🔒️ 행안부 프리셋 보안 점검 1차 점검
This commit is contained in:
kimjaeyeol
@@ -8,6 +8,7 @@ import org.egovframe.cloud.boardservice.domain.board.Board;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.math.BigDecimal;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
@@ -193,7 +194,7 @@ public class BoardResponseDto implements Serializable {
|
||||
* @param posts 게시물 목록
|
||||
*/
|
||||
public void setNewestPosts(List<PostsSimpleResponseDto> posts) {
|
||||
this.posts = posts;
|
||||
this.posts = new ArrayList<>(posts);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -8,6 +8,7 @@ import org.egovframe.cloud.boardservice.domain.posts.Posts;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
@@ -202,14 +203,14 @@ public class PostsResponseDto implements Serializable {
|
||||
* 이전 게시물
|
||||
*/
|
||||
public void setPrevPosts(List<PostsSimpleResponseDto> prevPosts) {
|
||||
this.prevPosts = prevPosts;
|
||||
this.prevPosts = new ArrayList<>(prevPosts);
|
||||
}
|
||||
|
||||
/**
|
||||
* 다음 게시물
|
||||
*/
|
||||
public void setNextPosts(List<PostsSimpleResponseDto> nextPosts) {
|
||||
this.nextPosts = nextPosts;
|
||||
this.nextPosts = new ArrayList<>(nextPosts);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -13,6 +13,7 @@ import org.hibernate.annotations.OnDelete;
|
||||
import org.hibernate.annotations.OnDeleteAction;
|
||||
|
||||
import javax.persistence.*;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
@@ -137,7 +138,7 @@ public class Posts extends BaseEntity {
|
||||
this.noticeAt = noticeAt;
|
||||
this.deleteAt = deleteAt;
|
||||
this.creator = creator;
|
||||
this.comments = comments;
|
||||
this.comments = new ArrayList<>(comments);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -128,7 +128,7 @@ public class BoardService extends AbstractService {
|
||||
* @param boardNo 게시판 번호
|
||||
* @return Board 게시판 엔티티
|
||||
*/
|
||||
private Board findBoard(Integer boardNo) {
|
||||
private Board findBoard(Integer boardNo) throws EntityNotFoundException {
|
||||
return boardRepository.findById(boardNo)
|
||||
.orElseThrow(() -> new EntityNotFoundException(getMessage("valid.notexists.format", new Object[]{getMessage("board")})));
|
||||
}
|
||||
|
||||
@@ -125,7 +125,7 @@ public class CommentService extends AbstractService {
|
||||
* @param requestDto 댓글 등록 요청 DTO
|
||||
*/
|
||||
@Transactional
|
||||
public CommentResponseDto save(CommentSaveRequestDto requestDto) {
|
||||
public CommentResponseDto save(CommentSaveRequestDto requestDto) throws InvalidValueException {
|
||||
if (requestDto.getBoardNo() == null || requestDto.getPostsNo() == null) {
|
||||
throw new InvalidValueException(getMessage("err.invalid.input.value"));
|
||||
}
|
||||
@@ -225,7 +225,7 @@ public class CommentService extends AbstractService {
|
||||
* @param commentNo 댓글 번호
|
||||
* @return Comment 댓글 엔티티
|
||||
*/
|
||||
private Comment findComment(Integer boardNo, Integer postsNo, Integer commentNo) {
|
||||
private Comment findComment(Integer boardNo, Integer postsNo, Integer commentNo) throws InvalidValueException {
|
||||
if (boardNo == null || postsNo == null || commentNo == null) {
|
||||
throw new InvalidValueException(getMessage("err.invalid.input.value"));
|
||||
}
|
||||
@@ -252,7 +252,7 @@ public class CommentService extends AbstractService {
|
||||
* @param userId 사용자 id
|
||||
* @return Comment 댓글 엔티티
|
||||
*/
|
||||
private Comment findCommentByCreatedBy(Integer boardNo, Integer postsNo, Integer commentNo, String userId) {
|
||||
private Comment findCommentByCreatedBy(Integer boardNo, Integer postsNo, Integer commentNo, String userId) throws BusinessMessageException {
|
||||
if (userId == null) {
|
||||
throw new BusinessMessageException(getMessage("err.required.login")); // 로그인 후 다시 시도해주세요.
|
||||
}
|
||||
@@ -272,7 +272,7 @@ public class CommentService extends AbstractService {
|
||||
*
|
||||
* @param posts 게시물 엔티티
|
||||
*/
|
||||
private void checkEditableComment(Posts posts) {
|
||||
private void checkEditableComment(Posts posts) throws EntityNotFoundException, BusinessMessageException {
|
||||
Board board = posts.getBoard();
|
||||
if (board == null) {
|
||||
throw new EntityNotFoundException(getMessage("valid.notexists.format", new Object[]{getMessage("board")})); // 게시판이(가) 없습니다.
|
||||
|
||||
@@ -86,7 +86,7 @@ public class PostsService extends AbstractService {
|
||||
* @param postsCount 게시물 수
|
||||
* @return Map<Integer, BoardResponseDto> 최근 게시물이 포함된 게시판 상세 응답 DTO Map
|
||||
*/
|
||||
public Map<Integer, BoardResponseDto> findNewest(List<Integer> boardNos, Integer postsCount) {
|
||||
public Map<Integer, BoardResponseDto> findNewest(List<Integer> boardNos, Integer postsCount) throws InvalidValueException {
|
||||
if (boardNos == null || boardNos.isEmpty())
|
||||
throw new InvalidValueException(getMessage("err.invalid.input.value"));
|
||||
|
||||
@@ -133,7 +133,7 @@ public class PostsService extends AbstractService {
|
||||
* @return PostsResponseDto 게시물 응답 DTO
|
||||
*/
|
||||
@Transactional
|
||||
public PostsResponseDto findById(Integer boardNo, Integer postsNo, Integer deleteAt, String userId, String ipAddr, RequestDto requestDto) {
|
||||
public PostsResponseDto findById(Integer boardNo, Integer postsNo, Integer deleteAt, String userId, String ipAddr, RequestDto requestDto) throws EntityNotFoundException, BusinessMessageException {
|
||||
PostsResponseDto dto = postsRepository.findById(boardNo, postsNo, userId, ipAddr);
|
||||
|
||||
if (dto == null) {
|
||||
|
||||
Reference in New Issue
Block a user