diff --git a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/user/UserApiController.java b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/user/UserApiController.java index 896f232..e530353 100644 --- a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/user/UserApiController.java +++ b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/user/UserApiController.java @@ -17,8 +17,6 @@ import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.validation.Valid; -import java.io.IOException; -import java.security.GeneralSecurityException; /** * org.egovframe.cloud.userservice.api.user.UserApiController @@ -131,7 +129,7 @@ public class UserApiController { } /** - * 사용자 회원 가입 + * 사용자 소셜 정보 조회 * * @param requestDto 사용자 가입 요청 DTO * @return Boolean 성공 여부 @@ -243,23 +241,21 @@ public class UserApiController { /** * 사용자 회원탈퇴 * - * @param requestDto 사용자 비밀번호 확인 요청 DTO - * @return Boolean 일치 여부 - * @throws GeneralSecurityException 보안 예외 - * @throws IOException 입출력 예외 + * @param requestDto 사용자 검증 요청 DTO + * @return Boolean 처리 여부 */ @PostMapping("/api/v1/users/leave") - public Boolean leave(@RequestBody @Valid UserVerifyRequestDto requestDto) throws GeneralSecurityException, IOException { + public Boolean leave(@RequestBody @Valid UserVerifyRequestDto requestDto) { final String userId = SecurityContextHolder.getContext().getAuthentication().getName(); return userService.leave(userId, requestDto); } /** - * 사용자 회원탈퇴 + * 사용자 삭제 * - * @param userId 사용자 비밀번호 확인 요청 DTO - * @return Boolean 일치 여부 + * @param userId 사용자 id + * @return Boolean 처리 여부 */ @DeleteMapping("/api/v1/users/delete/{userId}") public Boolean delete(@PathVariable String userId) { diff --git a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/user/dto/UserVerifyRequestDto.java b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/user/dto/UserVerifyRequestDto.java index 949501d..90b716e 100644 --- a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/user/dto/UserVerifyRequestDto.java +++ b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/api/user/dto/UserVerifyRequestDto.java @@ -9,7 +9,7 @@ import javax.validation.constraints.Pattern; /** * org.egovframe.cloud.userservice.api.user.dto.UserVerifyRequestDto * - * 사용자 탈퇴 요청 DTO 클래스 + * 사용자 검증 요청 DTO 클래스 * * @author 표준프레임워크센터 jooho * @version 1.0 diff --git a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/user/UserService.java b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/user/UserService.java index 3a1d9ef..caeeac8 100644 --- a/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/user/UserService.java +++ b/backend/user-service/src/main/java/org/egovframe/cloud/userservice/service/user/UserService.java @@ -163,7 +163,7 @@ public class UserService extends AbstractService implements UserDetailsService { @Transactional public String updateRefreshToken(String userId, String updateRefreshToken) { User user = userRepository.findByUserId(userId) - .orElseThrow(() -> new UsernameNotFoundException("해당 사용자가 없습니다.")); + .orElseThrow(() -> new UsernameNotFoundException(getMessage("err.user.notexists"))); user.updateRefreshToken(updateRefreshToken); @@ -178,7 +178,7 @@ public class UserService extends AbstractService implements UserDetailsService { */ public User findByRefreshToken(String refreshToken) { return userRepository.findByRefreshToken(refreshToken) - .orElseThrow(() -> new UsernameNotFoundException("해당 사용자가 없습니다.")); + .orElseThrow(() -> new UsernameNotFoundException(getMessage("err.user.notexists"))); } /** @@ -189,7 +189,7 @@ public class UserService extends AbstractService implements UserDetailsService { */ public UserResponseDto findByUserId(String userId) { User user = userRepository.findByUserId(userId) - .orElseThrow(() -> new UsernameNotFoundException("해당 사용자가 없습니다.")); + .orElseThrow(() -> new UsernameNotFoundException(getMessage("err.user.notexists"))); return new UserResponseDto(user); } @@ -202,7 +202,7 @@ public class UserService extends AbstractService implements UserDetailsService { */ public UserResponseDto findByEmail(String email) { User user = userRepository.findByEmail(email) - .orElseThrow(() -> new UsernameNotFoundException("해당 사용자가 없습니다.")); + .orElseThrow(() -> new UsernameNotFoundException(getMessage("err.user.notexists"))); return new UserResponseDto(user); } @@ -297,7 +297,6 @@ public class UserService extends AbstractService implements UserDetailsService { throw new BusinessMessageException(getMessage("valid.required.format", new Object[]{getMessage("user.email")})); } - if (userId == null || "".equals(userId)) { return userRepository.findByEmail(email).isPresent(); } else { @@ -431,7 +430,7 @@ public class UserService extends AbstractService implements UserDetailsService { } User user = userRepository.findByEmail(entity.getUserFindPasswordId().getEmailAddr()) - .orElseThrow(() -> new UsernameNotFoundException("해당 사용자가 없습니다.")); + .orElseThrow(() -> new UsernameNotFoundException(getMessage("err.user.notexists"))); user.updatePassword(passwordEncoder.encode(requestDto.getPassword())); // 비밀번호 수정 @@ -449,9 +448,14 @@ public class UserService extends AbstractService implements UserDetailsService { */ @Transactional public Boolean updatePassword(String userId, UserPasswordUpdateRequestDto requestDto) { - User entity = findUserVerify(userId, requestDto); + try { + User entity = findUserVerify(userId, requestDto); - entity.updatePassword(passwordEncoder.encode(requestDto.getNewPassword())); // 비밀번호 수정 + entity.updatePassword(passwordEncoder.encode(requestDto.getNewPassword())); // 비밀번호 수정 + } catch (Exception e) { + e.printStackTrace(); + throw e; + } return true; } @@ -547,7 +551,12 @@ public class UserService extends AbstractService implements UserDetailsService { * @return User 사용자 엔티티 */ private User findUserVerify(String userId, UserVerifyRequestDto requestDto) { + if (userId == null || "".equals(userId)) { + throw new BusinessMessageException(getMessage("err.required.login")); + } + User user = null; + if ("password".equals(requestDto.getProvider())) { user = findUserVerifyPassword(userId, requestDto.getPassword()); } else { diff --git a/backend/user-service/src/test/java/org/egovframe/cloud/userservice/api/role/AuthorizationApiControllerTest.java b/backend/user-service/src/test/java/org/egovframe/cloud/userservice/api/role/AuthorizationApiControllerTest.java index cbf1653..fbfdfd1 100644 --- a/backend/user-service/src/test/java/org/egovframe/cloud/userservice/api/role/AuthorizationApiControllerTest.java +++ b/backend/user-service/src/test/java/org/egovframe/cloud/userservice/api/role/AuthorizationApiControllerTest.java @@ -218,7 +218,7 @@ class AuthorizationApiControllerTest { .andDo(MockMvcResultHandlers.print()) .andExpect(MockMvcResultMatchers.status().isOk()) // .andExpect(MockMvcResultMatchers.content().string("11")); - .andExpect(MockMvcResultMatchers.content().string("129")); // /src/test/resources/h2/data.sql 초기화 데이터의 마지막 순번 + 1 + .andExpect(MockMvcResultMatchers.content().string("130")); // /src/test/resources/h2/data.sql 초기화 데이터의 마지막 순번 + 1 deleteTestDatas(); } diff --git a/backend/user-service/src/test/resources/h2/data.sql b/backend/user-service/src/test/resources/h2/data.sql index c34640d..a27086d 100644 --- a/backend/user-service/src/test/resources/h2/data.sql +++ b/backend/user-service/src/test/resources/h2/data.sql @@ -26,7 +26,9 @@ INSERT INTO `authorization` (authorization_name,url_pattern_value,http_method_co ('예약지역 사용여부 토글','/reserve-item-service/api/v1/locations/?*/?*','PUT',125,'87638675-11fa-49e5-9bd1-d2524bf6fa45',now(),'87638675-11fa-49e5-9bd1-d2524bf6fa45',now()), ('사용자 정보 수정','/user-service/api/v1/users/info/?*','PUT',126,'65a00f65-8460-49af-98ec-042977e56f4b',now(),'65a00f65-8460-49af-98ec-042977e56f4b',now()), ('사용자 회원탈퇴','/user-service/api/v1/users/leave','POST',127,'65a00f65-8460-49af-98ec-042977e56f4b',now(),'65a00f65-8460-49af-98ec-042977e56f4b',now()), - ('사용자 삭제','/user-service/api/v1/users/delete/?*','DELETE',128,'65a00f65-8460-49af-98ec-042977e56f4b',now(),'65a00f65-8460-49af-98ec-042977e56f4b',now()); + ('사용자 삭제','/user-service/api/v1/users/delete/?*','DELETE',128,'65a00f65-8460-49af-98ec-042977e56f4b',now(),'65a00f65-8460-49af-98ec-042977e56f4b',now()), + ('사용자 삭제','/user-service/api/v1/users/social','POST',129,'65a00f65-8460-49af-98ec-042977e56f4b',now(),'65a00f65-8460-49af-98ec-042977e56f4b',now()); + INSERT INTO `role` (role_id,role_name,role_content,sort_seq,created_date) VALUES ('ROLE_ADMIN','시스템 관리자','시스템 관리자 권한',101,'2021-10-20 13:39:15'), @@ -34,5 +36,58 @@ INSERT INTO `role` (role_id,role_name,role_content,sort_seq,created_date) VALUES ('ROLE_EMPLOYEE','내부 사용자','내부 사용자 권한',102,'2021-10-20 13:39:15'), ('ROLE_USER','일반 사용자','일반 사용자 권한',103,'2021-10-20 13:39:15'); -INSERT INTO role_authorization (role_id,authorization_no,created_by,created_date) -select 'ROLE_ADMIN', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization`; +INSERT INTO role_authorization (role_id,authorization_no,created_by,created_date) +select 'ROLE_ADMIN', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` + +union all +select 'ROLE_USER', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/?*' and http_method_code = 'GET' +union all +select 'ROLE_USER', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/token/refresh' and http_method_code = 'GET' +union all +select 'ROLE_USER', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/authorizations/check' and http_method_code = 'GET' +union all +select 'ROLE_USER', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/exists' and http_method_code = 'POST' +union all +select 'ROLE_USER', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/password/update' and http_method_code = 'PUT' +union all +select 'ROLE_USER', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/password/match' and http_method_code = 'POST' +union all +select 'ROLE_USER', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/info/?*' and http_method_code = 'PUT' +union all +select 'ROLE_USER', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/leave' and http_method_code = 'POST' + +union all +select 'ROLE_ANONYMOUS', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/?*' and http_method_code = 'GET' +union all +select 'ROLE_ANONYMOUS', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/token/refresh' and http_method_code = 'GET' +union all +select 'ROLE_ANONYMOUS', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/authorizations/check' and http_method_code = 'GET' +union all +select 'ROLE_ANONYMOUS', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/exists' and http_method_code = 'POST' +union all +select 'ROLE_ANONYMOUS', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/join' and http_method_code = 'POST' +union all +select 'ROLE_ANONYMOUS', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/password/find' and http_method_code = 'POST' +union all +select 'ROLE_ANONYMOUS', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/password/valid/?*' and http_method_code = 'GET' +union all +select 'ROLE_ANONYMOUS', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/password/change' and http_method_code = 'PUT' +union all +select 'ROLE_ANONYMOUS', authorization_no, '65a00f65-8460-49af-98ec-042977e56f4b', now() from `authorization` +where url_pattern_value = '/user-service/api/v1/users/social' and http_method_code = 'POST';