diff --git a/src/main/java/com/squadb/workassistantapi/domain/Member.java b/src/main/java/com/squadb/workassistantapi/domain/Member.java index c889108..21f6ca8 100644 --- a/src/main/java/com/squadb/workassistantapi/domain/Member.java +++ b/src/main/java/com/squadb/workassistantapi/domain/Member.java @@ -8,6 +8,7 @@ import javax.persistence.GenerationType; import javax.persistence.Id; +import com.squadb.workassistantapi.service.exception.PermissionDeniedException; import com.squadb.workassistantapi.util.HashUtil; import com.squadb.workassistantapi.web.exception.LoginFailedException; @@ -15,6 +16,9 @@ import lombok.Getter; import lombok.NoArgsConstructor; +import java.util.function.Consumer; +import java.util.function.Supplier; + @Getter @Entity @NoArgsConstructor(access = AccessLevel.PROTECTED) @@ -50,6 +54,25 @@ public boolean isAdmin() { return type.isAdmin(); } + // 관리자 권한을 가진 사람에 대한 커스텀 액션 실행 메소드 + public Member ifAdmin(Consumer action) { + if (isAdmin()) { + action.accept(this); + return this; + } else { + return null; + } + } + + public Member orElseThrow(Supplier exceptionSupplier) throws X { + if (this != null) { + return this; + } else { + throw (X) exceptionSupplier.get(); + } + + } + public void checkEqualPassword(String passwordInput) { if (!HashUtil.equalPassword(passwordInput, passwordHash)) { throw LoginFailedException.wrongPassword(); diff --git a/src/main/java/com/squadb/workassistantapi/service/BookService.java b/src/main/java/com/squadb/workassistantapi/service/BookService.java index 5e3c242..d5bc05a 100644 --- a/src/main/java/com/squadb/workassistantapi/service/BookService.java +++ b/src/main/java/com/squadb/workassistantapi/service/BookService.java @@ -2,6 +2,7 @@ import java.util.List; +import com.squadb.workassistantapi.service.exception.PermissionDeniedException; import org.springframework.data.domain.Sort; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -37,6 +38,14 @@ public Long register(final Book book, final Long registrantId) { return saveBook.getId(); } + @Transactional + public void delete(Long bookId, Long registrantId) { + + memberService.findById(registrantId) + .ifAdmin((m) -> bookRepository.deleteById(bookId)) + .orElseThrow(() -> new PermissionDeniedException("Authorization Required")); + } + private void checkIsbnDuplication(final String isbn) { if (bookRepository.findByIsbn(isbn).isPresent()) { throw new KeyDuplicationException("key duplication book : [" + isbn + "]"); diff --git a/src/main/java/com/squadb/workassistantapi/service/exception/PermissionDeniedException.java b/src/main/java/com/squadb/workassistantapi/service/exception/PermissionDeniedException.java new file mode 100644 index 0000000..4b6e07f --- /dev/null +++ b/src/main/java/com/squadb/workassistantapi/service/exception/PermissionDeniedException.java @@ -0,0 +1,8 @@ +package com.squadb.workassistantapi.service.exception; + +public class PermissionDeniedException extends RuntimeException { + + public PermissionDeniedException(String message) { + super(message); + } +} diff --git a/src/main/java/com/squadb/workassistantapi/web/controller/BookApiController.java b/src/main/java/com/squadb/workassistantapi/web/controller/BookApiController.java index d7f27d1..9e3dff8 100644 --- a/src/main/java/com/squadb/workassistantapi/web/controller/BookApiController.java +++ b/src/main/java/com/squadb/workassistantapi/web/controller/BookApiController.java @@ -3,16 +3,12 @@ import java.util.List; import java.util.Objects; +import com.squadb.workassistantapi.service.exception.PermissionDeniedException; import org.springframework.data.domain.Sort; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.ExceptionHandler; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import com.squadb.workassistantapi.domain.Book; import com.squadb.workassistantapi.domain.exceptions.NoAuthorizationException; @@ -51,6 +47,19 @@ public ResponseEntity registerBook(@RequestBody BookReg return new ResponseEntity<>(BookRegisterResponseDto.success(bookId), HttpStatus.OK); } + @DeleteMapping(value = "/books/{id}", produces = MediaType.APPLICATION_JSON_VALUE) + public ResponseEntity deleteBook(@PathVariable Long id, + @CurrentLoginMember LoginMember loginMember) { + try { + bookService.delete(id, loginMember.getId()); + + } catch (PermissionDeniedException e) { + handleNoAuthorizationException(); + } + + return new ResponseEntity<>(HttpStatus.OK); + } + @GetMapping(value = "/books", produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity> findAll() { List bookList = bookService.findAll(Sort.by(Sort.Direction.DESC, "id"));