diff --git a/build.gradle b/build.gradle index 91cc2e77d..deefc611b 100644 --- a/build.gradle +++ b/build.gradle @@ -68,6 +68,9 @@ dependencies { implementation 'org.hibernate.validator:hibernate-validator' implementation 'com.amazonaws:aws-java-sdk-s3:1.12.782' implementation 'org.springframework.boot:spring-boot-starter-websocket' + + // Database Proxy + implementation 'net.ttddyy.observation:datasource-micrometer:1.2.0' } tasks.named('test', Test) { diff --git a/src/main/java/com/example/solidconnection/admin/controller/AdminUserBanController.java b/src/main/java/com/example/solidconnection/admin/controller/AdminUserBanController.java new file mode 100644 index 000000000..f0a699b13 --- /dev/null +++ b/src/main/java/com/example/solidconnection/admin/controller/AdminUserBanController.java @@ -0,0 +1,42 @@ +package com.example.solidconnection.admin.controller; + +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.PatchMapping; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import com.example.solidconnection.admin.dto.UserBanRequest; +import com.example.solidconnection.admin.service.AdminUserBanService; +import com.example.solidconnection.common.resolver.AuthorizedUser; + +import jakarta.validation.Valid; +import lombok.RequiredArgsConstructor; + +@RequiredArgsConstructor +@RequestMapping("/admin/users") +@RestController +public class AdminUserBanController { + private final AdminUserBanService adminUserBanService; + + @PostMapping("/{user-id}/ban") + public ResponseEntity banUser( + @AuthorizedUser long adminId, + @PathVariable(name = "user-id") long userId, + @Valid @RequestBody UserBanRequest request + ) { + adminUserBanService.banUser(userId, adminId, request); + return ResponseEntity.ok().build(); + } + + @PatchMapping("/{user-id}/unban") + public ResponseEntity unbanUser( + @AuthorizedUser long adminId, + @PathVariable(name = "user-id") long userId + ) { + adminUserBanService.unbanUser(userId, adminId); + return ResponseEntity.ok().build(); + } +} diff --git a/src/main/java/com/example/solidconnection/admin/dto/UserBanRequest.java b/src/main/java/com/example/solidconnection/admin/dto/UserBanRequest.java new file mode 100644 index 000000000..eaf57df20 --- /dev/null +++ b/src/main/java/com/example/solidconnection/admin/dto/UserBanRequest.java @@ -0,0 +1,11 @@ +package com.example.solidconnection.admin.dto; + +import com.example.solidconnection.siteuser.domain.UserBanDuration; + +import jakarta.validation.constraints.NotNull; + +public record UserBanRequest( + @NotNull(message = "차단 기간을 입력해주세요.") + UserBanDuration duration +) { +} diff --git a/src/main/java/com/example/solidconnection/admin/service/AdminUserBanService.java b/src/main/java/com/example/solidconnection/admin/service/AdminUserBanService.java new file mode 100644 index 000000000..1f775acc8 --- /dev/null +++ b/src/main/java/com/example/solidconnection/admin/service/AdminUserBanService.java @@ -0,0 +1,113 @@ +package com.example.solidconnection.admin.service; + +import static java.time.ZoneOffset.UTC; + +import com.example.solidconnection.admin.dto.UserBanRequest; +import com.example.solidconnection.chat.repository.ChatMessageRepository; +import com.example.solidconnection.common.exception.CustomException; +import com.example.solidconnection.common.exception.ErrorCode; +import com.example.solidconnection.community.post.repository.PostRepository; +import com.example.solidconnection.report.repository.ReportRepository; +import com.example.solidconnection.siteuser.domain.SiteUser; +import com.example.solidconnection.siteuser.domain.UserBan; +import com.example.solidconnection.siteuser.domain.UserStatus; +import com.example.solidconnection.siteuser.repository.SiteUserRepository; +import com.example.solidconnection.siteuser.repository.UserBanRepository; +import java.time.ZonedDateTime; +import java.util.List; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.scheduling.annotation.Scheduled; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; + +@Slf4j +@RequiredArgsConstructor +@Service +public class AdminUserBanService { + + private final UserBanRepository userBanRepository; + private final ReportRepository reportRepository; + private final SiteUserRepository siteUserRepository; + private final PostRepository postRepository; + private final ChatMessageRepository chatMessageRepository; + + @Transactional + public void banUser(long userId, long adminId, UserBanRequest request) { + SiteUser user = siteUserRepository.findById(userId) + .orElseThrow(() -> new CustomException(ErrorCode.USER_NOT_FOUND)); + validateNotAlreadyBanned(userId); + validateReportExists(userId); + + user.updateUserStatus(UserStatus.BANNED); + updateReportedContentIsDeleted(userId, true); + createUserBan(userId, adminId, request); + } + + private void validateNotAlreadyBanned(long userId) { + if (userBanRepository.existsByBannedUserIdAndIsExpiredFalseAndExpiredAtAfter(userId, ZonedDateTime.now(UTC))) { + throw new CustomException(ErrorCode.ALREADY_BANNED_USER); + } + } + + private void validateReportExists(long userId) { + if (!reportRepository.existsByReportedId(userId)) { + throw new CustomException(ErrorCode.REPORT_NOT_FOUND); + } + } + + private void updateReportedContentIsDeleted(long userId, boolean isDeleted) { + postRepository.updateReportedPostsIsDeleted(userId, isDeleted); + chatMessageRepository.updateReportedChatMessagesIsDeleted(userId, isDeleted); + } + + private void createUserBan(long userId, long adminId, UserBanRequest request) { + ZonedDateTime now = ZonedDateTime.now(UTC); + ZonedDateTime expiredAt = now.plusDays(request.duration().getDays()); + UserBan userBan = new UserBan(userId, adminId, request.duration(), expiredAt); + userBanRepository.save(userBan); + } + + @Transactional + public void unbanUser(long userId, long adminId) { + SiteUser user = siteUserRepository.findById(userId) + .orElseThrow(() -> new CustomException(ErrorCode.USER_NOT_FOUND)); + UserBan userBan = findActiveBan(userId); + userBan.manuallyUnban(adminId); + + user.updateUserStatus(UserStatus.REPORTED); + updateReportedContentIsDeleted(userId, false); + } + + private UserBan findActiveBan(long userId) { + return userBanRepository + .findByBannedUserIdAndIsExpiredFalseAndExpiredAtAfter(userId, ZonedDateTime.now(UTC)) + .orElseThrow(() -> new CustomException(ErrorCode.NOT_BANNED_USER)); + } + + @Transactional + @Scheduled(cron = "0 0 0 * * *") + public void expireUserBans() { + try { + ZonedDateTime now = ZonedDateTime.now(UTC); + List expiredUserIds = userBanRepository.findExpiredBannedUserIds(now); + + if (expiredUserIds.isEmpty()) { + return; + } + + userBanRepository.bulkExpireUserBans(now); + siteUserRepository.bulkUpdateUserStatus(expiredUserIds, UserStatus.REPORTED); + bulkUpdateReportedContentIsDeleted(expiredUserIds); + log.info("Finished processing expired blocks:: userIds={}", expiredUserIds); + } catch (Exception e) { + log.error("Failed to process expired blocks", e); + } + } + + private void bulkUpdateReportedContentIsDeleted(List expiredUserIds) { + postRepository.bulkUpdateReportedPostsIsDeleted(expiredUserIds, false); + chatMessageRepository.bulkUpdateReportedChatMessagesIsDeleted(expiredUserIds, false); + } + +} diff --git a/src/main/java/com/example/solidconnection/auth/dto/SignUpRequest.java b/src/main/java/com/example/solidconnection/auth/dto/SignUpRequest.java index bafb9b4c8..81991fd90 100644 --- a/src/main/java/com/example/solidconnection/auth/dto/SignUpRequest.java +++ b/src/main/java/com/example/solidconnection/auth/dto/SignUpRequest.java @@ -1,9 +1,6 @@ package com.example.solidconnection.auth.dto; -import com.example.solidconnection.siteuser.domain.AuthType; import com.example.solidconnection.siteuser.domain.ExchangeStatus; -import com.example.solidconnection.siteuser.domain.Role; -import com.example.solidconnection.siteuser.domain.SiteUser; import com.fasterxml.jackson.annotation.JsonProperty; import jakarta.validation.constraints.NotBlank; import java.util.List; @@ -20,27 +17,4 @@ public record SignUpRequest( @NotBlank(message = "닉네임을 입력해주세요.") String nickname) { - - public SiteUser toOAuthSiteUser(String email, AuthType authType) { - return new SiteUser( - email, - this.nickname, - this.profileImageUrl, - this.exchangeStatus, - Role.MENTEE, - authType - ); - } - - public SiteUser toEmailSiteUser(String email, String encodedPassword) { - return new SiteUser( - email, - this.nickname, - this.profileImageUrl, - this.exchangeStatus, - Role.MENTEE, - AuthType.EMAIL, - encodedPassword - ); - } } diff --git a/src/main/java/com/example/solidconnection/auth/service/signup/SignUpService.java b/src/main/java/com/example/solidconnection/auth/service/signup/SignUpService.java index 86415d913..8f814be4a 100644 --- a/src/main/java/com/example/solidconnection/auth/service/signup/SignUpService.java +++ b/src/main/java/com/example/solidconnection/auth/service/signup/SignUpService.java @@ -13,6 +13,7 @@ import com.example.solidconnection.siteuser.domain.AuthType; import com.example.solidconnection.siteuser.domain.Role; import com.example.solidconnection.siteuser.domain.SiteUser; +import com.example.solidconnection.siteuser.domain.UserStatus; import com.example.solidconnection.siteuser.repository.SiteUserRepository; import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; @@ -56,7 +57,8 @@ public SignInResponse signUp(SignUpRequest signUpRequest) { signUpRequest.exchangeStatus(), Role.MENTEE, authType, - password + password, + UserStatus.ACTIVE )); // 관심 지역, 국가 저장 diff --git a/src/main/java/com/example/solidconnection/chat/domain/ChatMessage.java b/src/main/java/com/example/solidconnection/chat/domain/ChatMessage.java index aa7369451..f2ec4d820 100644 --- a/src/main/java/com/example/solidconnection/chat/domain/ChatMessage.java +++ b/src/main/java/com/example/solidconnection/chat/domain/ChatMessage.java @@ -15,10 +15,12 @@ import lombok.AccessLevel; import lombok.Getter; import lombok.NoArgsConstructor; +import org.hibernate.annotations.Where; @Entity @Getter @NoArgsConstructor(access = AccessLevel.PROTECTED) +@Where(clause = "is_deleted = false") public class ChatMessage extends BaseEntity { @Id @@ -33,6 +35,9 @@ public class ChatMessage extends BaseEntity { @ManyToOne(fetch = FetchType.LAZY) private ChatRoom chatRoom; + @Column(name = "is_deleted", columnDefinition = "boolean default false", nullable = false) + private boolean isDeleted = false; + @OneToMany(mappedBy = "chatMessage", cascade = CascadeType.ALL, orphanRemoval = true) private final List chatAttachments = new ArrayList<>(); diff --git a/src/main/java/com/example/solidconnection/chat/repository/ChatMessageRepository.java b/src/main/java/com/example/solidconnection/chat/repository/ChatMessageRepository.java index e27e3e86d..ae81a3341 100644 --- a/src/main/java/com/example/solidconnection/chat/repository/ChatMessageRepository.java +++ b/src/main/java/com/example/solidconnection/chat/repository/ChatMessageRepository.java @@ -6,6 +6,7 @@ import org.springframework.data.domain.Pageable; import org.springframework.data.domain.Slice; import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Modifying; import org.springframework.data.jpa.repository.Query; import org.springframework.data.repository.query.Param; @@ -48,4 +49,20 @@ SELECT MAX(cm2.id) GROUP BY cm.chatRoom.id """) List countUnreadMessagesBatch(@Param("chatRoomIds") List chatRoomIds, @Param("userId") long userId); + + @Modifying(clearAutomatically = true, flushAutomatically = true) + @Query(value = """ + UPDATE chat_message cm SET cm.is_deleted = :isDeleted + WHERE cm.id IN (SELECT r.target_id FROM report r WHERE r.target_type = 'CHAT') + AND cm.sender_id IN (SELECT cp.id FROM chat_participant cp WHERE cp.site_user_id = :siteUserId) + """, nativeQuery = true) + void updateReportedChatMessagesIsDeleted(@Param("siteUserId") long siteUserId, @Param("isDeleted") boolean isDeleted); + + @Modifying(clearAutomatically = true, flushAutomatically = true) + @Query(value = """ + UPDATE chat_message cm SET cm.is_deleted = :isDeleted + WHERE cm.id IN (SELECT r.target_id FROM report r WHERE r.target_type = 'CHAT') + AND cm.sender_id IN (SELECT cp.id FROM chat_participant cp WHERE cp.site_user_id IN :siteUserIds) + """, nativeQuery = true) + void bulkUpdateReportedChatMessagesIsDeleted(@Param("siteUserIds") List siteUserIds, @Param("isDeleted") boolean isDeleted); } diff --git a/src/main/java/com/example/solidconnection/common/config/datasource/DataSourceConfig.java b/src/main/java/com/example/solidconnection/common/config/datasource/DataSourceConfig.java new file mode 100644 index 000000000..338208df8 --- /dev/null +++ b/src/main/java/com/example/solidconnection/common/config/datasource/DataSourceConfig.java @@ -0,0 +1,69 @@ +package com.example.solidconnection.common.config.datasource; + +import com.example.solidconnection.common.listener.QueryMetricsListener; +import com.zaxxer.hikari.HikariDataSource; +import javax.sql.DataSource; +import lombok.RequiredArgsConstructor; +import net.ttddyy.dsproxy.support.ProxyDataSourceBuilder; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.autoconfigure.flyway.FlywayDataSource; +import org.springframework.boot.autoconfigure.jdbc.DataSourceProperties; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Primary; + +@RequiredArgsConstructor +@Configuration +public class DataSourceConfig { + + private final QueryMetricsListener queryMetricsListener; + + // Driver + public static final String FLYWAY_MYSQL_DRIVER = "com.mysql.cj.jdbc.Driver"; + + // Pool Name + public static final String FLYWAY_POOL_NAME = "FlywayPool"; + + // Connection Pool Settings + public static final int FLYWAY_MINIMUM_IDLE = 0; // 유휴 커넥션을 0으로 설정하면 사용하지 않을 때 커넥션을 즉시 반납 + public static final int FLYWAY_MAXIMUM_POOL_SIZE = 2; + public static final long FLYWAY_CONNECTION_TIMEOUT = 10000L; + public static final long FLYWAY_IDLE_TIMEOUT = 60000L; // 1분 + public static final long FLYWAY_MAX_LIFETIME = 300000L; // 5분 + + @Bean + @Primary + public DataSource proxyDataSource(DataSourceProperties props) { + DataSource dataSource = props.initializeDataSourceBuilder().build(); + + return ProxyDataSourceBuilder + .create(dataSource) + .listener(queryMetricsListener) + .name("main") + .build(); + } + + // Flyway 전용 DataSource (Proxy 미적용) + @Bean + @FlywayDataSource + public DataSource flywayDataSource( + @Value("${spring.datasource.url}") String url, + @Value("${spring.flyway.user:${spring.datasource.username}}") String username, + @Value("${spring.flyway.password:${spring.datasource.password}}") String password + ) { + HikariDataSource dataSource = new HikariDataSource(); + dataSource.setJdbcUrl(url); + dataSource.setUsername(username); + dataSource.setPassword(password); + dataSource.setDriverClassName(FLYWAY_MYSQL_DRIVER); + dataSource.setPoolName(FLYWAY_POOL_NAME); + + dataSource.setMinimumIdle(FLYWAY_MINIMUM_IDLE); + dataSource.setMaximumPoolSize(FLYWAY_MAXIMUM_POOL_SIZE); + dataSource.setConnectionTimeout(FLYWAY_CONNECTION_TIMEOUT); + dataSource.setIdleTimeout(FLYWAY_IDLE_TIMEOUT); // 1분으로 단축 + dataSource.setMaxLifetime(FLYWAY_MAX_LIFETIME); // 최대 5분 + + return dataSource; + } +} diff --git a/src/main/java/com/example/solidconnection/common/config/web/WebMvcConfig.java b/src/main/java/com/example/solidconnection/common/config/web/WebMvcConfig.java index 56bb288e8..1d99274db 100644 --- a/src/main/java/com/example/solidconnection/common/config/web/WebMvcConfig.java +++ b/src/main/java/com/example/solidconnection/common/config/web/WebMvcConfig.java @@ -1,11 +1,19 @@ package com.example.solidconnection.common.config.web; +import com.example.solidconnection.common.interceptor.BannedUserInterceptor; +import com.example.solidconnection.common.filter.HttpLoggingFilter; +import com.example.solidconnection.common.interceptor.ApiPerformanceInterceptor; +import com.example.solidconnection.common.interceptor.RequestContextInterceptor; import com.example.solidconnection.common.resolver.AuthorizedUserResolver; import com.example.solidconnection.common.resolver.CustomPageableHandlerMethodArgumentResolver; import java.util.List; import lombok.RequiredArgsConstructor; +import org.springframework.boot.web.servlet.FilterRegistrationBean; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.core.Ordered; import org.springframework.web.method.support.HandlerMethodArgumentResolver; +import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration @@ -14,6 +22,10 @@ public class WebMvcConfig implements WebMvcConfigurer { private final AuthorizedUserResolver authorizedUserResolver; private final CustomPageableHandlerMethodArgumentResolver customPageableHandlerMethodArgumentResolver; + private final BannedUserInterceptor bannedUserInterceptor; + private final HttpLoggingFilter httpLoggingFilter; + private final ApiPerformanceInterceptor apiPerformanceInterceptor; + private final RequestContextInterceptor requestContextInterceptor; @Override public void addArgumentResolvers(List resolvers) { @@ -22,4 +34,26 @@ public void addArgumentResolvers(List resolvers) customPageableHandlerMethodArgumentResolver )); } + + @Override + public void addInterceptors(InterceptorRegistry registry){ + registry.addInterceptor(apiPerformanceInterceptor) + .addPathPatterns("/**") + .excludePathPatterns("/actuator/**"); + + registry.addInterceptor(requestContextInterceptor) + .addPathPatterns("/**") + .excludePathPatterns("/actuator/**"); + + registry.addInterceptor(bannedUserInterceptor) + .addPathPatterns("/posts/**", "/comments/**", "/chats/**", "/boards/**"); + } + + @Bean + public FilterRegistrationBean customHttpLoggingFilter() { + FilterRegistrationBean filterBean = new FilterRegistrationBean<>(); + filterBean.setFilter(httpLoggingFilter); + filterBean.setOrder(Ordered.HIGHEST_PRECEDENCE); + return filterBean; + } } diff --git a/src/main/java/com/example/solidconnection/common/exception/ErrorCode.java b/src/main/java/com/example/solidconnection/common/exception/ErrorCode.java index 07141979b..d00ce52b3 100644 --- a/src/main/java/com/example/solidconnection/common/exception/ErrorCode.java +++ b/src/main/java/com/example/solidconnection/common/exception/ErrorCode.java @@ -53,6 +53,7 @@ public enum ErrorCode { TERM_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "존재하지 않는 학기입니다."), CURRENT_TERM_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "현재 학기를 찾을 수 없습니다."), MENTOR_APPLICATION_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "멘토 지원서가 존재하지 않습니다."), + REPORT_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "신고 내역이 존재하지 않습니다."), // auth USER_ALREADY_SIGN_OUT(HttpStatus.UNAUTHORIZED.value(), "로그아웃 되었습니다."), @@ -150,6 +151,11 @@ public enum ErrorCode { // chat INVALID_CHAT_ROOM_STATE(HttpStatus.BAD_REQUEST.value(), "잘못된 채팅방 상태입니다."), + // ban + ALREADY_BANNED_USER(HttpStatus.CONFLICT.value(), "이미 차단된 사용자입니다."), + NOT_BANNED_USER(HttpStatus.BAD_REQUEST.value(), "차단되지 않은 사용자입니다."), + BANNED_USER_ACCESS_DENIED(HttpStatus.FORBIDDEN.value(), "차단된 사용자는 커뮤니티 및 채팅을 이용할 수 없습니다."), + // database DATA_INTEGRITY_VIOLATION(HttpStatus.CONFLICT.value(), "데이터베이스 무결성 제약조건 위반이 발생했습니다."), diff --git a/src/main/java/com/example/solidconnection/common/filter/HttpLoggingFilter.java b/src/main/java/com/example/solidconnection/common/filter/HttpLoggingFilter.java new file mode 100644 index 000000000..74f2dfa6c --- /dev/null +++ b/src/main/java/com/example/solidconnection/common/filter/HttpLoggingFilter.java @@ -0,0 +1,156 @@ +package com.example.solidconnection.common.filter; + +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.net.URLDecoder; +import java.nio.charset.StandardCharsets; +import java.util.List; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.slf4j.MDC; +import org.springframework.http.HttpStatus; +import org.springframework.stereotype.Component; +import org.springframework.util.AntPathMatcher; +import org.springframework.web.filter.OncePerRequestFilter; + +@Slf4j +@RequiredArgsConstructor +@Component +public class HttpLoggingFilter extends OncePerRequestFilter { + + private static final AntPathMatcher PATH_MATCHER = new AntPathMatcher(); + private static final List EXCLUDE_PATTERNS = List.of("/actuator/**"); + private static final List EXCLUDE_QUERIES = List.of("token"); + private static final String MASK_VALUE = "****"; + + @Override + protected void doFilterInternal( + HttpServletRequest request, + HttpServletResponse response, + FilterChain filterChain + ) throws ServletException, IOException { + + // 1) traceId 부여 + String traceId = generateTraceId(); + MDC.put("traceId", traceId); + + boolean excluded = isExcluded(request); + + // 2) 로깅 제외 대상이면 그냥 통과 (traceId는 유지: 추후 하위 레이어 로그에도 붙음) + if (excluded) { + try { + filterChain.doFilter(request, response); + } finally { + MDC.clear(); + } + return; + } + + printRequestUri(request); + + try { + filterChain.doFilter(request, response); + printResponse(request, response); + } finally { + MDC.clear(); + } + } + + private boolean isExcluded(HttpServletRequest req) { + String path = req.getRequestURI(); + for (String p : EXCLUDE_PATTERNS) { + if (PATH_MATCHER.match(p, path)) { + return true; + } + } + return false; + } + + private String generateTraceId() { + return java.util.UUID.randomUUID().toString().replace("-", "").substring(0, 16); + } + + private void printRequestUri(HttpServletRequest request) { + String methodType = request.getMethod(); + String uri = buildDecodedRequestUri(request); + log.info("[REQUEST] {} {}", methodType, uri); + } + + private void printResponse( + HttpServletRequest request, + HttpServletResponse response + ) { + Long userId = (Long) request.getAttribute("userId"); + String uri = buildDecodedRequestUri(request); + HttpStatus status = HttpStatus.valueOf(response.getStatus()); + + log.info("[RESPONSE] {} userId = {}, ({})", uri, userId, status); + } + + private String buildDecodedRequestUri(HttpServletRequest request) { + String path = request.getRequestURI(); + String query = request.getQueryString(); + + if(query == null || query.isBlank()){ + return path; + } + + String decodedQuery = decodeQuery(query); + String maskedQuery = maskSensitiveParams(decodedQuery); + + return path + "?" + maskedQuery; + } + + private String decodeQuery(String rawQuery) { + if(rawQuery == null || rawQuery.isBlank()){ + return rawQuery; + } + + try { + return URLDecoder.decode(rawQuery, StandardCharsets.UTF_8); + } catch (IllegalArgumentException e) { + log.warn("Query 디코딩 실패 parameter: {}, msg: {}", rawQuery, e.getMessage()); + return rawQuery; + } + } + + private String maskSensitiveParams(String decodedQuery) { + String[] params = decodedQuery.split("&"); + StringBuilder maskedQuery = new StringBuilder(); + + for(int i = 0; i < params.length; i++){ + String param = params[i]; + + if(!param.contains("=")){ + maskedQuery.append(param); + }else{ + int equalIndex = param.indexOf("="); + String key = param.substring(0, equalIndex); + + if(isSensitiveParam(key)){ + maskedQuery.append(key).append("=").append(MASK_VALUE); + }else{ + maskedQuery.append(param); + } + } + + if(i < params.length - 1){ + maskedQuery.append("&"); + } + } + + return maskedQuery.toString(); + } + + private boolean isSensitiveParam(String paramKey) { + for (String sensitiveParam : EXCLUDE_QUERIES){ + if(sensitiveParam.equalsIgnoreCase(paramKey)){ + return true; + } + } + return false; + } +} diff --git a/src/main/java/com/example/solidconnection/common/interceptor/ApiPerformanceInterceptor.java b/src/main/java/com/example/solidconnection/common/interceptor/ApiPerformanceInterceptor.java new file mode 100644 index 000000000..50a95f937 --- /dev/null +++ b/src/main/java/com/example/solidconnection/common/interceptor/ApiPerformanceInterceptor.java @@ -0,0 +1,67 @@ +package com.example.solidconnection.common.interceptor; + +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Component; +import org.springframework.web.servlet.HandlerInterceptor; + +@Slf4j +@RequiredArgsConstructor +@Component +public class ApiPerformanceInterceptor implements HandlerInterceptor { + private static final String START_TIME_ATTRIBUTE = "startTime"; + private static final String REQUEST_URI_ATTRIBUTE = "requestUri"; + private static final int RESPONSE_TIME_THRESHOLD = 3_000; + private static final Logger API_PERF = LoggerFactory.getLogger("API_PERF"); + + @Override + public boolean preHandle( + HttpServletRequest request, + HttpServletResponse response, + Object handler + ) throws Exception { + + long startTime = System.currentTimeMillis(); + + request.setAttribute(START_TIME_ATTRIBUTE, startTime); + request.setAttribute(REQUEST_URI_ATTRIBUTE, request.getRequestURI()); + + return true; + } + + @Override + public void afterCompletion( + HttpServletRequest request, + HttpServletResponse response, + Object handler, + Exception ex + ) throws Exception { + Long startTime = (Long) request.getAttribute(START_TIME_ATTRIBUTE); + if(startTime == null) { + return; + } + + long responseTime = System.currentTimeMillis() - startTime; + + String uri = request.getRequestURI(); + String method = request.getMethod(); + int status = response.getStatus(); + + if (responseTime > RESPONSE_TIME_THRESHOLD) { + API_PERF.warn( + "type=API_Performance method_type={} uri={} response_time={} status={}", + method, uri, responseTime, status + ); + } + else { + API_PERF.info( + "type=API_Performance method_type={} uri={} response_time={} status={}", + method, uri, responseTime, status + ); + } + } +} diff --git a/src/main/java/com/example/solidconnection/common/interceptor/BannedUserInterceptor.java b/src/main/java/com/example/solidconnection/common/interceptor/BannedUserInterceptor.java new file mode 100644 index 000000000..de4d673fd --- /dev/null +++ b/src/main/java/com/example/solidconnection/common/interceptor/BannedUserInterceptor.java @@ -0,0 +1,37 @@ +package com.example.solidconnection.common.interceptor; + +import static com.example.solidconnection.common.exception.ErrorCode.BANNED_USER_ACCESS_DENIED; + +import com.example.solidconnection.common.exception.CustomException; +import com.example.solidconnection.security.userdetails.SiteUserDetails; +import com.example.solidconnection.siteuser.domain.SiteUser; +import com.example.solidconnection.siteuser.domain.UserStatus; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.stereotype.Component; +import org.springframework.web.servlet.HandlerInterceptor; + +@Component +public class BannedUserInterceptor implements HandlerInterceptor { + + @Override + public boolean preHandle( + HttpServletRequest request, + HttpServletResponse response, + Object handler + ) { + Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + + if (authentication != null && authentication.getPrincipal() instanceof SiteUserDetails) { + SiteUserDetails userDetails = (SiteUserDetails) authentication.getPrincipal(); + SiteUser siteUser = userDetails.getSiteUser(); + + if (siteUser.getUserStatus() == UserStatus.BANNED) { + throw new CustomException(BANNED_USER_ACCESS_DENIED); + } + } + return true; + } +} diff --git a/src/main/java/com/example/solidconnection/common/interceptor/RequestContext.java b/src/main/java/com/example/solidconnection/common/interceptor/RequestContext.java new file mode 100644 index 000000000..1f4d2790c --- /dev/null +++ b/src/main/java/com/example/solidconnection/common/interceptor/RequestContext.java @@ -0,0 +1,14 @@ +package com.example.solidconnection.common.interceptor; + +import lombok.Getter; + +@Getter +public class RequestContext { + private final String httpMethod; + private final String bestMatchPath; + + public RequestContext(String httpMethod, String bestMatchPath) { + this.httpMethod = httpMethod; + this.bestMatchPath = bestMatchPath; + } +} diff --git a/src/main/java/com/example/solidconnection/common/interceptor/RequestContextHolder.java b/src/main/java/com/example/solidconnection/common/interceptor/RequestContextHolder.java new file mode 100644 index 000000000..0c786bf10 --- /dev/null +++ b/src/main/java/com/example/solidconnection/common/interceptor/RequestContextHolder.java @@ -0,0 +1,18 @@ +package com.example.solidconnection.common.interceptor; + +public class RequestContextHolder { + private static final ThreadLocal CONTEXT = new ThreadLocal<>(); + + public static void initContext(RequestContext requestContext) { + CONTEXT.remove(); + CONTEXT.set(requestContext); + } + + public static RequestContext getContext() { + return CONTEXT.get(); + } + + public static void clear(){ + CONTEXT.remove(); + } +} diff --git a/src/main/java/com/example/solidconnection/common/interceptor/RequestContextInterceptor.java b/src/main/java/com/example/solidconnection/common/interceptor/RequestContextInterceptor.java new file mode 100644 index 000000000..e42b14e11 --- /dev/null +++ b/src/main/java/com/example/solidconnection/common/interceptor/RequestContextInterceptor.java @@ -0,0 +1,36 @@ +package com.example.solidconnection.common.interceptor; + +import static org.springframework.web.servlet.HandlerMapping.BEST_MATCHING_PATTERN_ATTRIBUTE; + +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.stereotype.Component; +import org.springframework.web.servlet.HandlerInterceptor; + +@Component +public class RequestContextInterceptor implements HandlerInterceptor { + + @Override + public boolean preHandle( + HttpServletRequest request, + HttpServletResponse response, + Object handler + ) { + String httpMethod = request.getMethod(); + String bestMatchPath = (String) request.getAttribute(BEST_MATCHING_PATTERN_ATTRIBUTE); + + RequestContext context = new RequestContext(httpMethod, bestMatchPath); + RequestContextHolder.initContext(context); + + return true; + } + + @Override + public void afterCompletion( + HttpServletRequest request, + HttpServletResponse response, + Object handler, Exception ex + ) { + RequestContextHolder.clear(); + } +} diff --git a/src/main/java/com/example/solidconnection/common/listener/QueryMetricsListener.java b/src/main/java/com/example/solidconnection/common/listener/QueryMetricsListener.java new file mode 100644 index 000000000..8f3258b6b --- /dev/null +++ b/src/main/java/com/example/solidconnection/common/listener/QueryMetricsListener.java @@ -0,0 +1,53 @@ +package com.example.solidconnection.common.listener; + +import com.example.solidconnection.common.interceptor.RequestContext; +import com.example.solidconnection.common.interceptor.RequestContextHolder; +import io.micrometer.core.instrument.MeterRegistry; +import java.util.List; +import java.util.concurrent.TimeUnit; +import lombok.RequiredArgsConstructor; +import net.ttddyy.dsproxy.ExecutionInfo; +import net.ttddyy.dsproxy.QueryInfo; +import net.ttddyy.dsproxy.listener.QueryExecutionListener; +import org.springframework.stereotype.Component; + + +@RequiredArgsConstructor +@Component +public class QueryMetricsListener implements QueryExecutionListener { + + private final MeterRegistry meterRegistry; + + @Override + public void beforeQuery(ExecutionInfo executionInfo, List list) { + + } + + @Override + public void afterQuery(ExecutionInfo exec, List queries) { + long elapsedMs = exec.getElapsedTime(); + String sql = queries.isEmpty() ? "" : queries.get(0).getQuery(); + String type = guessType(sql); + + RequestContext rc = RequestContextHolder.getContext(); + String httpMethod = (rc != null && rc.getHttpMethod() != null) ? rc.getHttpMethod() : "-"; + String httpPath = (rc != null && rc.getBestMatchPath() != null) ? rc.getBestMatchPath() : "-"; + + meterRegistry.timer( + "db.query", + "sql_type", type, + "http_method", httpMethod, + "http_path", httpPath + ).record(elapsedMs, TimeUnit.MILLISECONDS); + } + + private String guessType(String sql) { + if (sql == null) return "OTHER"; + String s = sql.trim().toUpperCase(); + if (s.startsWith("SELECT")) return "SELECT"; + if (s.startsWith("INSERT")) return "INSERT"; + if (s.startsWith("UPDATE")) return "UPDATE"; + if (s.startsWith("DELETE")) return "DELETE"; + return "UNKNOWN"; + } +} diff --git a/src/main/java/com/example/solidconnection/community/post/domain/Post.java b/src/main/java/com/example/solidconnection/community/post/domain/Post.java index 190861131..7b3f72745 100644 --- a/src/main/java/com/example/solidconnection/community/post/domain/Post.java +++ b/src/main/java/com/example/solidconnection/community/post/domain/Post.java @@ -18,11 +18,13 @@ import lombok.Getter; import lombok.NoArgsConstructor; import org.hibernate.annotations.BatchSize; +import org.hibernate.annotations.Where; @Entity @Getter @NoArgsConstructor @EqualsAndHashCode(of = "id") +@Where(clause = "is_deleted = false") public class Post extends BaseEntity { @Id @@ -50,6 +52,8 @@ public class Post extends BaseEntity { @Column private long siteUserId; + @Column(name = "is_deleted", columnDefinition = "boolean default false", nullable = false) + private boolean isDeleted = false; @BatchSize(size = 20) @OneToMany(mappedBy = "post", cascade = CascadeType.ALL, orphanRemoval = true) diff --git a/src/main/java/com/example/solidconnection/community/post/repository/PostRepository.java b/src/main/java/com/example/solidconnection/community/post/repository/PostRepository.java index 285bcb151..a1e727d9c 100644 --- a/src/main/java/com/example/solidconnection/community/post/repository/PostRepository.java +++ b/src/main/java/com/example/solidconnection/community/post/repository/PostRepository.java @@ -50,6 +50,22 @@ AND p.siteUserId NOT IN ( """) void increaseViewCount(@Param("postId") Long postId, @Param("count") Long count); + @Modifying(clearAutomatically = true, flushAutomatically = true) + @Query(value = """ + UPDATE post p SET p.is_deleted = :isDeleted + WHERE p.site_user_id = :siteUserId + AND p.id IN (SELECT r.target_id FROM report r WHERE r.target_type = 'POST') + """, nativeQuery = true) + void updateReportedPostsIsDeleted(@Param("siteUserId") long siteUserId, @Param("isDeleted") boolean isDeleted); + + @Modifying(clearAutomatically = true, flushAutomatically = true) + @Query(value = """ + UPDATE post p SET p.is_deleted = :isDeleted + WHERE p.site_user_id IN :siteUserIds + AND p.id IN (SELECT r.target_id FROM report r WHERE r.target_type = 'POST') + """, nativeQuery = true) + void bulkUpdateReportedPostsIsDeleted(@Param("siteUserIds") List siteUserIds, @Param("isDeleted") boolean isDeleted); + default Post getByIdUsingEntityGraph(Long id) { return findPostById(id) .orElseThrow(() -> new CustomException(INVALID_POST_ID)); diff --git a/src/main/java/com/example/solidconnection/report/domain/Report.java b/src/main/java/com/example/solidconnection/report/domain/Report.java index f6c17837b..d76d155f0 100644 --- a/src/main/java/com/example/solidconnection/report/domain/Report.java +++ b/src/main/java/com/example/solidconnection/report/domain/Report.java @@ -33,6 +33,9 @@ public class Report extends BaseEntity { @Column(name = "reporter_id") private long reporterId; + @Column(name = "reported_id") + private long reportedId; + @Column(name = "report_type") @Enumerated(value = EnumType.STRING) private ReportType reportType; @@ -44,9 +47,10 @@ public class Report extends BaseEntity { @Column(name = "target_id") private long targetId; - public Report(long reporterId, ReportType reportType, TargetType targetType, long targetId) { + public Report(long reporterId, long reportedId, ReportType reportType, TargetType targetType, long targetId) { this.reportType = reportType; this.reporterId = reporterId; + this.reportedId = reportedId; this.targetType = targetType; this.targetId = targetId; } diff --git a/src/main/java/com/example/solidconnection/report/repository/ReportRepository.java b/src/main/java/com/example/solidconnection/report/repository/ReportRepository.java index 91e94da8d..b5f1832c2 100644 --- a/src/main/java/com/example/solidconnection/report/repository/ReportRepository.java +++ b/src/main/java/com/example/solidconnection/report/repository/ReportRepository.java @@ -8,5 +8,7 @@ public interface ReportRepository extends JpaRepository { boolean existsByReporterIdAndTargetTypeAndTargetId(long reporterId, TargetType targetType, long targetId); + boolean existsByReportedId(long reportedId); + void deleteAllByReporterId(long reporterId); } diff --git a/src/main/java/com/example/solidconnection/report/service/ReportService.java b/src/main/java/com/example/solidconnection/report/service/ReportService.java index 205ca293d..9cfa1e389 100644 --- a/src/main/java/com/example/solidconnection/report/service/ReportService.java +++ b/src/main/java/com/example/solidconnection/report/service/ReportService.java @@ -1,13 +1,19 @@ package com.example.solidconnection.report.service; +import com.example.solidconnection.chat.domain.ChatMessage; +import com.example.solidconnection.chat.domain.ChatParticipant; import com.example.solidconnection.chat.repository.ChatMessageRepository; +import com.example.solidconnection.chat.repository.ChatParticipantRepository; import com.example.solidconnection.common.exception.CustomException; import com.example.solidconnection.common.exception.ErrorCode; +import com.example.solidconnection.community.post.domain.Post; import com.example.solidconnection.community.post.repository.PostRepository; import com.example.solidconnection.report.domain.Report; import com.example.solidconnection.report.domain.TargetType; import com.example.solidconnection.report.dto.ReportRequest; import com.example.solidconnection.report.repository.ReportRepository; +import com.example.solidconnection.siteuser.domain.SiteUser; +import com.example.solidconnection.siteuser.domain.UserStatus; import com.example.solidconnection.siteuser.repository.SiteUserRepository; import jakarta.transaction.Transactional; import lombok.RequiredArgsConstructor; @@ -21,21 +27,28 @@ public class ReportService { private final SiteUserRepository siteUserRepository; private final PostRepository postRepository; private final ChatMessageRepository chatMessageRepository; + private final ChatParticipantRepository chatParticipantRepository; @Transactional public void createReport(long reporterId, ReportRequest request) { - validateReporterExists(reporterId); + long reportedId = findReportedId(request.targetType(), request.targetId()); + validateReporterAndReportedExists(reporterId, reportedId); validateTargetExists(request.targetType(), request.targetId()); validateFirstReportByUser(reporterId, request.targetType(), request.targetId()); + updateUserStatusToReported(reportedId); - Report report = new Report(reporterId, request.reportType(), request.targetType(), request.targetId()); + Report report = new Report(reporterId, reportedId, request.reportType(), request.targetType(), request.targetId()); reportRepository.save(report); } - private void validateReporterExists(long reporterId) { + private void validateReporterAndReportedExists(long reporterId, long reportedId) { if (!siteUserRepository.existsById(reporterId)) { throw new CustomException(ErrorCode.USER_NOT_FOUND); } + + if (!siteUserRepository.existsById(reportedId)) { + throw new CustomException(ErrorCode.USER_NOT_FOUND); + } } private void validateTargetExists(TargetType targetType, long targetId) { @@ -54,4 +67,31 @@ private void validateFirstReportByUser(long reporterId, TargetType targetType, l throw new CustomException(ErrorCode.ALREADY_REPORTED_BY_CURRENT_USER); } } + + private long findReportedId(TargetType targetType, long targetId) { + return switch (targetType) { + case POST -> findPostAuthorId(targetId); + case CHAT -> findChatMessageSenderId(targetId); + }; + } + + private long findPostAuthorId(long postId) { + Post post = postRepository.findById(postId) + .orElseThrow(() -> new CustomException(ErrorCode.REPORT_TARGET_NOT_FOUND)); + return post.getSiteUserId(); + } + + private long findChatMessageSenderId(long chatMessageId) { + ChatMessage chatMessage = chatMessageRepository.findById(chatMessageId) + .orElseThrow(() -> new CustomException(ErrorCode.REPORT_TARGET_NOT_FOUND)); + ChatParticipant chatParticipant = chatParticipantRepository.findById(chatMessage.getSenderId()) + .orElseThrow(() -> new CustomException(ErrorCode.CHAT_PARTICIPANT_NOT_FOUND)); + return chatParticipant.getSiteUserId(); + } + + private void updateUserStatusToReported(long userId) { + SiteUser user = siteUserRepository.findById(userId) + .orElseThrow(() -> new CustomException(ErrorCode.USER_NOT_FOUND)); + user.updateUserStatus(UserStatus.REPORTED); + } } diff --git a/src/main/java/com/example/solidconnection/security/filter/TokenAuthenticationFilter.java b/src/main/java/com/example/solidconnection/security/filter/TokenAuthenticationFilter.java index 8c8dc8f30..6e1899dd3 100644 --- a/src/main/java/com/example/solidconnection/security/filter/TokenAuthenticationFilter.java +++ b/src/main/java/com/example/solidconnection/security/filter/TokenAuthenticationFilter.java @@ -2,6 +2,7 @@ import com.example.solidconnection.security.authentication.TokenAuthentication; import com.example.solidconnection.security.infrastructure.AuthorizationHeaderParser; +import com.example.solidconnection.security.userdetails.SiteUserDetails; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; @@ -34,6 +35,7 @@ public void doFilterInternal(@NonNull HttpServletRequest request, TokenAuthentication authToken = new TokenAuthentication(token); Authentication auth = authenticationManager.authenticate(authToken); SecurityContextHolder.getContext().setAuthentication(auth); + extractIdFromAuthentication(request, auth); }); filterChain.doFilter(request, response); @@ -45,4 +47,10 @@ private Optional resolveToken(HttpServletRequest request) { } return authorizationHeaderParser.parseToken(request); } + + private void extractIdFromAuthentication(HttpServletRequest request, Authentication auth) { + SiteUserDetails principal = (SiteUserDetails) auth.getPrincipal(); + Long id = principal.getSiteUser().getId(); + request.setAttribute("userId", id); + } } diff --git a/src/main/java/com/example/solidconnection/siteuser/domain/SiteUser.java b/src/main/java/com/example/solidconnection/siteuser/domain/SiteUser.java index 30afc423e..a82291d75 100644 --- a/src/main/java/com/example/solidconnection/siteuser/domain/SiteUser.java +++ b/src/main/java/com/example/solidconnection/siteuser/domain/SiteUser.java @@ -70,6 +70,10 @@ public class SiteUser extends BaseEntity { @Column(nullable = true) private String password; + @Column(nullable = false) + @Enumerated(EnumType.STRING) + private UserStatus userStatus = UserStatus.ACTIVE; + public SiteUser( String email, String nickname, @@ -107,7 +111,8 @@ public SiteUser( ExchangeStatus exchangeStatus, Role role, AuthType authType, - String password) { + String password, + UserStatus userStatus) { this.email = email; this.nickname = nickname; this.profileImageUrl = profileImageUrl; @@ -115,9 +120,14 @@ public SiteUser( this.role = role; this.authType = authType; this.password = password; + this.userStatus = userStatus; } public void updatePassword(String newEncodedPassword) { this.password = newEncodedPassword; } + + public void updateUserStatus(UserStatus status) { + this.userStatus = status; + } } diff --git a/src/main/java/com/example/solidconnection/siteuser/domain/UserBan.java b/src/main/java/com/example/solidconnection/siteuser/domain/UserBan.java new file mode 100644 index 000000000..8dab3ea8a --- /dev/null +++ b/src/main/java/com/example/solidconnection/siteuser/domain/UserBan.java @@ -0,0 +1,61 @@ +package com.example.solidconnection.siteuser.domain; + +import static java.time.ZoneOffset.UTC; + +import java.time.ZonedDateTime; +import com.example.solidconnection.common.BaseEntity; +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.EnumType; +import jakarta.persistence.Enumerated; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; +import jakarta.persistence.Id; +import lombok.AccessLevel; +import lombok.Getter; +import lombok.NoArgsConstructor; + +@Getter +@NoArgsConstructor(access = AccessLevel.PROTECTED) +@Entity +public class UserBan extends BaseEntity { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private Long id; + + @Column(name = "banned_user_id", nullable = false) + private Long bannedUserId; + + @Column(name = "banned_by", nullable = false) + private Long bannedBy; + + @Column(name = "duration", nullable = false) + @Enumerated(EnumType.STRING) + private UserBanDuration duration; + + @Column(name = "expired_at", nullable = false) + private ZonedDateTime expiredAt; + + @Column(name = "is_expired", nullable = false) + private boolean isExpired = false; + + @Column(name = "unbanned_by") + private Long unbannedBy; + + @Column(name = "unbanned_at") + private ZonedDateTime unbannedAt; + + public UserBan(Long bannedUserId, Long bannedBy, UserBanDuration duration, ZonedDateTime expiredAt) { + this.bannedUserId = bannedUserId; + this.bannedBy = bannedBy; + this.duration = duration; + this.expiredAt = expiredAt; + } + + public void manuallyUnban(Long adminId) { + this.isExpired = true; + this.unbannedBy = adminId; + this.unbannedAt = ZonedDateTime.now(UTC); + } +} diff --git a/src/main/java/com/example/solidconnection/siteuser/domain/UserBanDuration.java b/src/main/java/com/example/solidconnection/siteuser/domain/UserBanDuration.java new file mode 100644 index 000000000..2bbe64fe7 --- /dev/null +++ b/src/main/java/com/example/solidconnection/siteuser/domain/UserBanDuration.java @@ -0,0 +1,14 @@ +package com.example.solidconnection.siteuser.domain; + +import lombok.Getter; +import lombok.RequiredArgsConstructor; + +@RequiredArgsConstructor +@Getter +public enum UserBanDuration { + ONE_DAY(1), + THREE_DAYS(3), + SEVEN_DAYS(7); + + private final int days; +} diff --git a/src/main/java/com/example/solidconnection/siteuser/domain/UserStatus.java b/src/main/java/com/example/solidconnection/siteuser/domain/UserStatus.java new file mode 100644 index 000000000..50cbfb236 --- /dev/null +++ b/src/main/java/com/example/solidconnection/siteuser/domain/UserStatus.java @@ -0,0 +1,7 @@ +package com.example.solidconnection.siteuser.domain; + +public enum UserStatus { + ACTIVE, + REPORTED, + BANNED +} diff --git a/src/main/java/com/example/solidconnection/siteuser/repository/SiteUserRepository.java b/src/main/java/com/example/solidconnection/siteuser/repository/SiteUserRepository.java index 73422ba9f..123c1ab2b 100644 --- a/src/main/java/com/example/solidconnection/siteuser/repository/SiteUserRepository.java +++ b/src/main/java/com/example/solidconnection/siteuser/repository/SiteUserRepository.java @@ -2,10 +2,12 @@ import com.example.solidconnection.siteuser.domain.AuthType; import com.example.solidconnection.siteuser.domain.SiteUser; +import com.example.solidconnection.siteuser.domain.UserStatus; import java.time.LocalDate; import java.util.List; import java.util.Optional; import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Modifying; import org.springframework.data.jpa.repository.Query; import org.springframework.data.repository.query.Param; @@ -21,4 +23,8 @@ public interface SiteUserRepository extends JpaRepository { List findUsersToBeRemoved(@Param("cutoffDate") LocalDate cutoffDate); List findAllByIdIn(List ids); + + @Modifying + @Query("UPDATE SiteUser u SET u.userStatus = :status WHERE u.id IN :userIds") + void bulkUpdateUserStatus(@Param("userIds") List userIds, @Param("status") UserStatus status); } diff --git a/src/main/java/com/example/solidconnection/siteuser/repository/UserBanRepository.java b/src/main/java/com/example/solidconnection/siteuser/repository/UserBanRepository.java new file mode 100644 index 000000000..b897d29cf --- /dev/null +++ b/src/main/java/com/example/solidconnection/siteuser/repository/UserBanRepository.java @@ -0,0 +1,24 @@ +package com.example.solidconnection.siteuser.repository; + +import com.example.solidconnection.siteuser.domain.UserBan; +import java.time.ZonedDateTime; +import java.util.List; +import java.util.Optional; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Modifying; +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; + +public interface UserBanRepository extends JpaRepository { + + boolean existsByBannedUserIdAndIsExpiredFalseAndExpiredAtAfter(long bannedUserId, ZonedDateTime now); + + Optional findByBannedUserIdAndIsExpiredFalseAndExpiredAtAfter(long bannedUserId, ZonedDateTime now); + + @Query("SELECT ub.bannedUserId FROM UserBan ub WHERE ub.isExpired = false AND ub.expiredAt < :current") + List findExpiredBannedUserIds(@Param("current") ZonedDateTime current); + + @Modifying + @Query("UPDATE UserBan ub SET ub.isExpired = true WHERE ub.isExpired = false AND ub.expiredAt < :current") + void bulkExpireUserBans(@Param("current") ZonedDateTime current); +} diff --git a/src/main/resources/db/migration/V40__create_user_ban_table.sql b/src/main/resources/db/migration/V40__create_user_ban_table.sql new file mode 100644 index 000000000..4a695fe62 --- /dev/null +++ b/src/main/resources/db/migration/V40__create_user_ban_table.sql @@ -0,0 +1,23 @@ +CREATE TABLE user_ban +( + id BIGINT NOT NULL AUTO_INCREMENT, + banned_user_id BIGINT NOT NULL, + banned_by BIGINT NOT NULL, + duration VARCHAR(30) NOT NULL, + expired_at DATETIME(6) NOT NULL, + is_expired TINYINT(1) NOT NULL DEFAULT 0, + unbanned_by BIGINT NULL, + unbanned_at DATETIME(6) NULL, + created_at DATETIME(6) NOT NULL, + updated_at DATETIME(6) NOT NULL, + PRIMARY KEY (id), + CONSTRAINT fk_user_ban_banned_user_id FOREIGN KEY (banned_user_id) REFERENCES site_user (id), + CONSTRAINT fk_user_ban_banned_by_id FOREIGN KEY (banned_by) REFERENCES site_user (id), + CONSTRAINT fk_user_ban_unbanned_by_id FOREIGN KEY (unbanned_by) REFERENCES site_user (id) +); + +ALTER TABLE site_user + ADD COLUMN user_status VARCHAR(10) NOT NULL DEFAULT 'ACTIVE'; + +ALTER TABLE report + ADD COLUMN reported_id BIGINT; diff --git a/src/main/resources/db/migration/V41__add_is_deleted_to_post_and_chat_message.sql b/src/main/resources/db/migration/V41__add_is_deleted_to_post_and_chat_message.sql new file mode 100644 index 000000000..5444af27c --- /dev/null +++ b/src/main/resources/db/migration/V41__add_is_deleted_to_post_and_chat_message.sql @@ -0,0 +1,3 @@ +ALTER TABLE post ADD COLUMN is_deleted BOOLEAN NOT NULL DEFAULT FALSE; + +ALTER TABLE chat_message ADD COLUMN is_deleted BOOLEAN NOT NULL DEFAULT FALSE; diff --git a/src/main/resources/logback-spring.xml b/src/main/resources/logback-spring.xml index e179be0fb..52d0bb4e8 100644 --- a/src/main/resources/logback-spring.xml +++ b/src/main/resources/logback-spring.xml @@ -2,34 +2,96 @@ - - + - - /var/log/spring/solid-connection-server.log + + + - - - /var/log/spring/solid-connection-server.%d{yyyy-MM-dd}.log - 30 - + + + ${LOG_PATH}/info/info.log + + ${LOG_PATH}/info/info.%d{yyyy-MM-dd}.log + 7 + + + ${LOG_PATTERN} + + + INFO + ACCEPT + DENY + + - - - timestamp=%d{yyyy-MM-dd'T'HH:mm:ss.SSS} level=%-5level thread=%thread logger=%logger{36} - message=%msg%n - - - + + + ${LOG_PATH}/warn/warn.log + + ${LOG_PATH}/warn/warn.%d{yyyy-MM-dd}.log + 7 + + + ${LOG_PATTERN} + + + WARN + ACCEPT + DENY + + - - - + + + ${LOG_PATH}/error/error.log + + ${LOG_PATH}/error/error.%d{yyyy-MM-dd}.log + 7 + + + ${LOG_PATTERN} + + + ERROR + ACCEPT + DENY + + - + + + ${LOG_PATH}/api-perf/api-perf.log + + ${LOG_PATH}/api-perf/api-perf.%d{yyyy-MM-dd}.log + 7 + + + ${LOG_PATTERN} + + + + + + + + + + + + + + + + + + + + - + - + \ No newline at end of file diff --git a/src/main/resources/secret b/src/main/resources/secret index 29524e2d6..1f93968a8 160000 --- a/src/main/resources/secret +++ b/src/main/resources/secret @@ -1 +1 @@ -Subproject commit 29524e2d6dad2042400de0370a11893029aacff2 +Subproject commit 1f93968a8475d4545d90e8f681b96382d25586af diff --git a/src/test/java/com/example/solidconnection/admin/service/AdminUserBanServiceTest.java b/src/test/java/com/example/solidconnection/admin/service/AdminUserBanServiceTest.java new file mode 100644 index 000000000..60808ca3e --- /dev/null +++ b/src/test/java/com/example/solidconnection/admin/service/AdminUserBanServiceTest.java @@ -0,0 +1,262 @@ +package com.example.solidconnection.admin.service; + +import static com.example.solidconnection.common.exception.ErrorCode.ALREADY_BANNED_USER; +import static com.example.solidconnection.common.exception.ErrorCode.NOT_BANNED_USER; +import static com.example.solidconnection.common.exception.ErrorCode.REPORT_NOT_FOUND; +import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.AssertionsForClassTypes.assertThatCode; +import static org.junit.jupiter.api.Assertions.assertAll; + +import com.example.solidconnection.admin.dto.UserBanRequest; +import com.example.solidconnection.common.exception.CustomException; +import com.example.solidconnection.community.board.fixture.BoardFixture; +import com.example.solidconnection.community.post.domain.Post; +import com.example.solidconnection.community.post.domain.PostCategory; +import com.example.solidconnection.community.post.fixture.PostFixture; +import com.example.solidconnection.report.domain.TargetType; +import com.example.solidconnection.report.fixture.ReportFixture; +import com.example.solidconnection.siteuser.domain.SiteUser; +import com.example.solidconnection.siteuser.domain.UserBan; +import com.example.solidconnection.siteuser.domain.UserBanDuration; +import com.example.solidconnection.siteuser.domain.UserStatus; +import com.example.solidconnection.siteuser.fixture.SiteUserFixture; +import com.example.solidconnection.siteuser.fixture.UserBanFixture; +import com.example.solidconnection.siteuser.repository.SiteUserRepository; +import com.example.solidconnection.siteuser.repository.UserBanRepository; +import com.example.solidconnection.support.TestContainerSpringBootTest; +import java.time.ZonedDateTime; +import java.util.List; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Nested; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; + +@TestContainerSpringBootTest +@DisplayName("어드민 유저 차단 서비스 테스트") +class AdminUserBanServiceTest { + + @Autowired + private AdminUserBanService adminUserBanService; + + @Autowired + private SiteUserRepository siteUserRepository; + + @Autowired + private UserBanRepository userBanRepository; + + @Autowired + private SiteUserFixture siteUserFixture; + + @Autowired + private UserBanFixture userBanFixture; + + @Autowired + private ReportFixture reportFixture; + + @Autowired + private PostFixture postFixture; + + @Autowired + private BoardFixture boardFixture; + + private SiteUser admin; + private SiteUser reportedUser; + private SiteUser reporter; + private Post reportedPost; + + @BeforeEach + void setUp() { + admin = siteUserFixture.관리자(); + reportedUser = siteUserFixture.신고된_사용자("신고된사용자"); + reporter = siteUserFixture.사용자(2, "신고자"); + reportedPost = postFixture.게시글( + "신고될 게시글", + "신고될 내용", + false, + PostCategory.자유, + boardFixture.자유게시판(), + reportedUser + ); + } + + @Nested + class 사용자_차단 { + + @Test + void 사용자를_차단한다() { + // given + reportFixture.신고(reporter.getId(), reportedUser.getId(), TargetType.POST, reportedPost.getId()); + UserBanRequest request = new UserBanRequest(UserBanDuration.SEVEN_DAYS); + + // when + adminUserBanService.banUser(reportedUser.getId(), admin.getId(), request); + + // then + SiteUser bannedUser = siteUserRepository.findById(reportedUser.getId()).orElseThrow(); + assertThat(bannedUser.getUserStatus()).isEqualTo(UserStatus.BANNED); + } + + @Test + void 이미_차단된_사용자일_경우_예외가_발생한다() { + // given + reportFixture.신고(reporter.getId(), reportedUser.getId(), TargetType.POST, reportedPost.getId()); + UserBanRequest request = new UserBanRequest(UserBanDuration.SEVEN_DAYS); + adminUserBanService.banUser(reportedUser.getId(), admin.getId(), request); + + // when & then + assertThatCode(() -> adminUserBanService.banUser(reportedUser.getId(), admin.getId(), request)) + .isInstanceOf(CustomException.class) + .hasMessage(ALREADY_BANNED_USER.getMessage()); + } + + @Test + void 신고가_없는_사용자일_경우_예외가_발생한다() { + // given + SiteUser userWithoutReport = siteUserFixture.사용자(3, "신고없는유저"); + UserBanRequest request = new UserBanRequest(UserBanDuration.SEVEN_DAYS); + + // when & then + assertThatCode(() -> adminUserBanService.banUser(userWithoutReport.getId(), admin.getId(), request)) + .isInstanceOf(CustomException.class) + .hasMessage(REPORT_NOT_FOUND.getMessage()); + } + } + + @Nested + class 사용자_차단_해제 { + + @Test + void 차단된_사용자를_수동으로_해제한다() { + // given + reportFixture.신고(reporter.getId(), reportedUser.getId(), TargetType.POST, reportedPost.getId()); + UserBanRequest request = new UserBanRequest(UserBanDuration.SEVEN_DAYS); + adminUserBanService.banUser(reportedUser.getId(), admin.getId(), request); + + // when + adminUserBanService.unbanUser(reportedUser.getId(), admin.getId()); + + // then + SiteUser unbannedUser = siteUserRepository.findById(reportedUser.getId()).orElseThrow(); + assertThat(unbannedUser.getUserStatus()).isEqualTo(UserStatus.REPORTED); + } + + @Test + void 차단_해제_정보가_올바르게_저장된다() { + // given + reportFixture.신고(reporter.getId(), reportedUser.getId(), TargetType.POST, reportedPost.getId()); + UserBanRequest request = new UserBanRequest(UserBanDuration.SEVEN_DAYS); + adminUserBanService.banUser(reportedUser.getId(), admin.getId(), request); + ZonedDateTime beforeUnban = ZonedDateTime.now(); + + // when + adminUserBanService.unbanUser(reportedUser.getId(), admin.getId()); + + // then + List allBans = userBanRepository.findAll(); + UserBan unbannedUserBan = allBans.stream() + .filter(ban -> ban.getBannedUserId().equals(reportedUser.getId())) + .findFirst() + .orElseThrow(); + + assertAll( + () -> assertThat(unbannedUserBan.isExpired()).isTrue(), + () -> assertThat(unbannedUserBan.getUnbannedBy()).isEqualTo(admin.getId()), + () -> assertThat(unbannedUserBan.getUnbannedAt()).isAfter(beforeUnban) + ); + } + + @Test + void 차단되지_않은_사용자일_경우_예외가_발생한다() { + // given + SiteUser notBannedUser = siteUserFixture.사용자(3, "차단안된유저"); + + // when & then + assertThatCode(() -> adminUserBanService.unbanUser(notBannedUser.getId(), admin.getId())) + .isInstanceOf(CustomException.class) + .hasMessage(NOT_BANNED_USER.getMessage()); + } + + @Test + void 만료된_차단일_경우_예외가_발생한다() { + // given + userBanFixture.만료된_차단(reportedUser.getId()); + + // when & then + assertThatCode(() -> adminUserBanService.unbanUser(reportedUser.getId(), admin.getId())) + .isInstanceOf(CustomException.class) + .hasMessage(NOT_BANNED_USER.getMessage()); + } + } + + @Nested + class 만료된_차단_자동_해제 { + + @Test + void 만료된_차단들을_자동으로_해제한다() { + // given + SiteUser user1 = siteUserFixture.사용자(10, "유저1"); + SiteUser user2 = siteUserFixture.사용자(11, "유저2"); + + userBanFixture.만료된_차단(user1.getId()); + userBanFixture.만료된_차단(user2.getId()); + + user1.updateUserStatus(UserStatus.BANNED); + user2.updateUserStatus(UserStatus.BANNED); + + // when + adminUserBanService.expireUserBans(); + + // then + SiteUser unbannedUser1 = siteUserRepository.findById(user1.getId()).orElseThrow(); + SiteUser unbannedUser2 = siteUserRepository.findById(user2.getId()).orElseThrow(); + + assertAll( + () -> assertThat(unbannedUser1.getUserStatus()).isEqualTo(UserStatus.REPORTED), + () -> assertThat(unbannedUser2.getUserStatus()).isEqualTo(UserStatus.REPORTED) + ); + } + + @Test + void 만료되지_않은_차단은_유지된다() { + // given + Post reportedPost = postFixture.게시글( + "신고될 게시글", + "신고될 내용", + false, + PostCategory.자유, + boardFixture.자유게시판(), + reportedUser + ); + reportFixture.신고(reporter.getId(), reportedUser.getId(), TargetType.POST, reportedPost.getId()); + adminUserBanService.banUser(reportedUser.getId(), admin.getId(), new UserBanRequest(UserBanDuration.SEVEN_DAYS)); + + // when + adminUserBanService.expireUserBans(); + + // then + SiteUser stillBannedUser = siteUserRepository.findById(reportedUser.getId()).orElseThrow(); + assertThat(stillBannedUser.getUserStatus()).isEqualTo(UserStatus.BANNED); + } + + @Test + void 이미_수동으로_해제된_차단은_처리하지_않는다() { + // given + userBanFixture.수동_차단_해제(reportedUser.getId(), admin.getId()); + reportedUser.updateUserStatus(UserStatus.REPORTED); + + long beforeExpiredCount = userBanRepository.findAll().stream() + .filter(UserBan::isExpired) + .count(); + + // when + adminUserBanService.expireUserBans(); + + // then + long afterExpiredCount = userBanRepository.findAll().stream() + .filter(UserBan::isExpired) + .count(); + assertThat(afterExpiredCount).isEqualTo(beforeExpiredCount); + } + } +} diff --git a/src/test/java/com/example/solidconnection/common/filter/HttpLoggingFilterTest.java b/src/test/java/com/example/solidconnection/common/filter/HttpLoggingFilterTest.java new file mode 100644 index 000000000..815370bfb --- /dev/null +++ b/src/test/java/com/example/solidconnection/common/filter/HttpLoggingFilterTest.java @@ -0,0 +1,241 @@ +package com.example.solidconnection.common.filter; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.junit.jupiter.api.Assertions.assertAll; +import static org.mockito.Mockito.doAnswer; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +import ch.qos.logback.classic.Logger; +import ch.qos.logback.classic.spi.ILoggingEvent; +import ch.qos.logback.core.read.ListAppender; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.util.concurrent.atomic.AtomicReference; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Nested; +import org.junit.jupiter.api.Test; +import org.slf4j.LoggerFactory; +import org.slf4j.MDC; + +@DisplayName("HttpLoggingFilter 테스트") +class HttpLoggingFilterTest { + + private HttpLoggingFilter filter; + private HttpServletRequest request; + private HttpServletResponse response; + private FilterChain filterChain; + + private ListAppender listAppender; + private Logger logger; + + @BeforeEach + void setUp() { + filter = new HttpLoggingFilter(); + request = mock(HttpServletRequest.class); + response = mock(HttpServletResponse.class); + filterChain = mock(FilterChain.class); + + logger = (Logger) LoggerFactory.getLogger(HttpLoggingFilter.class); + listAppender = new ListAppender<>(); + listAppender.start(); + logger.addAppender(listAppender); + } + + @AfterEach + void tearDown() { + MDC.clear(); + logger.detachAppender(listAppender); + listAppender.stop(); + } + + @Nested + class TraceId_생성 { + + @Test + void 요청마다_traceId를_생성한다() throws ServletException, IOException { + // given + when(request.getRequestURI()).thenReturn("/api/test"); + when(request.getMethod()).thenReturn("GET"); + when(response.getStatus()).thenReturn(200); + + AtomicReference capturedTraceId = new AtomicReference<>(); + + doAnswer(invocation ->{ + capturedTraceId.set(MDC.get("traceId")); + return null; + }).when(filterChain).doFilter(request, response); + + // when + filter.doFilterInternal(request, response, filterChain); + + // then + String traceId = capturedTraceId.get(); + assertAll( + () -> assertThat(traceId).isNotNull(), + () -> assertThat(traceId).hasSize(16), + () -> assertThat(traceId).matches("[a-f0-9]{16}") + ); + verify(filterChain).doFilter(request, response); + } + } + + @Nested + class 로깅_제외_패턴 { + + @Test + void actuator_경로는_로깅에서_제외된다() throws ServletException, IOException { + // given + when(request.getRequestURI()).thenReturn("/actuator/health"); + when(request.getMethod()).thenReturn("GET"); + + // when + filter.doFilterInternal(request, response, filterChain); + + // then + assertAll( + () -> assertThat(listAppender.list).noneMatch(event -> event.getFormattedMessage().contains("[REQUEST]")), + () -> assertThat(listAppender.list).noneMatch(event -> event.getFormattedMessage().contains("[RESPONSE]")) + ); + verify(filterChain).doFilter(request, response); + } + + @Test + void 일반_경로는_로깅된다() throws ServletException, IOException { + // given + when(request.getRequestURI()).thenReturn("/api/users"); + when(request.getMethod()).thenReturn("GET"); + when(response.getStatus()).thenReturn(200); + String expectedRequestLog = "[REQUEST] GET /api/users"; + String expectedResponseLog = "[RESPONSE] /api/users userId = null, (200 OK)"; + + + // when + filter.doFilterInternal(request, response, filterChain); + + // then + assertAll( + () -> assertThat(listAppender.list).anyMatch(event -> event.getFormattedMessage().contains(expectedRequestLog)), + () -> assertThat(listAppender.list).anyMatch(event -> event.getFormattedMessage().contains(expectedResponseLog)) + ); + verify(filterChain).doFilter(request, response); + } + } + + @Nested + class 민감한_쿼리_파라미터_마스킹 { + + @Test + void token_파라미터는_마스킹된다() throws ServletException, IOException { + // given + when(request.getRequestURI()).thenReturn("/api/auth"); + when(request.getQueryString()).thenReturn("token=secret123&userId=1"); + when(request.getMethod()).thenReturn("GET"); + when(response.getStatus()).thenReturn(200); + String expectedRequestLog = "[REQUEST] GET /api/auth?token=****&userId=1"; + String expectedResponseLog = "[RESPONSE] /api/auth?token=****&userId=1 userId = null, (200 OK)"; + + // when + filter.doFilterInternal(request, response, filterChain); + + // then + assertAll( + () -> assertThat(listAppender.list).anyMatch(event -> event.getFormattedMessage().contains(expectedRequestLog)), + () -> assertThat(listAppender.list).anyMatch(event -> event.getFormattedMessage().contains(expectedResponseLog)) + ); + verify(filterChain).doFilter(request, response); + } + + @Test + void 일반_파라미터는_마스킹되지_않는다() throws ServletException, IOException { + // given + when(request.getRequestURI()).thenReturn("/api/users"); + when(request.getQueryString()).thenReturn("name=홍길동&age=20"); + when(request.getMethod()).thenReturn("GET"); + when(response.getStatus()).thenReturn(200); + String expectedRequestLog = "[REQUEST] GET /api/users?name=홍길동&age=20"; + String expectedResponseLog = "[RESPONSE] /api/users?name=홍길동&age=20 userId = null, (200 OK)"; + + // when + filter.doFilterInternal(request, response, filterChain); + + // then + assertAll( + () -> assertThat(listAppender.list).anyMatch(event -> event.getFormattedMessage().contains(expectedRequestLog)), + () -> assertThat(listAppender.list).anyMatch(event -> event.getFormattedMessage().contains(expectedResponseLog)) + ); + verify(filterChain).doFilter(request, response); + } + } + + @Nested + class 쿼리_파라미터_디코딩 { + + @Test + void URL_인코딩된_파라미터를_디코딩한다() throws ServletException, IOException { + // given + when(request.getRequestURI()).thenReturn("/api/search"); + when(request.getQueryString()).thenReturn("keyword=%ED%99%8D%EA%B8%B8%EB%8F%99"); + when(request.getMethod()).thenReturn("GET"); + when(response.getStatus()).thenReturn(200); + String expectedParameter = "홍길동"; + String expectedRequestLog = "[REQUEST] GET /api/search?keyword=" + expectedParameter; + String expectedResponseLog = "[RESPONSE] /api/search?keyword=" + expectedParameter + " userId = null, (200 OK)"; + + // when + filter.doFilterInternal(request, response, filterChain); + + // then + assertAll( + () -> assertThat(listAppender.list).anyMatch(event -> event.getFormattedMessage().contains(expectedRequestLog)), + () -> assertThat(listAppender.list).anyMatch(event -> event.getFormattedMessage().contains(expectedResponseLog)) + ); + verify(filterChain).doFilter(request, response); + } + + @Test + void 디코딩_실패_시_원본_쿼리를_사용한다() throws ServletException, IOException { + // given + when(request.getRequestURI()).thenReturn("/api/search"); + when(request.getQueryString()).thenReturn("invalid=%"); + when(request.getMethod()).thenReturn("GET"); + when(response.getStatus()).thenReturn(200); + String expectedRequestLog = "[REQUEST] GET /api/search?invalid=%"; + String expectedResponseLog = "[RESPONSE] /api/search?invalid=% userId = null, (200 OK)"; + + // when + filter.doFilterInternal(request, response, filterChain); + + // then + assertAll( + () -> assertThat(listAppender.list).anyMatch(event -> event.getFormattedMessage().contains(expectedRequestLog)), + () -> assertThat(listAppender.list).anyMatch(event -> event.getFormattedMessage().contains(expectedResponseLog)) + ); + verify(filterChain).doFilter(request, response); + } + } + + @Nested + class MDC_정리 { + + @Test + void 요청_완료_후_MDC가_정리된다() throws ServletException, IOException { + // given + when(request.getRequestURI()).thenReturn("/api/test"); + when(request.getMethod()).thenReturn("GET"); + when(response.getStatus()).thenReturn(200); + + // when + filter.doFilterInternal(request, response, filterChain); + + // then + assertThat(MDC.get("traceId")).isNull(); + } + } +} diff --git a/src/test/java/com/example/solidconnection/common/interceptor/ApiPerformanceInterceptorTest.java b/src/test/java/com/example/solidconnection/common/interceptor/ApiPerformanceInterceptorTest.java new file mode 100644 index 000000000..b43d854ed --- /dev/null +++ b/src/test/java/com/example/solidconnection/common/interceptor/ApiPerformanceInterceptorTest.java @@ -0,0 +1,199 @@ +package com.example.solidconnection.common.interceptor; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.junit.jupiter.api.Assertions.assertAll; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +import ch.qos.logback.classic.Logger; +import ch.qos.logback.classic.spi.ILoggingEvent; +import ch.qos.logback.core.read.ListAppender; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import java.util.List; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Nested; +import org.junit.jupiter.api.Test; +import org.mockito.ArgumentCaptor; +import org.slf4j.LoggerFactory; + +@DisplayName("ApiPerformanceInterceptor 테스트") +class ApiPerformanceInterceptorTest { + + private ApiPerformanceInterceptor interceptor; + private HttpServletRequest request; + private HttpServletResponse response; + private Object handler; + + private ListAppender listAppender; + private Logger logger; + + @BeforeEach + void setUp() { + interceptor = new ApiPerformanceInterceptor(); + request = mock(HttpServletRequest.class); + response = mock(HttpServletResponse.class); + handler = new Object(); + + logger = (Logger) LoggerFactory.getLogger("API_PERF"); + listAppender = new ListAppender<>(); + listAppender.start(); + logger.addAppender(listAppender); + } + + @AfterEach + void tearDown() { + logger.detachAppender(listAppender); + listAppender.stop(); + } + + @Nested + class PreHandle_메서드 { + + @Test + void 시작_시간을_request에_저장한다() throws Exception { + // given + when(request.getRequestURI()).thenReturn("/api/test"); + long beforeTime = System.currentTimeMillis(); + + // when + interceptor.preHandle(request, response, handler); + + // then + ArgumentCaptor keyCaptor = ArgumentCaptor.forClass(String.class); + ArgumentCaptor valueCaptor = ArgumentCaptor.forClass(Object.class); + + verify(request, times(2)).setAttribute(keyCaptor.capture(), valueCaptor.capture()); + + List capturedKeys = keyCaptor.getAllValues(); + List capturedValues = valueCaptor.getAllValues(); + + assertThat(capturedKeys).contains("startTime"); + Long startTime = (Long) capturedValues.get(capturedKeys.indexOf("startTime")); + assertThat(startTime) + .isGreaterThanOrEqualTo(beforeTime); + + assertThat(capturedKeys).contains("requestUri"); + String uri = (String) capturedValues.get(capturedKeys.indexOf("requestUri")); + assertThat(uri).isEqualTo("/api/test"); + } + + @Test + void preHandle_항상_true를_반환한다() throws Exception { + // given + when(request.getRequestURI()).thenReturn("/api/test"); + + // when + boolean result = interceptor.preHandle(request, response, handler); + + // then + assertThat(result).isTrue(); + } + } + + @Nested + class AfterCompletion_메서드 { + + @Test + void 응답_시간을_계산하고_로그를_남긴다() throws Exception { + // given + long startTime = System.currentTimeMillis(); + when(request.getAttribute("startTime")).thenReturn(startTime); + when(request.getRequestURI()).thenReturn("/api/test"); + when(request.getMethod()).thenReturn("GET"); + when(response.getStatus()).thenReturn(200); + String expectedApiPerfLog = "type=API_Performance"; + + // when + interceptor.afterCompletion(request, response, handler, null); + + // then + ILoggingEvent logEvent = listAppender.list.stream() + .filter(event -> event.getFormattedMessage().contains(expectedApiPerfLog)) + .findFirst() + .orElseThrow(); + assertAll( + () -> assertThat(logEvent.getLevel().toString()).isEqualTo("INFO"), + () -> assertThat(logEvent.getFormattedMessage()).contains("uri=/api/test"), + () -> assertThat(logEvent.getFormattedMessage()).contains("method_type=GET"), + () -> assertThat(logEvent.getFormattedMessage()).contains("status=200") + ); + } + + @Test + void 응답_시간이_3초를_초과하면_WARN_로그를_남긴다() throws Exception { + // given + long startTime = System.currentTimeMillis() - 4000; // 4초 전 + when(request.getAttribute("startTime")).thenReturn(startTime); + when(request.getRequestURI()).thenReturn("/api/slow"); + when(request.getMethod()).thenReturn("GET"); + when(response.getStatus()).thenReturn(200); + String expectedApiPerfLog = "type=API_Performance"; + + // when + interceptor.afterCompletion(request, response, handler, null); + + // then + ILoggingEvent logEvent = listAppender.list.stream() + .filter(event -> event.getFormattedMessage().contains(expectedApiPerfLog)) + .findFirst() + .orElseThrow(); + assertAll( + () -> assertThat(logEvent.getLevel().toString()).isEqualTo("WARN"), + () -> assertThat(logEvent.getFormattedMessage()).contains("uri=/api/slow"), + () -> assertThat(logEvent.getFormattedMessage()).contains("method_type=GET"), + () -> assertThat(logEvent.getFormattedMessage()).contains("status=200") + ); + } + + @Test + void startTime이_없으면_로그를_남기지_않는다() throws Exception { + // given + when(request.getAttribute("startTime")).thenReturn(null); + String noExpectedApiPerfLog = "type=API_Performance"; + + // when + interceptor.afterCompletion(request, response, handler, null); + + // then + assertThat(listAppender.list).noneMatch(event -> event.getFormattedMessage().contains(noExpectedApiPerfLog)); + } + } + + @Nested + class 예외_발생_시 { + + @Test + void 예외가_발생해도_로그를_정상_기록한다() throws Exception { + // given + long startTime = System.currentTimeMillis(); + when(request.getAttribute("startTime")).thenReturn(startTime); + when(request.getRequestURI()).thenReturn("/api/error"); + when(request.getMethod()).thenReturn("GET"); + when(response.getStatus()).thenReturn(500); + + Exception ex = new RuntimeException("Test exception"); + + String expectedApiPerfLog = "type=API_Performance"; + + // when + interceptor.afterCompletion(request, response, handler, ex); + + // then + ILoggingEvent logEvent = listAppender.list.stream() + .filter(event -> event.getFormattedMessage().contains(expectedApiPerfLog)) + .findFirst() + .orElseThrow(); + assertAll( + () -> assertThat(logEvent.getLevel().toString()).isEqualTo("INFO"), + () -> assertThat(logEvent.getFormattedMessage()).contains("uri=/api/error"), + () -> assertThat(logEvent.getFormattedMessage()).contains("method_type=GET"), + () -> assertThat(logEvent.getFormattedMessage()).contains("status=500") + ); + } + } +} diff --git a/src/test/java/com/example/solidconnection/common/interceptor/BannedUserInterceptorTest.java b/src/test/java/com/example/solidconnection/common/interceptor/BannedUserInterceptorTest.java new file mode 100644 index 000000000..d6337f55f --- /dev/null +++ b/src/test/java/com/example/solidconnection/common/interceptor/BannedUserInterceptorTest.java @@ -0,0 +1,155 @@ +package com.example.solidconnection.common.interceptor; + +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; + +import com.example.solidconnection.community.board.fixture.BoardFixture; +import com.example.solidconnection.community.post.domain.Post; +import com.example.solidconnection.community.post.domain.PostCategory; +import com.example.solidconnection.community.post.fixture.PostFixture; +import com.example.solidconnection.security.authentication.TokenAuthentication; +import com.example.solidconnection.security.userdetails.SiteUserDetails; +import com.example.solidconnection.siteuser.domain.SiteUser; +import com.example.solidconnection.siteuser.fixture.SiteUserFixture; +import com.example.solidconnection.support.TestContainerSpringBootTest; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; +import org.springframework.http.MediaType; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.test.web.servlet.MockMvc; + +@TestContainerSpringBootTest +@AutoConfigureMockMvc(addFilters = false) +@DisplayName("차단된 유저 인터셉터 테스트") +class BannedUserInterceptorTest { + + @Autowired + private MockMvc mockMvc; + + @Autowired + private SiteUserFixture siteUserFixture; + + @Autowired + private PostFixture postFixture; + + @Autowired + private BoardFixture boardFixture; + + @BeforeEach + void setUp() { + SecurityContextHolder.clearContext(); + } + + @Test + void 차단된_사용자는_게시판_관련_접근이_차단된다() throws Exception { + // given + SiteUser bannedUser = siteUserFixture.차단된_사용자("차단된유저"); + setAuthentication(bannedUser); + + // when & then + mockMvc.perform(get("/boards")) + .andExpect(status().isForbidden()); + } + + @Test + void 차단된_사용자는_게시글_관련_접근이_차단된다() throws Exception { + // given + SiteUser bannedUser = siteUserFixture.차단된_사용자("차단된유저"); + setAuthentication(bannedUser); + + // when & then + mockMvc.perform(get("/posts/1")) + .andExpect(status().isForbidden()); + + mockMvc.perform(post("/posts")) + .andExpect(status().isForbidden()); + } + + @Test + void 차단된_사용자는_댓글_관련_접근이_차단된다() throws Exception { + // given + SiteUser bannedUser = siteUserFixture.차단된_사용자("차단된유저"); + setAuthentication(bannedUser); + + // when & then + mockMvc.perform(post("/comments") + .contentType(MediaType.APPLICATION_JSON) + .content(""" + { + "postId": 1, + "content": "테스트 댓글 내용", + "parentId": null + } + """)) + .andExpect(status().isForbidden()); + } + + @Test + void 차단된_사용자는_채팅_관련_접근이_차단된다() throws Exception { + // given + SiteUser bannedUser = siteUserFixture.차단된_사용자("차단된유저"); + setAuthentication(bannedUser); + + // when & then + mockMvc.perform(get("/chats/rooms")) + .andExpect(status().isForbidden()); + } + + @Test + void 정상_사용자는_모든_경로_접근이_가능하다() throws Exception { + // given + SiteUser normalUser = siteUserFixture.사용자(1, "정상 유저1"); + Post post1 = postFixture.게시글( + "제목1", + "내용1", + false, + PostCategory.자유, + boardFixture.자유게시판(), + siteUserFixture.사용자(2, "정상 유저2") + ); + setAuthentication(normalUser); + + // when & then + mockMvc.perform(get("/boards")) + .andExpect(status().isOk()); + + mockMvc.perform(get("/posts/" + post1.getId())) + .andExpect(status().isOk()); + + mockMvc.perform(post("/comments") + .contentType(MediaType.APPLICATION_JSON) + .content(""" + { + "postId": 1, + "content": "테스트 댓글 내용", + "parentId": null + } + """)) + .andExpect(status().isOk()); + + mockMvc.perform(get("/chats/rooms")) + .andExpect(status().isOk()); + } + + @Test + void 차단된_사용자도_다른_경로_접근은_가능하다() throws Exception { + // given + SiteUser bannedUser = siteUserFixture.차단된_사용자("차단된유저"); + setAuthentication(bannedUser); + + // when & then + mockMvc.perform(get("/my")) + .andExpect(status().isOk()); + } + + private void setAuthentication(SiteUser user) { + SiteUserDetails userDetails = new SiteUserDetails(user); + Authentication authentication = new TokenAuthentication("token", userDetails); + SecurityContextHolder.getContext().setAuthentication(authentication); + } +} diff --git a/src/test/java/com/example/solidconnection/common/interceptor/RequestContextInterceptorTest.java b/src/test/java/com/example/solidconnection/common/interceptor/RequestContextInterceptorTest.java new file mode 100644 index 000000000..6d463e958 --- /dev/null +++ b/src/test/java/com/example/solidconnection/common/interceptor/RequestContextInterceptorTest.java @@ -0,0 +1,112 @@ +package com.example.solidconnection.common.interceptor; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; +import static org.springframework.web.servlet.HandlerMapping.BEST_MATCHING_PATTERN_ATTRIBUTE; + +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Nested; +import org.junit.jupiter.api.Test; + +@DisplayName("RequestContextInterceptor 테스트") +class RequestContextInterceptorTest { + + private RequestContextInterceptor interceptor; + private HttpServletRequest request; + private HttpServletResponse response; + private Object handler; + + @BeforeEach + void setUp() { + interceptor = new RequestContextInterceptor(); + request = mock(HttpServletRequest.class); + response = mock(HttpServletResponse.class); + handler = new Object(); + } + + @AfterEach + void tearDown() { + RequestContextHolder.clear(); + } + + @Nested + class PreHandle_메서드 { + + @Test + void RequestContext를_초기화_한_후_true를_리턴한다() { + // given + when(request.getMethod()).thenReturn("GET"); + when(request.getAttribute(BEST_MATCHING_PATTERN_ATTRIBUTE)).thenReturn("/api/users/{id}"); + + // when + boolean result = interceptor.preHandle(request, response, handler); + + // then + assertThat(result).isTrue(); + + RequestContext context = RequestContextHolder.getContext(); + assertThat(context).isNotNull(); + assertThat(context.getHttpMethod()).isEqualTo("GET"); + assertThat(context.getBestMatchPath()).isEqualTo("/api/users/{id}"); + } + + @Test + void best_matching_pattern이_null이면_null을_저장한다() { + // given + when(request.getMethod()).thenReturn("GET"); + when(request.getAttribute(BEST_MATCHING_PATTERN_ATTRIBUTE)).thenReturn(null); + + // when + boolean result = interceptor.preHandle(request, response, handler); + + // then + assertThat(result).isTrue(); + + RequestContext context = RequestContextHolder.getContext(); + assertThat(context.getBestMatchPath()).isNull(); + } + } + + @Nested + class AfterCompletion_메서드 { + + @Test + void RequestContext를_정리한다() { + // given + when(request.getMethod()).thenReturn("GET"); + when(request.getAttribute(BEST_MATCHING_PATTERN_ATTRIBUTE)).thenReturn("/api/users"); + + interceptor.preHandle(request, response, handler); + assertThat(RequestContextHolder.getContext()).isNotNull(); + + // when + interceptor.afterCompletion(request, response, handler, null); + + // then + assertThat(RequestContextHolder.getContext()).isNull(); + } + + @Test + void 예외가_발생해도_RequestContext를_정리한다() { + // given + when(request.getMethod()).thenReturn("POST"); + when(request.getAttribute(BEST_MATCHING_PATTERN_ATTRIBUTE)).thenReturn("/api/users"); + + interceptor.preHandle(request, response, handler); + assertThat(RequestContextHolder.getContext()).isNotNull(); + + Exception ex = new RuntimeException("Test exception"); + + // when + interceptor.afterCompletion(request, response, handler, ex); + + // then + assertThat(RequestContextHolder.getContext()).isNull(); + } + } +} diff --git a/src/test/java/com/example/solidconnection/common/listener/QueryMetricsListenerTest.java b/src/test/java/com/example/solidconnection/common/listener/QueryMetricsListenerTest.java new file mode 100644 index 000000000..e0ca19a4c --- /dev/null +++ b/src/test/java/com/example/solidconnection/common/listener/QueryMetricsListenerTest.java @@ -0,0 +1,289 @@ +package com.example.solidconnection.common.listener; + +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.eq; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +import com.example.solidconnection.common.interceptor.RequestContext; +import com.example.solidconnection.common.interceptor.RequestContextHolder; +import io.micrometer.core.instrument.MeterRegistry; +import io.micrometer.core.instrument.Timer; +import java.util.List; +import java.util.concurrent.TimeUnit; +import net.ttddyy.dsproxy.ExecutionInfo; +import net.ttddyy.dsproxy.QueryInfo; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Nested; +import org.junit.jupiter.api.Test; + +@DisplayName("QueryMetricsListener 테스트") +class QueryMetricsListenerTest { + + private QueryMetricsListener listener; + private MeterRegistry meterRegistry; + private ExecutionInfo executionInfo; + + @BeforeEach + void setUp() { + meterRegistry = mock(MeterRegistry.class); + listener = new QueryMetricsListener(meterRegistry); + executionInfo = mock(ExecutionInfo.class); + } + + @AfterEach + void tearDown() { + RequestContextHolder.clear(); + } + + @Nested + class 쿼리_메트릭_수집 { + + @Test + void SELECT_쿼리의_실행_시간을_기록한다() { + // given + String sql = "SELECT * FROM users WHERE id = ?"; + QueryInfo queryInfo = new QueryInfo(); + queryInfo.setQuery(sql); + + when(executionInfo.getElapsedTime()).thenReturn(100L); + + Timer timer = mock(Timer.class); + when(meterRegistry.timer( + eq("db.query"), + eq("sql_type"), any(String.class), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + )).thenReturn(timer); + + // when + listener.afterQuery(executionInfo, List.of(queryInfo)); + + // then + verify(meterRegistry).timer( + eq("db.query"), + eq("sql_type"), eq("SELECT"), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + ); + verify(timer).record(100L, TimeUnit.MILLISECONDS); + } + + @Test + void INSERT_쿼리의_실행_시간을_기록한다() { + // given + String sql = "INSERT INTO users (name) VALUES (?)"; + QueryInfo queryInfo = new QueryInfo(); + queryInfo.setQuery(sql); + + when(executionInfo.getElapsedTime()).thenReturn(100L); + + Timer timer = mock(Timer.class); + when(meterRegistry.timer( + eq("db.query"), + eq("sql_type"), any(String.class), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + )).thenReturn(timer); + + // when + listener.afterQuery(executionInfo, List.of(queryInfo)); + + // then + verify(meterRegistry).timer( + eq("db.query"), + eq("sql_type"), eq("INSERT"), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + ); + verify(timer).record(100L, TimeUnit.MILLISECONDS); + } + + @Test + void UPDATE_쿼리의_실행_시간을_기록한다() { + // given + String sql = "UPDATE users SET name = ? WHERE id = ?"; + QueryInfo queryInfo = new QueryInfo(); + queryInfo.setQuery(sql); + + when(executionInfo.getElapsedTime()).thenReturn(100L); + + Timer timer = mock(Timer.class); + when(meterRegistry.timer( + eq("db.query"), + eq("sql_type"), eq("UPDATE"), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + )).thenReturn(timer); + + // when + listener.afterQuery(executionInfo, List.of(queryInfo)); + + // then + verify(meterRegistry).timer( + eq("db.query"), + eq("sql_type"), eq("UPDATE"), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + ); + verify(timer).record(100L, TimeUnit.MILLISECONDS); + } + + @Test + void DELETE_쿼리의_실행_시간을_기록한다() { + // given + String sql = "DELETE FROM users WHERE id = ?"; + QueryInfo queryInfo = new QueryInfo(); + queryInfo.setQuery(sql); + + when(executionInfo.getElapsedTime()).thenReturn(100L); + + Timer timer = mock(Timer.class); + when(meterRegistry.timer( + eq("db.query"), + eq("sql_type"), eq("DELETE"), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + )).thenReturn(timer); + + // when + listener.afterQuery(executionInfo, List.of(queryInfo)); + + // then + verify(meterRegistry).timer( + eq("db.query"), + eq("sql_type"), eq("DELETE"), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + ); + verify(timer).record(100L, TimeUnit.MILLISECONDS); + } + + @Test + void 알수없는_쿼리는_UNKNOWN으로_기록한다() { + // given + String sql = "SHOW TABLES"; + QueryInfo queryInfo = new QueryInfo(); + queryInfo.setQuery(sql); + + when(executionInfo.getElapsedTime()).thenReturn(100L); + + Timer timer = mock(Timer.class); + when(meterRegistry.timer( + eq("db.query"), + eq("sql_type"), any(String.class), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + )).thenReturn(timer); + + // when + listener.afterQuery(executionInfo, List.of(queryInfo)); + + // then + verify(meterRegistry).timer( + eq("db.query"), + eq("sql_type"), eq("UNKNOWN"), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + ); + verify(timer).record(100L, TimeUnit.MILLISECONDS); + } + + @Test + void null_쿼리는_OTHER로_기록한다() { + // given + QueryInfo queryInfo = new QueryInfo(); + when(executionInfo.getElapsedTime()).thenReturn(100L); + + Timer timer = mock(Timer.class); + when(meterRegistry.timer( + eq("db.query"), + eq("sql_type"), any(String.class), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + )).thenReturn(timer); + + // when + listener.afterQuery(executionInfo, List.of(queryInfo)); + + // then + verify(meterRegistry).timer( + eq("db.query"), + eq("sql_type"), eq("OTHER"), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + ); + verify(timer).record(100L, TimeUnit.MILLISECONDS); + } + } + + @Nested + class RequestContext_연동 { + + @Test + void RequestContext가_있으면_HTTP_정보를_포함한다() { + // given + RequestContext context = new RequestContext("GET", "/api/users"); + RequestContextHolder.initContext(context); + + String sql = "SELECT * FROM users"; + QueryInfo queryInfo = new QueryInfo(); + queryInfo.setQuery(sql); + + when(executionInfo.getElapsedTime()).thenReturn(100L); + + Timer timer = mock(Timer.class); + when(meterRegistry.timer( + eq("db.query"), + eq("sql_type"), any(String.class), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + )).thenReturn(timer); + + // when + listener.afterQuery(executionInfo, List.of(queryInfo)); + + // then + verify(meterRegistry).timer( + eq("db.query"), + eq("sql_type"), eq("SELECT"), + eq("http_method"), eq("GET"), + eq("http_path"), eq("/api/users") + ); + verify(timer).record(100L, TimeUnit.MILLISECONDS); + } + + @Test + void RequestContext가_없으면_기본값을_사용한다() { + // given + String sql = "SELECT * FROM users"; + QueryInfo queryInfo = new QueryInfo(); + queryInfo.setQuery(sql); + + when(executionInfo.getElapsedTime()).thenReturn(100L); + + Timer timer = mock(Timer.class); + when(meterRegistry.timer( + eq("db.query"), + eq("sql_type"), any(String.class), + eq("http_method"), any(String.class), + eq("http_path"), any(String.class) + )).thenReturn(timer); + + // when + listener.afterQuery(executionInfo, List.of(queryInfo)); + + // then + verify(meterRegistry).timer( + eq("db.query"), + eq("sql_type"), eq("SELECT"), + eq("http_method"), eq("-"), + eq("http_path"), eq("-") + ); + verify(timer).record(100L, TimeUnit.MILLISECONDS); + } + } +} diff --git a/src/test/java/com/example/solidconnection/report/fixture/ReportFixture.java b/src/test/java/com/example/solidconnection/report/fixture/ReportFixture.java index 91c837bf3..67a95e0e4 100644 --- a/src/test/java/com/example/solidconnection/report/fixture/ReportFixture.java +++ b/src/test/java/com/example/solidconnection/report/fixture/ReportFixture.java @@ -11,9 +11,10 @@ public class ReportFixture { private final ReportFixtureBuilder reportFixtureBuilder; - public Report 신고(long reporterId, TargetType targetType, long targetId) { + public Report 신고(long reporterId, long reportedId, TargetType targetType, long targetId) { return reportFixtureBuilder.report() .reporterId(reporterId) + .reportedId(reportedId) .targetType(targetType) .targetId(targetId) .create(); diff --git a/src/test/java/com/example/solidconnection/report/fixture/ReportFixtureBuilder.java b/src/test/java/com/example/solidconnection/report/fixture/ReportFixtureBuilder.java index 08d0b276c..0c7705dcf 100644 --- a/src/test/java/com/example/solidconnection/report/fixture/ReportFixtureBuilder.java +++ b/src/test/java/com/example/solidconnection/report/fixture/ReportFixtureBuilder.java @@ -14,6 +14,7 @@ public class ReportFixtureBuilder { private final ReportRepository reportRepository; private long reporterId; + private long reportedId; private TargetType targetType; private long targetId; private ReportType reportType = ReportType.ADVERTISEMENT; @@ -27,6 +28,11 @@ public ReportFixtureBuilder reporterId(long reporterId) { return this; } + public ReportFixtureBuilder reportedId(long reportedId) { + this.reportedId = reportedId; + return this; + } + public ReportFixtureBuilder targetType(TargetType targetType) { this.targetType = targetType; return this; @@ -45,6 +51,7 @@ public ReportFixtureBuilder reasonType(ReportType reportType) { public Report create() { Report report = new Report( reporterId, + reportedId, reportType, targetType, targetId diff --git a/src/test/java/com/example/solidconnection/report/service/ReportServiceTest.java b/src/test/java/com/example/solidconnection/report/service/ReportServiceTest.java index cdc9b875f..4a463ba35 100644 --- a/src/test/java/com/example/solidconnection/report/service/ReportServiceTest.java +++ b/src/test/java/com/example/solidconnection/report/service/ReportServiceTest.java @@ -4,8 +4,10 @@ import static org.assertj.core.api.Assertions.assertThatCode; import com.example.solidconnection.chat.domain.ChatMessage; +import com.example.solidconnection.chat.domain.ChatParticipant; import com.example.solidconnection.chat.domain.ChatRoom; import com.example.solidconnection.chat.fixture.ChatMessageFixture; +import com.example.solidconnection.chat.fixture.ChatParticipantFixture; import com.example.solidconnection.chat.fixture.ChatRoomFixture; import com.example.solidconnection.common.exception.CustomException; import com.example.solidconnection.common.exception.ErrorCode; @@ -52,20 +54,26 @@ class ReportServiceTest { @Autowired private ChatRoomFixture chatRoomFixture; + @Autowired + private ChatParticipantFixture chatParticipantFixture; + @Autowired private ChatMessageFixture chatMessageFixture; private SiteUser siteUser; + private SiteUser reportedUser; private Post post; private ChatMessage chatMessage; @BeforeEach void setUp() { siteUser = siteUserFixture.사용자(); + reportedUser = siteUserFixture.신고된_사용자("신고된사용자"); Board board = boardFixture.자유게시판(); post = postFixture.게시글(board, siteUser); ChatRoom chatRoom = chatRoomFixture.채팅방(false); - chatMessage = chatMessageFixture.메시지("채팅", siteUser.getId(), chatRoom); + ChatParticipant chatParticipant = chatParticipantFixture.참여자(siteUser.getId(), chatRoom); + chatMessage = chatMessageFixture.메시지("채팅", chatParticipant.getId(), chatRoom); } @Nested @@ -100,7 +108,7 @@ class 포스트_신고 { @Test void 이미_신고한_경우_예외가_발생한다() { // given - reportFixture.신고(siteUser.getId(), TargetType.POST, post.getId()); + reportFixture.신고(siteUser.getId(), reportedUser.getId(), TargetType.POST, post.getId()); ReportRequest request = new ReportRequest(ReportType.INSULT, TargetType.POST, post.getId()); // when & then @@ -142,7 +150,7 @@ class 채팅_신고 { @Test void 이미_신고한_경우_예외가_발생한다() { // given - reportFixture.신고(siteUser.getId(), TargetType.CHAT, chatMessage.getId()); + reportFixture.신고(siteUser.getId(), reportedUser.getId(), TargetType.CHAT, chatMessage.getId()); ReportRequest request = new ReportRequest(ReportType.INSULT, TargetType.CHAT, chatMessage.getId()); // when & then diff --git a/src/test/java/com/example/solidconnection/security/filter/TokenAuthenticationFilterTest.java b/src/test/java/com/example/solidconnection/security/filter/TokenAuthenticationFilterTest.java index 36d8c3dd8..d0b7d8963 100644 --- a/src/test/java/com/example/solidconnection/security/filter/TokenAuthenticationFilterTest.java +++ b/src/test/java/com/example/solidconnection/security/filter/TokenAuthenticationFilterTest.java @@ -1,12 +1,17 @@ package com.example.solidconnection.security.filter; import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.BDDMockito.given; import static org.mockito.BDDMockito.then; import static org.mockito.Mockito.spy; import com.example.solidconnection.auth.token.config.JwtProperties; import com.example.solidconnection.security.authentication.TokenAuthentication; +import com.example.solidconnection.security.userdetails.SiteUserDetails; import com.example.solidconnection.security.userdetails.SiteUserDetailsService; +import com.example.solidconnection.siteuser.domain.SiteUser; +import com.example.solidconnection.siteuser.fixture.SiteUserFixture; import com.example.solidconnection.support.TestContainerSpringBootTest; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; @@ -33,6 +38,9 @@ class TokenAuthenticationFilterTest { @Autowired private JwtProperties jwtProperties; + @Autowired + private SiteUserFixture siteUserFixture; + @MockBean // 이 테스트코드에서 사용자를 조회할 필요는 없으므로 MockBean 으로 대체 private SiteUserDetailsService siteUserDetailsService; @@ -45,6 +53,11 @@ void setUp() { response = new MockHttpServletResponse(); filterChain = spy(FilterChain.class); SecurityContextHolder.clearContext(); + + SiteUser siteUser = siteUserFixture.사용자(1, "test"); + SiteUserDetails userDetails = new SiteUserDetails(siteUser); + given(siteUserDetailsService.loadUserByUsername(anyString())) + .willReturn(userDetails); } @Test @@ -61,8 +74,9 @@ void setUp() { } @Test - void 토큰이_있으면_컨텍스트에_저장한다() throws Exception { + void 토큰이_있으면_컨텍스트에_저장하고_userId를_request에_설정한다() throws Exception { // given + Long expectedUserId = 1L; Date validExpiration = new Date(System.currentTimeMillis() + 1000); String token = createTokenWithExpiration(validExpiration); request = createRequestWithToken(token); @@ -73,6 +87,7 @@ void setUp() { // then assertThat(SecurityContextHolder.getContext().getAuthentication()) .isExactlyInstanceOf(TokenAuthentication.class); + assertThat(request.getAttribute("userId")).isEqualTo(expectedUserId); then(filterChain).should().doFilter(request, response); } diff --git a/src/test/java/com/example/solidconnection/siteuser/fixture/SiteUserFixture.java b/src/test/java/com/example/solidconnection/siteuser/fixture/SiteUserFixture.java index 9c2eb12bc..cdf48a024 100644 --- a/src/test/java/com/example/solidconnection/siteuser/fixture/SiteUserFixture.java +++ b/src/test/java/com/example/solidconnection/siteuser/fixture/SiteUserFixture.java @@ -3,6 +3,7 @@ import com.example.solidconnection.siteuser.domain.AuthType; import com.example.solidconnection.siteuser.domain.Role; import com.example.solidconnection.siteuser.domain.SiteUser; +import com.example.solidconnection.siteuser.domain.UserStatus; import lombok.RequiredArgsConstructor; import org.springframework.boot.test.context.TestComponent; @@ -20,6 +21,7 @@ public class SiteUserFixture { .profileImageUrl("profileImageUrl") .role(Role.MENTEE) .password("password123") + .userStatus(UserStatus.ACTIVE) .create(); } @@ -31,6 +33,7 @@ public class SiteUserFixture { .profileImageUrl("profileImageUrl") .role(Role.MENTEE) .password("password123") + .userStatus(UserStatus.ACTIVE) .create(); } @@ -42,6 +45,7 @@ public class SiteUserFixture { .profileImageUrl("profileImageUrl") .role(Role.MENTEE) .password("password123") + .userStatus(UserStatus.ACTIVE) .create(); } @@ -53,6 +57,7 @@ public class SiteUserFixture { .profileImageUrl("profileImageUrl") .role(Role.MENTEE) .password(password) + .userStatus(UserStatus.ACTIVE) .create(); } @@ -64,6 +69,7 @@ public class SiteUserFixture { .profileImageUrl("profileImageUrl") .role(Role.MENTOR) .password("mentor123") + .userStatus(UserStatus.ACTIVE) .create(); } @@ -75,6 +81,31 @@ public class SiteUserFixture { .profileImageUrl("profileImageUrl") .role(Role.ADMIN) .password("admin123") + .userStatus(UserStatus.ACTIVE) + .create(); + } + + public SiteUser 신고된_사용자(String nickname) { + return siteUserFixtureBuilder.siteUser() + .email("reported@example.com") + .authType(AuthType.EMAIL) + .nickname(nickname) + .profileImageUrl("profileImageUrl") + .role(Role.MENTEE) + .password("reported123") + .userStatus(UserStatus.REPORTED) + .create(); + } + + public SiteUser 차단된_사용자(String nickname) { + return siteUserFixtureBuilder.siteUser() + .email("banned@example.com") + .authType(AuthType.EMAIL) + .nickname(nickname) + .profileImageUrl("profileImageUrl") + .role(Role.MENTEE) + .password("banned123") + .userStatus(UserStatus.BANNED) .create(); } } diff --git a/src/test/java/com/example/solidconnection/siteuser/fixture/SiteUserFixtureBuilder.java b/src/test/java/com/example/solidconnection/siteuser/fixture/SiteUserFixtureBuilder.java index 901de4d6a..e4497f24c 100644 --- a/src/test/java/com/example/solidconnection/siteuser/fixture/SiteUserFixtureBuilder.java +++ b/src/test/java/com/example/solidconnection/siteuser/fixture/SiteUserFixtureBuilder.java @@ -4,6 +4,7 @@ import com.example.solidconnection.siteuser.domain.ExchangeStatus; import com.example.solidconnection.siteuser.domain.Role; import com.example.solidconnection.siteuser.domain.SiteUser; +import com.example.solidconnection.siteuser.domain.UserStatus; import com.example.solidconnection.siteuser.repository.SiteUserRepository; import lombok.RequiredArgsConstructor; import org.springframework.boot.test.context.TestComponent; @@ -22,6 +23,7 @@ public class SiteUserFixtureBuilder { private String profileImageUrl; private Role role; private String password; + private UserStatus userStatus; public SiteUserFixtureBuilder siteUser() { return new SiteUserFixtureBuilder(siteUserRepository, passwordEncoder); @@ -57,6 +59,11 @@ public SiteUserFixtureBuilder password(String password) { return this; } + public SiteUserFixtureBuilder userStatus(UserStatus userStatus) { + this.userStatus = userStatus; + return this; + } + public SiteUser create() { SiteUser siteUser = new SiteUser( email, @@ -65,7 +72,8 @@ public SiteUser create() { ExchangeStatus.CONSIDERING, role, authType, - passwordEncoder.encode(password) + passwordEncoder.encode(password), + userStatus != null ? userStatus : UserStatus.ACTIVE ); return siteUserRepository.save(siteUser); } diff --git a/src/test/java/com/example/solidconnection/siteuser/fixture/UserBanFixture.java b/src/test/java/com/example/solidconnection/siteuser/fixture/UserBanFixture.java new file mode 100644 index 000000000..b73e4f055 --- /dev/null +++ b/src/test/java/com/example/solidconnection/siteuser/fixture/UserBanFixture.java @@ -0,0 +1,37 @@ +package com.example.solidconnection.siteuser.fixture; + +import com.example.solidconnection.siteuser.domain.UserBan; +import com.example.solidconnection.siteuser.domain.UserBanDuration; + +import java.time.ZonedDateTime; +import lombok.RequiredArgsConstructor; +import org.springframework.boot.test.context.TestComponent; + +@TestComponent +@RequiredArgsConstructor +public class UserBanFixture { + + private final UserBanFixtureBuilder userBanFixtureBuilder; + + private static final long DEFAULT_ADMIN_ID = 1L; + + public UserBan 만료된_차단(long bannedUserId) { + return userBanFixtureBuilder.userBan() + .bannedUserId(bannedUserId) + .bannedBy(DEFAULT_ADMIN_ID) + .duration(UserBanDuration.ONE_DAY) + .expiredAt(ZonedDateTime.now().minusDays(1)) + .create(); + } + + public UserBan 수동_차단_해제(long bannedUserId, long adminId) { + UserBan userBan = userBanFixtureBuilder.userBan() + .bannedUserId(bannedUserId) + .bannedBy(adminId) + .duration(UserBanDuration.SEVEN_DAYS) + .expiredAt(ZonedDateTime.now().plusDays(7)) + .create(); + userBan.manuallyUnban(adminId); + return userBan; + } +} diff --git a/src/test/java/com/example/solidconnection/siteuser/fixture/UserBanFixtureBuilder.java b/src/test/java/com/example/solidconnection/siteuser/fixture/UserBanFixtureBuilder.java new file mode 100644 index 000000000..6ad095979 --- /dev/null +++ b/src/test/java/com/example/solidconnection/siteuser/fixture/UserBanFixtureBuilder.java @@ -0,0 +1,49 @@ +package com.example.solidconnection.siteuser.fixture; + +import com.example.solidconnection.siteuser.domain.UserBan; +import com.example.solidconnection.siteuser.domain.UserBanDuration; +import com.example.solidconnection.siteuser.repository.UserBanRepository; +import java.time.ZonedDateTime; +import lombok.RequiredArgsConstructor; +import org.springframework.boot.test.context.TestComponent; + +@TestComponent +@RequiredArgsConstructor +public class UserBanFixtureBuilder { + + private final UserBanRepository userBanRepository; + + private Long bannedUserId; + private Long bannedBy; + private UserBanDuration duration; + private ZonedDateTime expiredAt; + + public UserBanFixtureBuilder userBan() { + return new UserBanFixtureBuilder(userBanRepository); + } + + public UserBanFixtureBuilder bannedUserId(Long bannedUserId) { + this.bannedUserId = bannedUserId; + return this; + } + + public UserBanFixtureBuilder bannedBy(Long bannedBy) { + this.bannedBy = bannedBy; + return this; + } + + public UserBanFixtureBuilder duration(UserBanDuration duration) { + this.duration = duration; + return this; + } + + public UserBanFixtureBuilder expiredAt(ZonedDateTime expiredAt) { + this.expiredAt = expiredAt; + return this; + } + + public UserBan create() { + UserBan userBan = new UserBan(bannedUserId, bannedBy, duration, expiredAt); + return userBanRepository.save(userBan); + } +}