BCSDLab · songsunkook · Apr 7, 2024 · Apr 7, 2024 · Apr 7, 2024 · Choon0414
diff --git a/src/main/java/in/koreatech/koin/domain/user/controller/UserApi.java b/src/main/java/in/koreatech/koin/domain/user/controller/UserApi.java
@@ -12,6 +12,7 @@
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 
+import in.koreatech.koin.domain.user.dto.AuthResponse;
 import in.koreatech.koin.domain.user.dto.EmailCheckExistsRequest;
 import in.koreatech.koin.domain.user.dto.NicknameCheckExistsRequest;
 import in.koreatech.koin.domain.user.dto.StudentResponse;
@@ -154,4 +155,19 @@ ResponseEntity<Void> checkDuplicationOfNickname(
         @ModelAttribute("nickname")
         @Valid NicknameCheckExistsRequest request
     );
+
+    @ApiResponses(
+        value = {
+            @ApiResponse(responseCode = "200"),
+            @ApiResponse(responseCode = "400", content = @Content(schema = @Schema(hidden = true))),
+            @ApiResponse(responseCode = "401", content = @Content(schema = @Schema(hidden = true))),
+            @ApiResponse(responseCode = "403", content = @Content(schema = @Schema(hidden = true))),
+            @ApiResponse(responseCode = "404", content = @Content(schema = @Schema(hidden = true)))
+        }
+    )
+    @Operation(summary = "사용자 권한 조회")
+    @GetMapping("/user/auth")
+    ResponseEntity<AuthResponse> getAuth(
+        @Auth(permit = {STUDENT, OWNER, COOP}) Long userId
+    );
 }
diff --git a/src/main/java/in/koreatech/koin/domain/user/controller/UserController.java b/src/main/java/in/koreatech/koin/domain/user/controller/UserController.java
@@ -15,6 +15,7 @@
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 
+import in.koreatech.koin.domain.user.dto.AuthResponse;
 import in.koreatech.koin.domain.user.dto.EmailCheckExistsRequest;
 import in.koreatech.koin.domain.user.dto.NicknameCheckExistsRequest;
 import in.koreatech.koin.domain.user.dto.StudentResponse;
@@ -104,4 +105,12 @@ public ResponseEntity<Void> checkDuplicationOfNickname(
         userService.checkUserNickname(request);
         return ResponseEntity.ok().build();
     }
+
+    @GetMapping("/user/auth")
+    public ResponseEntity<AuthResponse> getAuth(
+        @Auth(permit = {STUDENT, OWNER, COOP}) Long userId
+    ) {
+        AuthResponse authResponse = userService.getAuth(userId);
+        return ResponseEntity.ok().body(authResponse);
+    }
 }
diff --git a/src/main/java/in/koreatech/koin/domain/user/dto/AuthResponse.java b/src/main/java/in/koreatech/koin/domain/user/dto/AuthResponse.java
@@ -0,0 +1,18 @@
+package in.koreatech.koin.domain.user.dto;
+
+import com.fasterxml.jackson.databind.PropertyNamingStrategies.SnakeCaseStrategy;
+import com.fasterxml.jackson.databind.annotation.JsonNaming;
+
+import in.koreatech.koin.domain.user.model.User;
+import io.swagger.v3.oas.annotations.media.Schema;
+
+@JsonNaming(SnakeCaseStrategy.class)
+public record AuthResponse(
+    @Schema(description = "사용자 권한 타입", example = "STUDENT")
+    String userType
+) {
+
+    public static AuthResponse from(User user) {
+        return new AuthResponse(user.getUserType().getValue());
+    }
+}
diff --git a/src/main/java/in/koreatech/koin/domain/user/service/UserService.java b/src/main/java/in/koreatech/koin/domain/user/service/UserService.java
@@ -8,6 +8,7 @@
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import in.koreatech.koin.domain.user.dto.AuthResponse;
 import in.koreatech.koin.domain.user.dto.EmailCheckExistsRequest;
 import in.koreatech.koin.domain.user.dto.NicknameCheckExistsRequest;
 import in.koreatech.koin.domain.user.dto.UserLoginRequest;
@@ -92,4 +93,9 @@ public void checkUserNickname(NicknameCheckExistsRequest request) {
             throw DuplicationEmailException.withDetail("nickname: " + request.nickname());
         });
     }
+
+    public AuthResponse getAuth(Long userId) {
+        User user = userRepository.getById(userId);
+        return AuthResponse.from(user);
+    }
 }
diff --git a/src/test/java/in/koreatech/koin/acceptance/UserApiTest.java b/src/test/java/in/koreatech/koin/acceptance/UserApiTest.java
@@ -658,4 +658,49 @@ void checkDuplicationOfNicknameBadRequest() {
             .statusCode(HttpStatus.BAD_REQUEST.value())
             .extract();
     }
+
+    @Test
+    @DisplayName("로그인된 사용자의 권한을 조회한다.")
+    void getAuth() {
+        Student student = Student.builder()
+            .studentNumber("2019136135")
+            .anonymousNickname("익명")
+            .department("컴퓨터공학부")
+            .userIdentity(UserIdentity.UNDERGRADUATE)
+            .isGraduated(false)
+            .user(
+                User.builder()
+                    .password("1234")
+                    .nickname("주노")
+                    .name("최준호")
+                    .phoneNumber("010-1234-5678")
+                    .userType(STUDENT)
+                    .gender(UserGender.MAN)
+                    .email("test@koreatech.ac.kr")
+                    .isAuthed(true)
+                    .isDeleted(false)
+                    .build()
+            )
+            .build();
+
+        studentRepository.save(student);
+        String token = jwtProvider.createToken(student.getUser());
+
+        ExtractableResponse<Response> response = RestAssured
+            .given()
+            .header("Authorization", "Bearer " + token)
+            .when()
+            .get("/user/auth")
+            .then()
+            .statusCode(HttpStatus.OK.value())
+            .extract();
+
+        User user = student.getUser();
+
+        assertSoftly(
+            softly -> {
+                softly.assertThat(response.body().jsonPath().getString("user_type")).isEqualTo(user.getUserType().getValue());
+            }
+        );
+    }
 }