M0IM · yewonahn · Nov 24, 2024 · Nov 3, 2024 · Nov 3, 2024 · Nov 3, 2024
diff --git a/src/main/java/com/dev/moim/domain/account/controller/AuthController.java b/src/main/java/com/dev/moim/domain/account/controller/AuthController.java
@@ -4,8 +4,8 @@
 import com.dev.moim.domain.account.entity.User;
 import com.dev.moim.domain.account.service.AuthService;
 import com.dev.moim.global.common.BaseResponse;
-import com.dev.moim.global.security.annotation.AuthUser;
-import com.dev.moim.global.security.annotation.ExtractToken;
+import com.dev.moim.global.security.annotation.annotation.AuthUser;
+import com.dev.moim.global.security.annotation.annotation.ExtractToken;
 import com.dev.moim.global.validation.annotation.QuitValidation;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;

diff --git a/src/main/java/com/dev/moim/domain/moim/controller/MoimCalendarController.java b/src/main/java/com/dev/moim/domain/moim/controller/MoimCalendarController.java
@@ -5,7 +5,7 @@
 import com.dev.moim.domain.moim.service.CalenderCommandService;
 import com.dev.moim.domain.moim.service.CalenderQueryService;
 import com.dev.moim.global.common.BaseResponse;
-import com.dev.moim.global.security.annotation.AuthUser;
+import com.dev.moim.global.security.annotation.annotation.AuthUser;
 import com.dev.moim.global.validation.annotation.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;

diff --git a/src/main/java/com/dev/moim/domain/moim/controller/MoimController.java b/src/main/java/com/dev/moim/domain/moim/controller/MoimController.java
@@ -6,15 +6,12 @@
 import com.dev.moim.domain.moim.controller.enums.MoimRequestType;
 import com.dev.moim.domain.moim.dto.*;
 import com.dev.moim.domain.moim.entity.Moim;
-import com.dev.moim.domain.moim.entity.enums.MoimCategory;
-import com.dev.moim.domain.moim.entity.enums.MoimRole;
 import com.dev.moim.domain.moim.service.MoimCommandService;
 import com.dev.moim.domain.moim.service.MoimQueryService;
 import com.dev.moim.domain.user.dto.UserPreviewListDTO;
 import com.dev.moim.global.common.BaseResponse;
-import com.dev.moim.global.security.annotation.AuthUser;
+import com.dev.moim.global.security.annotation.annotation.AuthUser;
 import com.dev.moim.global.validation.annotation.*;
-import io.swagger.v3.oas.annotations.Hidden;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.Parameters;

diff --git a/src/main/java/com/dev/moim/domain/moim/controller/MoimPostController.java b/src/main/java/com/dev/moim/domain/moim/controller/MoimPostController.java
@@ -5,15 +5,14 @@
 import com.dev.moim.domain.moim.dto.post.*;
 import com.dev.moim.domain.moim.entity.Comment;
 import com.dev.moim.domain.moim.entity.Post;
-import com.dev.moim.domain.moim.entity.PostBlock;
 import com.dev.moim.domain.moim.entity.UserMoim;
 import com.dev.moim.domain.moim.repository.UserMoimRepository;
 import com.dev.moim.domain.moim.service.PostCommandService;
 import com.dev.moim.domain.moim.service.PostQueryService;
 import com.dev.moim.domain.user.dto.UserPreviewDTO;
 import com.dev.moim.domain.user.service.UserQueryService;
 import com.dev.moim.global.common.BaseResponse;
-import com.dev.moim.global.security.annotation.AuthUser;
+import com.dev.moim.global.security.annotation.annotation.AuthUser;
 import com.dev.moim.global.validation.annotation.CheckCursorValidation;
 import com.dev.moim.global.validation.annotation.CheckTakeValidation;
 import com.dev.moim.global.validation.annotation.UserMoimValidaton;

diff --git a/src/main/java/com/dev/moim/domain/moim/controller/MoimTodoController.java b/src/main/java/com/dev/moim/domain/moim/controller/MoimTodoController.java
@@ -5,15 +5,14 @@
 import com.dev.moim.domain.moim.service.TodoCommandService;
 import com.dev.moim.domain.moim.service.TodoQueryService;
 import com.dev.moim.global.common.BaseResponse;
-import com.dev.moim.global.security.annotation.AuthUser;
+import com.dev.moim.global.security.annotation.annotation.AuthUser;
 import com.dev.moim.global.validation.annotation.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
-import org.springframework.http.HttpStatus;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -33,6 +32,7 @@ public class MoimTodoController {
             @ApiResponse(responseCode = "COMMON_002", description = "입력된 정보에 오류가 있습니다. 필드별 오류 메시지를 참조하세요."),
             @ApiResponse(responseCode = "MOIM_002", description = "모임 관리자 회원이 아닙니다."),
             @ApiResponse(responseCode = "MOIM_003", description = "모임의 멤버가 아닙니다."),
+            @ApiResponse(responseCode = "MOIM_007", description = "모임 관리자가 아닙니다."),
             @ApiResponse(responseCode = "TODO_004", description = "Todo를 할당받을 유저를 지정하지 않았습니다."),
             @ApiResponse(responseCode = "TODO_005", description = "전체 선택인 경우 특정 assignee를 지정할 수 없습니다.")
     })

diff --git a/src/main/java/com/dev/moim/domain/moim/repository/UserMoimRepository.java b/src/main/java/com/dev/moim/domain/moim/repository/UserMoimRepository.java
@@ -115,4 +115,30 @@ Slice<UserMoim> findAllByUserProfileIdAndJoinStatus(
             @Param("joinStatus") JoinStatus joinStatus,
             @Param("cursor") Long cursor,
             Pageable pageable);
+
+    @Query("SELECT um FROM UserMoim um " +
+            "JOIN FETCH um.moim " +
+            "JOIN FETCH um.user " +
+            "WHERE um.user.id = :userId " +
+            "AND um.moim.id = :moimId " +
+            "AND um.joinStatus = :joinStatus")
+    Optional<UserMoim> findByUserIdAndMoimIdAndJoinStatusWithUserAndMoim(Long userId, Long moimId, JoinStatus joinStatus);
+
+    @Query("SELECT um FROM UserMoim um " +
+            "JOIN FETCH um.moim " +
+            "JOIN FETCH um.user " +
+            "WHERE um.user.id = :userId " +
+            "AND um.moim.id = :moimId " +
+            "AND um.joinStatus = :joinStatus " +
+            "AND um.moimRole IN :moimRoleList " )
+    Optional<UserMoim> findByUserIdAndMoimIdAndJoinStatusInMoimRoleListWithUserAndMoim(Long userId, Long moimId, JoinStatus joinStatus, List<MoimRole> moimRoleList);
+
+    @Query("SELECT um FROM UserMoim um " +
+            "JOIN FETCH um.moim " +
+            "JOIN FETCH um.user " +
+            "WHERE um.user.id = :userId " +
+            "AND um.moim.id = :moimId " +
+            "AND um.joinStatus = :joinStatus " +
+            "AND um.moimRole = :moimRole " )
+    Optional<UserMoim> findByUserIdAndMoimIdAndJoinStatusAndMoimRoleWithUserAndMoim(Long userId, Long moimId, JoinStatus joinStatus, MoimRole moimRole);
 }
diff --git a/src/main/java/com/dev/moim/domain/moim/service/MoimQueryService.java b/src/main/java/com/dev/moim/domain/moim/service/MoimQueryService.java
@@ -9,7 +9,6 @@
 import com.dev.moim.domain.moim.dto.MoimJoinRequestListDTO;
 import com.dev.moim.domain.moim.dto.MoimPreviewListDTO;
 import com.dev.moim.domain.moim.entity.enums.JoinStatus;
-import com.dev.moim.domain.moim.entity.enums.MoimRole;
 import com.dev.moim.domain.user.dto.UserPreviewListDTO;
 
 import java.util.List;

diff --git a/src/main/java/com/dev/moim/domain/moim/service/UserMoimQueryService.java b/src/main/java/com/dev/moim/domain/moim/service/UserMoimQueryService.java
@@ -0,0 +1,20 @@
+package com.dev.moim.domain.moim.service;
+
+import com.dev.moim.domain.moim.entity.UserMoim;
+import com.dev.moim.domain.moim.entity.enums.JoinStatus;
+import com.dev.moim.domain.moim.entity.enums.MoimRole;
+
+import java.util.List;
+import java.util.Optional;
+
+public interface UserMoimQueryService {
+
+    Optional<UserMoim> findByUserIdAndMoimIdAndJoinStatusWithUserAndMoim(
+            Long userId, Long moimId, JoinStatus joinStatus);
+
+    Optional<UserMoim> findByUserIdAndMoimIdAndJoinStatusInMoimRoleListWithUserAndMoim(
+            Long userId, Long moimId, JoinStatus joinStatus, List<MoimRole> moimRoleList);
+
+    Optional<UserMoim> findByUserIdAndMoimIdAndJoinStatusAndMoimRoleWithUserAndMoim(
+            Long userId, Long moimId, JoinStatus joinStatus, MoimRole moimRole);
+}
diff --git a/src/main/java/com/dev/moim/domain/moim/service/impl/UserMoimQueryServiceImpl.java b/src/main/java/com/dev/moim/domain/moim/service/impl/UserMoimQueryServiceImpl.java
@@ -0,0 +1,43 @@
+package com.dev.moim.domain.moim.service.impl;
+
+import com.dev.moim.domain.moim.entity.UserMoim;
+import com.dev.moim.domain.moim.entity.enums.JoinStatus;
+import com.dev.moim.domain.moim.entity.enums.MoimRole;
+import com.dev.moim.domain.moim.repository.UserMoimRepository;
+import com.dev.moim.domain.moim.service.UserMoimQueryService;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.List;
+import java.util.Optional;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+@Transactional(readOnly = true)
+public class UserMoimQueryServiceImpl implements UserMoimQueryService {
+
+    private final UserMoimRepository userMoimRepository;
+
+    @Override
+    public Optional<UserMoim> findByUserIdAndMoimIdAndJoinStatusWithUserAndMoim(Long userId, Long moimId, JoinStatus joinStatus) {
+        return userMoimRepository.findByUserIdAndMoimIdAndJoinStatusWithUserAndMoim(
+                userId, moimId, joinStatus);
+    }
+
+    @Override
+    public Optional<UserMoim> findByUserIdAndMoimIdAndJoinStatusInMoimRoleListWithUserAndMoim(
+            Long userId, Long moimId, JoinStatus joinStatus, List<MoimRole> moimRoleList) {
+        return userMoimRepository.findByUserIdAndMoimIdAndJoinStatusInMoimRoleListWithUserAndMoim(
+                userId, moimId, joinStatus, moimRoleList);
+    }
+
+    @Override
+    public Optional<UserMoim> findByUserIdAndMoimIdAndJoinStatusAndMoimRoleWithUserAndMoim(
+            Long userId, Long moimId, JoinStatus joinStatus, MoimRole moimRole) {
+        return userMoimRepository.findByUserIdAndMoimIdAndJoinStatusAndMoimRoleWithUserAndMoim(
+                userId, moimId, joinStatus, moimRole);
+    }
+}
diff --git a/src/main/java/com/dev/moim/domain/user/controller/AlarmController.java b/src/main/java/com/dev/moim/domain/user/controller/AlarmController.java
@@ -6,7 +6,7 @@
 import com.dev.moim.domain.user.service.UserQueryService;
 import com.dev.moim.global.common.BaseResponse;
 import com.dev.moim.global.firebase.service.FcmService;
-import com.dev.moim.global.security.annotation.AuthUser;
+import com.dev.moim.global.security.annotation.annotation.AuthUser;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;

diff --git a/src/main/java/com/dev/moim/domain/user/controller/UserController.java b/src/main/java/com/dev/moim/domain/user/controller/UserController.java
@@ -13,7 +13,7 @@
 import com.dev.moim.domain.user.service.UserCommandService;
 import com.dev.moim.domain.user.service.UserQueryService;
 import com.dev.moim.global.common.BaseResponse;
-import com.dev.moim.global.security.annotation.AuthUser;
+import com.dev.moim.global.security.annotation.annotation.AuthUser;
 import com.dev.moim.global.validation.annotation.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;

diff --git a/src/main/java/com/dev/moim/global/common/code/status/ErrorStatus.java b/src/main/java/com/dev/moim/global/common/code/status/ErrorStatus.java
@@ -88,6 +88,9 @@ public enum ErrorStatus implements BaseErrorCode {
     NOT_REQUEST_JOIN(HttpStatus.NOT_FOUND, "MOIM_011", "신청하지 않은 모임입니다."),
     USER_MOIM_NOT_FOUND(HttpStatus.NOT_FOUND, "MOIM_012", "user moim을 찾을 수 없습니다."),
     OWNER_NOT_EXIT(HttpStatus.NOT_FOUND, "MOIM_013", "owner는 모임을 나갈 수 없습니다."),
+    INVALID_MOIM_ID_FORMAT(HttpStatus.BAD_REQUEST, "MOIM_014", "잘못된 모임 ID 형식입니다."),
+    MISSING_MOIM_ID_IN_URI(HttpStatus.BAD_REQUEST, "MOIM_015", "URI에서 모임 ID가 누락되었습니다."),
+    USER_NOT_MOIM_OWNER(HttpStatus.UNAUTHORIZED, "MOIM_016", "모임장 회원이 아닙니다."),
 
     // UserProfile 관련
     USER_PROFILE_NOT_FOUND(HttpStatus.NOT_FOUND, "USERPROFILE_001", "프로필을 찾을 수 없습니다."),

diff --git a/src/main/java/com/dev/moim/global/config/WebConfig.java b/src/main/java/com/dev/moim/global/config/WebConfig.java
@@ -1,7 +1,6 @@
 package com.dev.moim.global.config;
 
-import com.dev.moim.global.security.annotation.AuthUserArgumentResolver;
-import com.dev.moim.global.security.annotation.ExtractTokenArgumentResolver;
+import com.dev.moim.global.security.annotation.resolver.*;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.method.support.HandlerMethodArgumentResolver;
@@ -15,11 +14,17 @@
 public class WebConfig implements WebMvcConfigurer {
     private final AuthUserArgumentResolver authUserArgumentResolver;
     private final ExtractTokenArgumentResolver extractTokenArgumentResolver;
+    private final AuthUserMoimArgumentResolver authUserMoimArgumentResolver;
+    private final AuthUserMoimAdminArgumentResolver authUserMoimAdminArgumentResolver;
+    private final AuthUserMoimOwnerArgumentResolver authUserMoimOwnerArgumentResolver;
 
     @Override
     public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
         resolvers.add(authUserArgumentResolver);
         resolvers.add(extractTokenArgumentResolver);
+        resolvers.add(authUserMoimArgumentResolver);
+        resolvers.add(authUserMoimAdminArgumentResolver);
+        resolvers.add(authUserMoimOwnerArgumentResolver);
     }
 
     @Override

diff --git a/.../global/security/annotation/AuthUser.java → ...urity/annotation/annotation/AuthUser.java b/.../global/security/annotation/AuthUser.java → ...urity/annotation/annotation/AuthUser.java
@@ -1,4 +1,4 @@
-package com.dev.moim.global.security.annotation;
+package com.dev.moim.global.security.annotation.annotation;
 
 import io.swagger.v3.oas.annotations.Parameter;
 

diff --git a/src/main/java/com/dev/moim/global/security/annotation/annotation/AuthUserMoim.java b/src/main/java/com/dev/moim/global/security/annotation/annotation/AuthUserMoim.java
@@ -0,0 +1,13 @@
+package com.dev.moim.global.security.annotation.annotation;
+
+import io.swagger.v3.oas.annotations.Parameter;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.PARAMETER)
+@Retention(RetentionPolicy.RUNTIME)
+@Parameter(name = "userMoim", hidden = true)
+public @interface AuthUserMoim {}
diff --git a/src/main/java/com/dev/moim/global/security/annotation/annotation/AuthUserMoimAdmin.java b/src/main/java/com/dev/moim/global/security/annotation/annotation/AuthUserMoimAdmin.java
@@ -0,0 +1,13 @@
+package com.dev.moim.global.security.annotation.annotation;
+
+import io.swagger.v3.oas.annotations.Parameter;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.PARAMETER)
+@Retention(RetentionPolicy.RUNTIME)
+@Parameter(name = "userMoim", hidden = true)
+public @interface AuthUserMoimAdmin {}
diff --git a/src/main/java/com/dev/moim/global/security/annotation/annotation/AuthUserMoimOwner.java b/src/main/java/com/dev/moim/global/security/annotation/annotation/AuthUserMoimOwner.java
@@ -0,0 +1,13 @@
+package com.dev.moim.global.security.annotation.annotation;
+
+import io.swagger.v3.oas.annotations.Parameter;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.PARAMETER)
+@Retention(RetentionPolicy.RUNTIME)
+@Parameter(name = "userMoim", hidden = true)
+public @interface AuthUserMoimOwner {}
diff --git a/...bal/security/annotation/ExtractToken.java → ...y/annotation/annotation/ExtractToken.java b/...bal/security/annotation/ExtractToken.java → ...y/annotation/annotation/ExtractToken.java
@@ -1,4 +1,4 @@
-package com.dev.moim.global.security.annotation;
+package com.dev.moim.global.security.annotation.annotation;
 
 import java.lang.annotation.ElementType;
 import java.lang.annotation.Retention;

diff --git a/.../annotation/AuthUserArgumentResolver.java → ...on/resolver/AuthUserArgumentResolver.java b/.../annotation/AuthUserArgumentResolver.java → ...on/resolver/AuthUserArgumentResolver.java
@@ -1,9 +1,10 @@
-package com.dev.moim.global.security.annotation;
+package com.dev.moim.global.security.annotation.resolver;
 
 import com.dev.moim.domain.account.entity.User;
-import com.dev.moim.domain.account.repository.UserRepository;
+import com.dev.moim.domain.user.service.UserQueryService;
 import com.dev.moim.global.error.handler.AuthException;
 import com.dev.moim.global.redis.util.RedisUtil;
+import com.dev.moim.global.security.annotation.annotation.AuthUser;
 import com.dev.moim.global.security.util.JwtUtil;
 import jakarta.annotation.Nonnull;
 import jakarta.servlet.http.HttpServletRequest;
@@ -27,7 +28,7 @@
 @RequiredArgsConstructor
 public class AuthUserArgumentResolver implements HandlerMethodArgumentResolver {
 
-    private final UserRepository userRepository;
+    private final UserQueryService userQueryService;
     private final RedisUtil redisUtil;
     private final JwtUtil jwtUtil;
 
@@ -55,7 +56,7 @@ public Object resolveArgument(
         return Optional.ofNullable(SecurityContextHolder.getContext().getAuthentication())
                 .map(authentication -> {
                     String userId = authentication.getName();
-                    User user = userRepository.findById(Long.valueOf(userId))
+                    User user = userQueryService.findUserById(Long.valueOf(userId))
                             .orElseThrow(() -> new AuthException(USER_NOT_FOUND));
 
                     if (user.getDeviceId() == null) {