Merge pull request #56 from IT-Cotato/fix/validate-club-member

Refactor: findClubMemberBySecurityContextHolder 메서드 clubId 파라미터 추가

src/main/java/com/cotato/squadus/api/post/controller/ClubPostCommentController.java

@@ -46,7 +46,7 @@ public ResponseEntity<ClubPostCommentCreateResponse> createClubPostComment(
     @Operation(summary = "동아리 공지 댓글 좋아요", description = "clubId, postId, commentId를 바탕으로 동아리 공지 댓글에 대한 좋아요를 1 증가시킵니다")
     public ResponseEntity<ClubPostCommentLikeResponse> increaseClubPostCommentLike(@PathVariable Long clubId, @PathVariable Long postId, @PathVariable Long commentId) {
         clubMemberService.validateClubMember(clubId);
-        ClubPostCommentLikeResponse clubPostCommentLikeResponse = clubPostCommentService.increaseClubPostCommentLike(commentId);
+        ClubPostCommentLikeResponse clubPostCommentLikeResponse = clubPostCommentService.increaseClubPostCommentLike(clubId, commentId);
         return ResponseEntity.ok(clubPostCommentLikeResponse);
     }
 }

src/main/java/com/cotato/squadus/api/post/controller/ClubPostController.java

@@ -60,7 +60,7 @@ public ResponseEntity<ClubPostCreateResponse> createClubPost(@PathVariable Long
     @Operation(summary = "동아리 공지 좋아요 증가", description = "postId를 바탕으로 동아리 공지의 좋아요를 1 증가시킵니다")
     public ResponseEntity<ClubPostLikesResponse> increaseClubPostLikes(@PathVariable Long clubId, @PathVariable Long postId) {
 //        clubMemberService.validateClubMember(clubId);
-        ClubPostLikesResponse clubPostLikesResponse = clubPostService.increaseClubPostLikes(postId);
+        ClubPostLikesResponse clubPostLikesResponse = clubPostService.increaseClubPostLikes(clubId, postId);
         log.info("동아리 공지 좋아요, likes: {} ", clubPostLikesResponse);
         return ResponseEntity.ok(clubPostLikesResponse);
     }

src/main/java/com/cotato/squadus/domain/auth/service/ClubMemberService.java

@@ -32,17 +32,17 @@ public ClubMember saveClubMember(ClubMember clubMember) {
 
     // 임시 세션 정보를 통해 회원이 속한 동아리인지 검증
     public void validateClubMember(Long clubId) {
-        ClubMember clubMember = findClubMemberBySecurityContextHolder();
+        ClubMember clubMember = findClubMemberBySecurityContextHolder(clubId);
         log.info("현재 로그인 된 회원의 clubId: {} ", clubMember.getClub().getClubId());
         if(!clubMember.getClub().getClubId().equals(clubId)) {
             throw new AppException(ErrorCode.CLUB_ACCESS_DENIED);
         }
     }
 
-     public ClubMember findClubMemberBySecurityContextHolder() {
+     public ClubMember findClubMemberBySecurityContextHolder(Long clubId) {
         CustomOAuth2Member oAuth2Member = (CustomOAuth2Member) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
         Member member = memberService.findMemberByUniqueId(oAuth2Member.getUniqueId());
-        ClubMember clubMember = clubMemberRepository.findClubMemberByMember_MemberIdx(member.getMemberIdx())
+        ClubMember clubMember = clubMemberRepository.findClubMemberByMember_MemberIdxAndClub_ClubId(member.getMemberIdx(), clubId)
                 .orElseThrow(() -> new EntityNotFoundException("해당 회원 고유번호를 가진 동아리 회원을 찾을 수 없습니다."));
         return clubMember;
     }

src/main/java/com/cotato/squadus/domain/club/admin/service/ClubAdminService.java

@@ -61,7 +61,7 @@ private void updateClubInfo(Long clubId, ClubMember clubMember) {
     }
 
     public void validateAdminMember(Long clubId) {
-        ClubMember clubMember = clubMemberService.findClubMemberBySecurityContextHolder();
+        ClubMember clubMember = clubMemberService.findClubMemberBySecurityContextHolder(clubId);
         if (!clubMember.getMemberType().equals(MemberType.ADMIN)) {
             throw new AppException(ErrorCode.MEMBER_TYPE_IS_NOT_ADMIN);
         }

src/main/java/com/cotato/squadus/domain/club/common/repository/ClubMemberRepository.java

@@ -7,5 +7,6 @@
 
 public interface ClubMemberRepository extends JpaRepository<ClubMember, Long> {
 
-    Optional<ClubMember> findClubMemberByMember_MemberIdx(Long idx);
+    Optional<ClubMember> findClubMemberByMember_MemberIdxAndClub_ClubId(Long memberIdx, Long clubId);
+
 }

src/main/java/com/cotato/squadus/domain/club/post/service/ClubPostCommentService.java

@@ -39,11 +39,11 @@ public List<ClubPostCommentResponse> findAllClubPostComments(Long postId) {
     }
 
     @Transactional
-    public ClubPostCommentLikeResponse increaseClubPostCommentLike(Long commentId) {
-        if(isClubPostCommentAuthor(commentId)) {
+    public ClubPostCommentLikeResponse increaseClubPostCommentLike(Long clubId, Long commentId) {
+        if(isClubPostCommentAuthor(clubId, commentId)) {
             throw new AppException(ErrorCode.CLUB_POST_COMMENT_AUTHOR);
         }
-        ClubMember clubMember = clubMemberService.findClubMemberBySecurityContextHolder();
+//        ClubMember clubMember = clubMemberService.findClubMemberBySecurityContextHolder();
 
         ClubPostComment clubPostComment = clubPostCommentRepository.findById(commentId)
                 .orElseThrow(() -> new EntityNotFoundException("해당 아이디를 가진 댓글이 존재하지 않습니다."));
@@ -58,7 +58,7 @@ public ClubPostCommentCreateResponse createClubPostComment(Long clubId, Long pos
         ClubPost clubPost = clubPostRepository.findByPostId(postId)
                 .orElseThrow(() -> new EntityNotFoundException("해당 아이디를 가진 동아리 공지가 존재하지 않습니다"));
 
-        ClubMember clubMember = clubMemberService.findClubMemberBySecurityContextHolder();
+        ClubMember clubMember = clubMemberService.findClubMemberBySecurityContextHolder(clubId);
 
         ClubPostComment clubPostComment = ClubPostComment.builder()
                 .content(clubPostCommentCreateRequest.content())
@@ -72,8 +72,8 @@ public ClubPostCommentCreateResponse createClubPostComment(Long clubId, Long pos
 
     }
 
-    private Boolean isClubPostCommentAuthor(Long postId) {
-        Long clubMemberId = clubMemberService.findClubMemberBySecurityContextHolder().getClubMemberIdx();
+    private Boolean isClubPostCommentAuthor(Long clubId, Long postId) {
+        Long clubMemberId = clubMemberService.findClubMemberBySecurityContextHolder(clubId).getClubMemberIdx();
         ClubPostComment clubPostComment = clubPostCommentRepository.findById(postId)
                 .orElseThrow(() -> new EntityNotFoundException("해당 아이디를 가진 동아리 공지 댓글이 존재하지 않습니다."));
         Long clubMemberIdFromComment = clubPostComment.getClubMember().getClubMemberIdx();

src/main/java/com/cotato/squadus/domain/club/post/service/ClubPostService.java

@@ -73,8 +73,8 @@ public ClubPostCreateResponse createClubPost(Long clubId, ClubPostCreateRequest
     }
 
     @Transactional
-    public ClubPostLikesResponse increaseClubPostLikes(Long postId) {
-        if(isClubPostAuthor(postId)) {
+    public ClubPostLikesResponse increaseClubPostLikes(Long clubId, Long postId) {
+        if(isClubPostAuthor(clubId, postId)) {
             throw new AppException(ErrorCode.CLUB_POST_AUTHOR);
         }
         ClubPost clubPost = clubPostRepository.findByPostId(postId)
@@ -84,8 +84,8 @@ public ClubPostLikesResponse increaseClubPostLikes(Long postId) {
         return new ClubPostLikesResponse(updated.getLikes());
     }
 
-    private Boolean isClubPostAuthor(Long postId) {
-        Long clubMemberId = clubMemberService.findClubMemberBySecurityContextHolder().getClubMemberIdx();
+    private Boolean isClubPostAuthor(Long clubId, Long postId) {
+        Long clubMemberId = clubMemberService.findClubMemberBySecurityContextHolder(clubId).getClubMemberIdx();
         ClubPost clubPost = clubPostRepository.findById(postId)
                 .orElseThrow(() -> new EntityNotFoundException("해당 아이디를 가진 동아리 공지가 존재하지 않습니다."));
         Long clubMemberIdFromClubPost = clubPost.getAuthor().getClubMemberIdx();