_answer_recruit_member_survey_type
+    ON answer(recruit_member, survey_type);
 
 -- 4. 코어 멤버 지원 (core_recruit_applications)
 CREATE TABLE IF NOT EXISTS core_recruit_applications (
@@ -74,6 +81,10 @@ CREATE TABLE IF NOT EXISTS core_recruit_applications (
     created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP,
     updated_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
 );
+CREATE INDEX IF NOT EXISTS idx_core_recruit_user_session
+    ON core_recruit_applications(user_id, session);
+CREATE INDEX IF NOT EXISTS idx_core_recruit_session_status_team_created
+    ON core_recruit_applications(session, result_status, team, created_at DESC);
 
 -- 5. 스터디 (study)
 CREATE TABLE IF NOT EXISTS study (

src/main/java/inha/gdgoc/domain/auth/controller/AuthController.java

@@ -1,40 +1,32 @@
 package inha.gdgoc.domain.auth.controller;
 
+import static inha.gdgoc.domain.auth.controller.message.AuthMessage.*;
+
+import inha.gdgoc.domain.auth.dto.request.CheckPhoneNumberRequest;
+import inha.gdgoc.domain.auth.dto.request.CheckStudentIdRequest;
 import inha.gdgoc.domain.auth.dto.request.LoginRequest;
 import inha.gdgoc.domain.auth.dto.request.SignupRequest;
 import inha.gdgoc.domain.auth.dto.request.TokenRefreshRequest;
 import inha.gdgoc.domain.auth.dto.response.AccessTokenResponse;
 import inha.gdgoc.domain.auth.dto.response.AuthUserResponse;
 import inha.gdgoc.domain.auth.dto.response.CheckPhoneNumberResponse;
 import inha.gdgoc.domain.auth.dto.response.CheckStudentIdResponse;
-import inha.gdgoc.domain.auth.dto.response.LoginSuccessResponse;
 import inha.gdgoc.domain.auth.exception.AuthErrorCode;
 import inha.gdgoc.domain.auth.exception.AuthException;
 import inha.gdgoc.domain.auth.service.AuthService;
 import inha.gdgoc.domain.user.enums.TeamType;
 import inha.gdgoc.domain.user.enums.UserRole;
-import inha.gdgoc.global.config.jwt.JwtProperties;
 import inha.gdgoc.global.config.jwt.TokenProvider;
 import inha.gdgoc.global.dto.response.ApiResponse;
 import inha.gdgoc.global.exception.GlobalErrorCode;
-import inha.gdgoc.global.security.AccessGuard;
 import jakarta.validation.Valid;
-import jakarta.validation.constraints.NotBlank;
-import jakarta.validation.constraints.Pattern;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
-import org.springframework.http.ResponseCookie;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
-import org.springframework.web.bind.annotation.*;
 import org.springframework.util.StringUtils;
-
-import java.time.Duration;
-
-import static inha.gdgoc.domain.auth.controller.message.AuthMessage.*;
+import org.springframework.web.bind.annotation.*;
 
 @Slf4j
 @RequestMapping("/api/v1/auth")
@@ -43,8 +35,6 @@
 public class AuthController {
 
     private final AuthService authService;
-    private final AccessGuard accessGuard;
-    private final JwtProperties jwtProperties;
 
     // 1. 구글 로그인 (ID Token 검증)
     @PostMapping("/login")
@@ -70,25 +60,19 @@ public ResponseEntity<?> signup(@Valid @RequestBody SignupRequest request) {
         }
     }
 
-    @GetMapping("/check/student-id")
+    @PostMapping("/check/student-id")
     public ResponseEntity<ApiResponse<CheckStudentIdResponse, Void>> duplicatedStudentIdDetails(
-            @RequestParam
-            @NotBlank(message = "학번은 필수 입력 값입니다.")
-            @Pattern(regexp = "^12[0-9]{6}$", message = "유효하지 않은 학번 값입니다.")
-            String studentId
+            @Valid @RequestBody CheckStudentIdRequest request
     ) {
-        CheckStudentIdResponse response = authService.isRegisteredStudentId(studentId);
+        CheckStudentIdResponse response = authService.isRegisteredStudentId(request.getStudentId());
         return ResponseEntity.ok(ApiResponse.ok(STUDENT_ID_DUPLICATION_CHECK_SUCCESS, response));
     }
 
-    @GetMapping("/check/phone-number")
+    @PostMapping("/check/phone-number")
     public ResponseEntity<ApiResponse<CheckPhoneNumberResponse, Void>> duplicatedPhoneNumberDetails(
-            @RequestParam
-            @NotBlank(message = "전화번호는 필수 입력 값입니다.")
-            @Pattern(regexp = "^010-?\\d{4}-?\\d{4}$", message = "전화번호 형식은 010-XXXX-XXXX 또는 010XXXXXXXX 이어야 합니다.")
-            String phoneNumber
+            @Valid @RequestBody CheckPhoneNumberRequest request
     ) {
-        CheckPhoneNumberResponse response = authService.isRegisteredPhoneNumber(phoneNumber);
+        CheckPhoneNumberResponse response = authService.isRegisteredPhoneNumber(request.getPhoneNumber());
         return ResponseEntity.ok(ApiResponse.ok(PHONE_NUMBER_DUPLICATION_CHECK_SUCCESS, response));
     }
 
@@ -135,16 +119,7 @@ public ResponseEntity<?> logout(@RequestBody(required = false) TokenRefreshReque
                             null
                     ));
         }
-
-        var conditions = new java.util.ArrayList<AccessGuard.AccessCondition>();
-        conditions.add(AccessGuard.AccessCondition.atLeast(role));
-
-        if (requiredTeam != null) {
-            conditions.add(AccessGuard.AccessCondition.atLeast(UserRole.ORGANIZER));
-            conditions.add(AccessGuard.AccessCondition.of(UserRole.GUEST, requiredTeam));
-        }
-
-        if (accessGuard.check(me, conditions.toArray(AccessGuard.AccessCondition[]::new))) {
+        if (authService.hasRequiredAccess(me, role, requiredTeam)) {
             return ResponseEntity.ok(ApiResponse.ok("ROLE_OR_TEAM_CHECK_PASSED", null));
         }
 
@@ -154,5 +129,5 @@ public ResponseEntity<?> logout(@RequestBody(required = false) TokenRefreshReque
                         GlobalErrorCode.FORBIDDEN_USER.getMessage(),
                         null
                 ));
-}
+    }
 }

src/main/java/inha/gdgoc/domain/auth/dto/request/CheckPhoneNumberRequest.java

@@ -0,0 +1,15 @@
+package inha.gdgoc.domain.auth.dto.request;
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Pattern;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class CheckPhoneNumberRequest {
+
+    @NotBlank(message = "전화번호는 필수 입력 값입니다.")
+    @Pattern(regexp = "^010-?\\d{4}-?\\d{4}$", message = "전화번호 형식은 010-XXXX-XXXX 또는 010XXXXXXXX 이어야 합니다.")
+    private String phoneNumber;
+}

src/main/java/inha/gdgoc/domain/auth/dto/request/CheckStudentIdRequest.java

@@ -0,0 +1,15 @@
+package inha.gdgoc.domain.auth.dto.request;
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Pattern;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class CheckStudentIdRequest {
+
+    @NotBlank(message = "학번은 필수 입력 값입니다.")
+    @Pattern(regexp = "^12[0-9]{6}$", message = "유효하지 않은 학번 값입니다.")
+    private String studentId;
+}

src/main/java/inha/gdgoc/domain/auth/service/AuthService.java

@@ -13,8 +13,12 @@
 import inha.gdgoc.domain.auth.dto.response.SignupNeededResponse;
 import inha.gdgoc.domain.auth.dto.response.TokenDto;
 import inha.gdgoc.domain.user.entity.User;
+import inha.gdgoc.domain.user.enums.TeamType;
+import inha.gdgoc.domain.user.enums.UserRole;
 import inha.gdgoc.domain.user.repository.UserRepository;
 import inha.gdgoc.global.config.jwt.TokenProvider;
+import inha.gdgoc.global.config.jwt.TokenProvider.CustomUserDetails;
+import inha.gdgoc.global.security.AccessGuard;
 import java.io.IOException;
 import java.security.GeneralSecurityException;
 import java.time.Duration;
@@ -41,6 +45,7 @@ public class AuthService {
   private final UserRepository userRepository;
   private final TokenProvider tokenProvider;
   private final StringRedisTemplate redisTemplate;
+  private final AccessGuard accessGuard;
 
   @Value("${google.client-id}")
   private String googleClientId;
@@ -91,6 +96,9 @@ public LoginSuccessResponse signup(SignupRequest request) {
 
     // 전화번호 정규화 (숫자만 남김)
     String cleanPhone = request.getPhoneNumber().replaceAll("[^0-9]", "");
+    if (userRepository.existsByPhoneNumber(cleanPhone)) {
+      throw new IllegalArgumentException("이미 존재하는 전화번호입니다.");
+    }
 
     // 유저 엔티티 생성 및 저장
     User newUser =
@@ -125,6 +133,18 @@ public CheckPhoneNumberResponse isRegisteredPhoneNumber(String phoneNumber) {
     return new CheckPhoneNumberResponse(exists);
   }
 
+  public boolean hasRequiredAccess(CustomUserDetails me, UserRole role, TeamType requiredTeam) {
+    var conditions = new java.util.ArrayList<AccessGuard.AccessCondition>();
+    conditions.add(AccessGuard.AccessCondition.atLeast(role));
+
+    if (requiredTeam != null) {
+      conditions.add(AccessGuard.AccessCondition.atLeast(UserRole.ORGANIZER));
+      conditions.add(AccessGuard.AccessCondition.of(UserRole.GUEST, requiredTeam));
+    }
+
+    return accessGuard.check(me, conditions.toArray(AccessGuard.AccessCondition[]::new));
+  }
+
   public RefreshResult refresh(String refreshToken) {
     RefreshSession session = resolveRefreshSession(refreshToken);
 

src/main/java/inha/gdgoc/domain/core/attendance/controller/CoreAttendanceController.java

@@ -8,7 +8,6 @@
 import inha.gdgoc.domain.core.attendance.dto.response.TeamResponse;
 import inha.gdgoc.domain.core.attendance.service.CoreAttendanceService;
 import inha.gdgoc.domain.user.enums.TeamType;
-import inha.gdgoc.domain.user.enums.UserRole;
 import inha.gdgoc.global.config.jwt.TokenProvider.CustomUserDetails;
 import inha.gdgoc.global.dto.response.ApiResponse;
 import inha.gdgoc.global.dto.response.PageMeta;
@@ -44,12 +43,6 @@ public class CoreAttendanceController {
 
     private final CoreAttendanceService service;
 
-    /* ===== helpers ===== */
-    private static TeamType requiredTeamFrom(CustomUserDetails me) {
-        if (me.getTeam() == null) throw new IllegalArgumentException("LEAD 권한 토큰에 team 정보가 없습니다.");
-        return me.getTeam();
-    }
-
     private static ResponseEntity<ApiResponse<Map<String, Object>, Void>> okUpdated(long updated, List<Long> ignored) {
         return ResponseEntity.ok(ApiResponse.ok(CoreAttendanceMessage.ATTENDANCE_ALL_SET_SUCCESS, Map.of("updated", updated, "ignoredUserIds", ignored)));
     }
@@ -77,7 +70,9 @@ public ResponseEntity<ApiResponse<DateListResponse, Void>> deleteDate(@PathVaria
     /* ===== 팀 목록 (리드=본인 팀만 / 관리자=전체) ===== */
     @GetMapping("/teams")
     public ResponseEntity<ApiResponse<List<TeamResponse>, PageMeta>> getTeams(@AuthenticationPrincipal CustomUserDetails me) {
-        List<TeamResponse> list = (me.getRole() == UserRole.LEAD && me.getTeam() != TeamType.HR) ? service.getTeamsForLead(requiredTeamFrom(me)) : service.getTeamsForOrganizerOrAdmin();
+        List<TeamResponse> list = service.isLeadScoped(me.getRole(), me.getTeam())
+                ? service.getTeamsForLead(service.resolveEffectiveTeam(me.getRole(), me.getTeam(), null))
+                : service.getTeamsForOrganizerOrAdmin();
 
         var page = new PageImpl<>(list, PageRequest.of(0, Math.max(1, list.size()), Sort.by(Sort.Direction.DESC, "createdAt")), list.size());
         return ResponseEntity.ok(ApiResponse.ok(CoreAttendanceMessage.TEAM_LIST_RETRIEVED_SUCCESS, list, PageMeta.of(page)));
@@ -88,7 +83,7 @@ public ResponseEntity<ApiResponse<List<TeamResponse>, PageMeta>> getTeams(@Authe
     @GetMapping("/{date}/members")
     public ResponseEntity<ApiResponse<List<Map<String, Object>>, Void>> membersOfMeeting(@AuthenticationPrincipal CustomUserDetails me, @PathVariable @DateTimeFormat(iso = DateTimeFormat.ISO.DATE) LocalDate date, @RequestParam(required = false) TeamType team // 관리자만 사용, 리드는 무시
     ) {
-        TeamType effectiveTeam = (me.getRole() == UserRole.LEAD && me.getTeam() != TeamType.HR) ? requiredTeamFrom(me) : team;
+        TeamType effectiveTeam = service.resolveEffectiveTeam(me.getRole(), me.getTeam(), team);
         var list = service.getMembersWithPresence(date.toString(), effectiveTeam);
         // list 원소 예시: { "userId": "123", "name": "홍길동", "present": true, "lastModifiedAt": "..." }
         return ResponseEntity.ok(ApiResponse.ok(CoreAttendanceMessage.TEAM_LIST_RETRIEVED_SUCCESS, list));
@@ -99,34 +94,28 @@ public ResponseEntity<ApiResponse<List<Map<String, Object>>, Void>> membersOfMee
     @PutMapping("/{date}/attendance")
     public ResponseEntity<ApiResponse<Map<String, Object>, Void>> saveAttendanceSnapshot(@AuthenticationPrincipal CustomUserDetails me, @PathVariable @DateTimeFormat(iso = DateTimeFormat.ISO.DATE) LocalDate date, @RequestBody @Valid SetAttendanceRequest req) {
         var userIds = req.safeUserIds();
-
-        // LEAD → 본인 팀 검증
-        if (me.getRole() == UserRole.LEAD && me.getTeam() != TeamType.HR) {
-            TeamType myTeam = requiredTeamFrom(me);
-            var validation = service.filterUserIdsNotInTeam(myTeam, userIds);
-            if (validation.validIds().isEmpty()) {
-                return okUpdated(0L, validation.invalidIds());
-            }
-            long updated = service.setAttendance(date.toString(), validation.validIds(), req.presentValue());
-            return okUpdated(updated, validation.invalidIds());
-        }
-
-        // ORGANIZER / ADMIN → 팀 추론/검증 없이 바로 업서트
-        long updated = service.setAttendance(date.toString(), userIds, req.presentValue());
-        return okUpdated(updated, List.of());
+        CoreAttendanceService.AttendanceUpdateResult result = service.saveAttendanceSnapshot(
+                date.toString(),
+                userIds,
+                req.presentValue(),
+                me.getRole(),
+                me.getTeam()
+        );
+        return okUpdated(result.updatedCount(), result.ignoredUserIds());
     }
 
     /* ===== 날짜 요약(JSON) ===== */
     @GetMapping("/{date}/summary")
     public ResponseEntity<ApiResponse<DaySummaryResponse, Void>> summary(@AuthenticationPrincipal CustomUserDetails me, @PathVariable @DateTimeFormat(iso = DateTimeFormat.ISO.DATE) LocalDate date, @RequestParam(required = false) TeamType team) {
-        DaySummaryResponse body = (me.getRole() == UserRole.LEAD && me.getTeam() != TeamType.HR) ? service.summary(date.toString(), requiredTeamFrom(me)) : service.summary(date.toString(), team);
+        TeamType effectiveTeam = service.resolveEffectiveTeam(me.getRole(), me.getTeam(), team);
+        DaySummaryResponse body = service.summary(date.toString(), effectiveTeam);
         return ResponseEntity.ok(ApiResponse.ok(CoreAttendanceMessage.SUMMARY_RETRIEVED_SUCCESS, body));
     }
 
     /* ===== 날짜 요약(CSV) ===== */
     @GetMapping(value = "/{date}/summary.csv", produces = "text/csv; charset=UTF-8")
     public ResponseEntity<String> summaryCsv(@AuthenticationPrincipal CustomUserDetails me, @PathVariable @DateTimeFormat(iso = DateTimeFormat.ISO.DATE) LocalDate date, @RequestParam(required = false) TeamType team) {
-        TeamType effective = (me.getRole() == UserRole.LEAD && me.getTeam() != TeamType.HR) ? requiredTeamFrom(me) : team;
+        TeamType effective = service.resolveEffectiveTeam(me.getRole(), me.getTeam(), team);
         String csv = service.buildSummaryCsv(date.toString(), effective);
         return ResponseEntity.ok()
                 .header("Content-Disposition", "attachment; filename=\"attendance-" + date + ".csv\"")
@@ -138,10 +127,7 @@ public ResponseEntity<String> summaryCsvAll(
             @AuthenticationPrincipal CustomUserDetails me,
             @RequestParam(required = false) TeamType team
     ) {
-        // LEAD & not HR → 자신의 팀만
-        TeamType effective = (me.getRole() == UserRole.LEAD && me.getTeam() != TeamType.HR)
-                ? requiredTeamFrom(me)
-                : team;
+        TeamType effective = service.resolveEffectiveTeam(me.getRole(), me.getTeam(), team);
 
         String csv = service.buildFullMatrixCsv(effective);
         return ResponseEntity.ok()