Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

pr Feat/40 newsletter delete admin #194

Merged
merged 8 commits into from
Sep 2, 2024
Original file line number Diff line number Diff line change
Expand Up @@ -368,4 +368,16 @@ public class NewsletterResponseConstant {
}
}
""";

public static final String DELETE_NEWSLETTER = """
{
"time": "2024-08-27T21:28:04.247031",
"status": 200,
"code": "200",
"message": "요청에 성공하였습니다.",
"result": {
"message": "Newsletter Type의 1번째 게시글을(를) 삭제했습니다."
}
}
""";
}
Original file line number Diff line number Diff line change
Expand Up @@ -21,15 +21,7 @@
import org.springframework.data.domain.Pageable;
import org.springframework.http.MediaType;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.*;

@Tag(name = "Newsletter Post", description = "뉴스레터 게시판 API입니다.")
@RequiredArgsConstructor
Expand Down Expand Up @@ -175,4 +167,22 @@ public SuccessResponse<Message> cancelScrap(final @PathVariable Long postId) {
Message message = newsletterPostService.cancelScrap(postId);
return new SuccessResponse<>(message);
}


/* DELETE */
@Operation(summary = "뉴스레터 게시글 삭제", description = "뉴스레터 ID에 해당하는 게시글을 삭제합니다.")
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "뉴스레터 게시글 삭제 성공",
content = @Content(
mediaType = MediaType.APPLICATION_JSON_VALUE,
schema = @Schema(implementation = SuccessResponse.class),
examples = @ExampleObject(
name = "SuccessResponse",
value = NewsletterResponseConstant.DELETE_NEWSLETTER,
description = "뉴스레터가 삭제되었습니다."
)))})
@DeleteMapping("/{postId}")
public SuccessResponse<Message> delete(final @PathVariable Long postId) {
return new SuccessResponse<>(newsletterPostService.delete(postId));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

import static com.api.ttoklip.global.util.SecurityUtil.getCurrentMember;

import com.api.ttoklip.domain.member.domain.Role;
import com.api.ttoklip.domain.newsletter.post.domain.Newsletter;
import com.api.ttoklip.domain.newsletter.post.repository.NewsletterRepository;
import com.api.ttoklip.global.exception.ApiException;
Expand All @@ -12,6 +13,7 @@
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.multipart.MultipartFile;
import com.api.ttoklip.domain.member.domain.Member;

@Service
@RequiredArgsConstructor
Expand Down Expand Up @@ -39,5 +41,13 @@ public void checkEditPermission(final Newsletter newsletter) {
}
}

public void checkManagerPermission(final Newsletter newsletter) {
Member currentMember = getCurrentMember();

if (!currentMember.getRole().equals(Role.MANAGER)) {
throw new ApiException(ErrorType.UNAUTHORIZED_DELETE_POST);
}
}

/* -------------------------------------------- COMMON 끝 -------------------------------------------- */
}
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,21 @@ private List<String> uploadImages(final List<MultipartFile> uploadImages) {

/* -------------------------------------------- CREATE 끝 -------------------------------------------- */


/* -------------------------------------------- DELETE -------------------------------------------- */
@Transactional
public Message delete(final Long postId) {
Newsletter newsletter = newsletterCommonService.getNewsletter(postId);

newsletterCommonService.checkManagerPermission(newsletter);
newsletter.deactivate();

return Message.deletePostSuccess(Newsletter.class, postId);
}

/* -------------------------------------------- DELETE 끝 -------------------------------------------- */


private void registerUrls(final Newsletter newsletter, final List<String> urls) {
urls.forEach(url -> urlService.register(newsletter, url));
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,10 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
HttpMethod.POST, "/api/v1/newsletter/posts"
)
.hasAnyRole(Role.MANAGER.name())
// .requestMatchers(
// HttpMethod.DELETE, "/api/v1/newsletter/posts/{postId}"
// )
// .hasAnyRole(Role.MANAGER.name())
.anyRequest().authenticated());
// http.exceptionHandling(e -> e.accessDeniedHandler(tokenErrorHandler));
http.exceptionHandling()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,7 @@ public enum ErrorType {
UNAUTHORIZED_EDIT_POST(FORBIDDEN, "AUTH_4031", "게시글의 작성자만 수정할 수 있습니다."),
UNAUTHORIZED_DELETE_COMMENT(FORBIDDEN, "AUTH_4032", "댓글의 작성자만 삭제할 수 있습니다."),
UNAUTHORIZED_CANCEL_LIKE(FORBIDDEN, "AUTH_4033", "좋아요한 사용자만 본인의 좋아요를 취소할 수 있습니다."),
UNAUTHORIZED_DELETE_POST(FORBIDDEN, "AUTH_4034", "이 게시글은 관리자만 삭제할 수 있습니다."),


// ------------------------------------------ Privacy ------------------------------------------
Expand Down