diff --git a/src/main/java/kr/co/knuserver/application/booth/BoothCommandService.java b/src/main/java/kr/co/knuserver/application/booth/BoothCommandService.java index 2a21c36..99f0e97 100644 --- a/src/main/java/kr/co/knuserver/application/booth/BoothCommandService.java +++ b/src/main/java/kr/co/knuserver/application/booth/BoothCommandService.java @@ -5,6 +5,9 @@ import kr.co.knuserver.domain.booth.entity.BoothImage; import kr.co.knuserver.domain.booth.repository.BoothImageRepository; import kr.co.knuserver.domain.booth.repository.BoothRepository; +import kr.co.knuserver.domain.member.entity.Member; +import kr.co.knuserver.domain.member.entity.Role; +import kr.co.knuserver.domain.member.repository.MemberRepository; import kr.co.knuserver.global.exception.BusinessErrorCode; import kr.co.knuserver.global.exception.BusinessException; import kr.co.knuserver.infra.s3.S3Uploader; @@ -26,6 +29,7 @@ public class BoothCommandService { private final BoothRepository boothRepository; private final BoothImageRepository boothImageRepository; private final S3Uploader s3Uploader; + private final MemberRepository memberRepository; @Transactional public BoothInfoResponseDto registerBooth( @@ -40,9 +44,12 @@ public BoothInfoResponseDto registerBooth( } @Transactional - public BoothInfoResponseDto updateBooth(Long boothId, BoothUpdateRequestDto request) { + public BoothInfoResponseDto updateBooth(Long boothId, BoothUpdateRequestDto request, Long memberId) { Booth booth = boothRepository.findById(boothId) .orElseThrow(() -> new BusinessException(BusinessErrorCode.BOOTH_NOT_FOUND)); + + validateRole(booth, memberId); + booth.updateFromDto(request); List imageUrls = boothImageRepository.findAllByBoothId(boothId).stream() @@ -53,10 +60,12 @@ public BoothInfoResponseDto updateBooth(Long boothId, BoothUpdateRequestDto requ } @Transactional - public BoothInfoResponseDto updateBoothImages(Long boothId, List images) { + public BoothInfoResponseDto updateBoothImages(Long boothId, List images, Long memberId) { Booth booth = boothRepository.findById(boothId) .orElseThrow(() -> new BusinessException(BusinessErrorCode.BOOTH_NOT_FOUND)); + validateRole(booth, memberId); + List oldImageUrls = boothImageRepository.findAllByBoothId(boothId).stream() .map(BoothImage::getImageUrl) .toList(); @@ -97,4 +106,15 @@ private List uploadImages(Long boothId, List images) { .toList(); } + private void validateRole(Booth booth, Long memberId) { + Member member = memberRepository.findById(memberId).orElseThrow( + () -> new BusinessException(BusinessErrorCode.MEMBER_NOT_FOUND)); + if (member.getRole() == Role.ADMIN) { + return; + } + if (!booth.getMemberId().equals(memberId)) { + throw new BusinessException(BusinessErrorCode.ACCESS_DENIED); + } + } + } diff --git a/src/main/java/kr/co/knuserver/presentation/booth/AdminBoothApiController.java b/src/main/java/kr/co/knuserver/presentation/booth/AdminBoothApiController.java index 49a0e6b..e9da23b 100644 --- a/src/main/java/kr/co/knuserver/presentation/booth/AdminBoothApiController.java +++ b/src/main/java/kr/co/knuserver/presentation/booth/AdminBoothApiController.java @@ -4,6 +4,7 @@ import java.util.List; import kr.co.knuserver.application.booth.BoothCommandService; import kr.co.knuserver.domain.member.entity.Role; +import kr.co.knuserver.global.auth.MemberId; import kr.co.knuserver.global.auth.RequireRole; import kr.co.knuserver.global.exception.ApiResponse; import kr.co.knuserver.presentation.booth.docs.AdminBoothApiControllerDocs; @@ -27,7 +28,6 @@ @RestController @RequestMapping("/admin/v1/booths") @RequiredArgsConstructor -@RequireRole(Role.ADMIN) public class AdminBoothApiController implements AdminBoothApiControllerDocs { private final BoothCommandService boothCommandService; @@ -35,6 +35,7 @@ public class AdminBoothApiController implements AdminBoothApiControllerDocs { // 가두모집 부스 생성 @Override @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE) + @RequireRole(Role.ADMIN) public ResponseEntity> createBooth( @RequestPart(value = "data") @Valid BoothRegisterRequestDto request, @RequestPart(value = "images", required = false) List images @@ -48,10 +49,11 @@ public ResponseEntity> createBooth( @Override @PatchMapping("/{booth-id}") public ResponseEntity> updateBooth( + @MemberId Long memberId, @PathVariable(name = "booth-id") Long boothId, @Valid @RequestBody BoothUpdateRequestDto request ) { - BoothInfoResponseDto result = boothCommandService.updateBooth(boothId, request); + BoothInfoResponseDto result = boothCommandService.updateBooth(boothId, request, memberId); return ResponseEntity.ok(ApiResponse.success(result)); } @@ -59,10 +61,11 @@ public ResponseEntity> updateBooth( @Override @PostMapping(value = "/{booth-id}/images", consumes = MediaType.MULTIPART_FORM_DATA_VALUE) public ResponseEntity> updateBoothImages( + @MemberId Long memberId, @PathVariable(name = "booth-id") Long boothId, @RequestPart(value = "images", required = false) List images ) { - BoothInfoResponseDto result = boothCommandService.updateBoothImages(boothId, images); + BoothInfoResponseDto result = boothCommandService.updateBoothImages(boothId, images, memberId); return ResponseEntity.ok(ApiResponse.success(result)); } @@ -70,6 +73,7 @@ public ResponseEntity> updateBoothImages( // 가두모집 부스 삭제 @Override @DeleteMapping("/{booth-id}") + @RequireRole(Role.ADMIN) public ResponseEntity> deleteBooth( @PathVariable(name = "booth-id") Long boothId ) { diff --git a/src/main/java/kr/co/knuserver/presentation/booth/BoothApiController.java b/src/main/java/kr/co/knuserver/presentation/booth/BoothApiController.java index 48a6329..e38e0c4 100644 --- a/src/main/java/kr/co/knuserver/presentation/booth/BoothApiController.java +++ b/src/main/java/kr/co/knuserver/presentation/booth/BoothApiController.java @@ -85,26 +85,4 @@ public ResponseEntity>> getBoothRankin List result = boothQueryService.getBoothRanking(); return ResponseEntity.ok(ApiResponse.success(result)); } - - // 부스 정보(이미지 외 필드)만 수정 - @Override - @PatchMapping("/{booth-id}") - public ResponseEntity> updateBooth( - @PathVariable(name = "booth-id") Long boothId, - @Valid @RequestBody BoothUpdateRequestDto request - ) { - BoothInfoResponseDto result = boothCommandService.updateBooth(boothId, request); - return ResponseEntity.ok(ApiResponse.success(result)); - } - - // 이미지만 수정 - @Override - @PostMapping(value = "/{booth-id}/images", consumes = MediaType.MULTIPART_FORM_DATA_VALUE) - public ResponseEntity> updateBoothImages( - @PathVariable(name = "booth-id") Long boothId, - @RequestPart(value = "images", required = false) List images - ) { - BoothInfoResponseDto result = boothCommandService.updateBoothImages(boothId, images); - return ResponseEntity.ok(ApiResponse.success(result)); - } } diff --git a/src/main/java/kr/co/knuserver/presentation/booth/docs/AdminBoothApiControllerDocs.java b/src/main/java/kr/co/knuserver/presentation/booth/docs/AdminBoothApiControllerDocs.java index 79e2f1a..21f7c00 100644 --- a/src/main/java/kr/co/knuserver/presentation/booth/docs/AdminBoothApiControllerDocs.java +++ b/src/main/java/kr/co/knuserver/presentation/booth/docs/AdminBoothApiControllerDocs.java @@ -7,6 +7,7 @@ import io.swagger.v3.oas.annotations.tags.Tag; import jakarta.validation.Valid; import java.util.List; +import kr.co.knuserver.global.auth.MemberId; import kr.co.knuserver.presentation.booth.dto.BoothInfoResponseDto; import kr.co.knuserver.presentation.booth.dto.BoothRegisterRequestDto; import kr.co.knuserver.presentation.booth.dto.BoothUpdateRequestDto; @@ -36,6 +37,7 @@ ResponseEntity> updateBooth( + @MemberId Long memberId, @Parameter(description = "부스 ID", required = true) @PathVariable(name = "booth-id") Long boothId, @Valid @RequestBody BoothUpdateRequestDto request); @@ -45,6 +47,7 @@ ResponseEntity> updateBoothImages( + @MemberId Long memberId, @Parameter(description = "부스 ID", required = true) @PathVariable(name = "booth-id") Long boothId, @Parameter(description = "교체할 이미지 목록 (선택, 미전송 시 이미지 전체 삭제)") @RequestPart(value = "images", required = false) List images); diff --git a/src/main/java/kr/co/knuserver/presentation/booth/docs/BoothApiControllerDocs.java b/src/main/java/kr/co/knuserver/presentation/booth/docs/BoothApiControllerDocs.java index e632f55..ecbfbb3 100644 --- a/src/main/java/kr/co/knuserver/presentation/booth/docs/BoothApiControllerDocs.java +++ b/src/main/java/kr/co/knuserver/presentation/booth/docs/BoothApiControllerDocs.java @@ -60,23 +60,4 @@ ResponseEntity> updateBooth( - @Parameter(description = "부스 ID", required = true) @PathVariable(name = "booth-id") Long boothId, - @Valid @RequestBody BoothUpdateRequestDto request); - - @Operation(summary = "가두모집 부스 이미지 수정", description = "부스의 이미지를 교체합니다.") - @ApiResponses({ - @ApiResponse(responseCode = "200", description = "이미지 수정 성공"), - @ApiResponse(responseCode = "404", description = "부스 없음") - }) - ResponseEntity> updateBoothImages( - @Parameter(description = "부스 ID", required = true) @PathVariable(name = "booth-id") Long boothId, - @Parameter(description = "교체할 이미지 목록 (선택, 미전송 시 이미지 전체 삭제)") - @RequestPart(value = "images", required = false) List images); } diff --git a/src/main/java/kr/co/knuserver/presentation/event/AdminEventApiController.java b/src/main/java/kr/co/knuserver/presentation/event/AdminEventApiController.java index a691b5b..10d62fc 100644 --- a/src/main/java/kr/co/knuserver/presentation/event/AdminEventApiController.java +++ b/src/main/java/kr/co/knuserver/presentation/event/AdminEventApiController.java @@ -1,8 +1,9 @@ package kr.co.knuserver.presentation.event; import jakarta.validation.Valid; -import java.util.List; import kr.co.knuserver.application.event.EventCommandService; +import kr.co.knuserver.domain.member.entity.Role; +import kr.co.knuserver.global.auth.RequireRole; import kr.co.knuserver.global.exception.ApiResponse; import kr.co.knuserver.presentation.event.docs.AdminEventApiControllerDocs; import kr.co.knuserver.presentation.event.dto.EventRequestDto; @@ -24,6 +25,7 @@ @RestController @RequestMapping("/admin/v1/events") @RequiredArgsConstructor +@RequireRole(Role.ADMIN) public class AdminEventApiController implements AdminEventApiControllerDocs { private final EventCommandService eventCommandService;