refactor: 인증 정보 argumentResolver가 long siteUserId를 주입하도록 (#396)

* refactor: long 또는 Long을 추출하도록

* refactor: 파라미터가 원시타입이면 반드시 required로 해석하도록

* test: argumentResolver 변경사항 테스트 코드에 반영

- 추가로, 반복되던 mocking 으로 가독성을 해치던 것을 해결

* refactor: long id를 받도록 ApplicationController 수정

* refactor: long id를 받도록 AuthController 수정

* refactor: long id를 받도록 CommentController 수정

* refactor: long id를 받도록 PostController 수정

* refactor: long id를 받도록 MentorController 수정

* refactor: long id를 받도록 NewsController 수정

* refactor: long id를 받도록 S3Controller 수정

* refactor: long id를 받도록 ScoreController 수정

* refactor: long id를 받도록 MyPageController 수정

* refactor: long id를 받도록 UniversityController 수정

* refactor: 누락된 부분 포함하여 변경

* chore: todo 추가

Author: nayonsoso

src/main/java/com/example/solidconnection/application/controller/ApplicationController.java

@@ -8,7 +8,6 @@
 import com.example.solidconnection.common.resolver.AuthorizedUser;
 import com.example.solidconnection.security.annotation.RequireRoleAccess;
 import com.example.solidconnection.siteuser.domain.Role;
-import com.example.solidconnection.siteuser.domain.SiteUser;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.HttpStatus;
@@ -31,10 +30,10 @@ public class ApplicationController {
     // 지원서 제출하기 api
     @PostMapping
     public ResponseEntity<ApplicationSubmissionResponse> apply(
-            @AuthorizedUser SiteUser siteUser,
+            @AuthorizedUser long siteUserId,
             @Valid @RequestBody ApplyRequest applyRequest
     ) {
-        ApplicationSubmissionResponse applicationSubmissionResponse = applicationSubmissionService.apply(siteUser, applyRequest);
+        ApplicationSubmissionResponse applicationSubmissionResponse = applicationSubmissionService.apply(siteUserId, applyRequest);
         return ResponseEntity
                 .status(HttpStatus.OK)
                 .body(applicationSubmissionResponse);
@@ -43,22 +42,22 @@ public ResponseEntity<ApplicationSubmissionResponse> apply(
     @RequireRoleAccess(roles = {Role.ADMIN})
     @GetMapping
     public ResponseEntity<ApplicationsResponse> getApplicants(
-            @AuthorizedUser SiteUser siteUser,
+            @AuthorizedUser long siteUserId,
             @RequestParam(required = false, defaultValue = "") String region,
             @RequestParam(required = false, defaultValue = "") String keyword
     ) {
-        applicationQueryService.validateSiteUserCanViewApplicants(siteUser);
-        ApplicationsResponse result = applicationQueryService.getApplicants(siteUser, region, keyword);
+        applicationQueryService.validateSiteUserCanViewApplicants(siteUserId);
+        ApplicationsResponse result = applicationQueryService.getApplicants(siteUserId, region, keyword);
         return ResponseEntity
                 .ok(result);
     }
 
     @GetMapping("/competitors")
     public ResponseEntity<ApplicationsResponse> getApplicantsForUserCompetitors(
-            @AuthorizedUser SiteUser siteUser
+            @AuthorizedUser long siteUserId
     ) {
-        applicationQueryService.validateSiteUserCanViewApplicants(siteUser);
-        ApplicationsResponse result = applicationQueryService.getApplicantsByUserApplications(siteUser);
+        applicationQueryService.validateSiteUserCanViewApplicants(siteUserId);
+        ApplicationsResponse result = applicationQueryService.getApplicantsByUserApplications(siteUserId);
         return ResponseEntity
                 .ok(result);
     }

src/main/java/com/example/solidconnection/application/service/ApplicationQueryService.java

@@ -1,6 +1,7 @@
 package com.example.solidconnection.application.service;
 
 import static com.example.solidconnection.common.exception.ErrorCode.APPLICATION_NOT_APPROVED;
+import static com.example.solidconnection.common.exception.ErrorCode.USER_NOT_FOUND;
 
 import com.example.solidconnection.application.domain.Application;
 import com.example.solidconnection.application.dto.ApplicantsResponse;
@@ -9,6 +10,7 @@
 import com.example.solidconnection.common.VerifyStatus;
 import com.example.solidconnection.common.exception.CustomException;
 import com.example.solidconnection.siteuser.domain.SiteUser;
+import com.example.solidconnection.siteuser.repository.SiteUserRepository;
 import com.example.solidconnection.university.domain.UnivApplyInfo;
 import com.example.solidconnection.university.repository.UnivApplyInfoRepository;
 import com.example.solidconnection.university.repository.custom.UnivApplyInfoFilterRepositoryImpl;
@@ -32,14 +34,17 @@ public class ApplicationQueryService {
     private final ApplicationRepository applicationRepository;
     private final UnivApplyInfoRepository univApplyInfoRepository;
     private final UnivApplyInfoFilterRepositoryImpl universityFilterRepository;
+    private final SiteUserRepository siteUserRepository;
 
     @Value("${university.term}")
     public String term;
 
     // todo: 캐싱 정책 변경 시 수정 필요
     @Transactional(readOnly = true)
-    public ApplicationsResponse getApplicants(SiteUser siteUser, String regionCode, String keyword) {
+    public ApplicationsResponse getApplicants(long siteUserId, String regionCode, String keyword) {
         // 1. 대학 지원 정보 필터링 (regionCode, keyword)
+        SiteUser siteUser = siteUserRepository.findById(siteUserId)
+                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
         List<UnivApplyInfo> univApplyInfos = universityFilterRepository.findAllByRegionCodeAndKeywords(regionCode, List.of(keyword));
         if (univApplyInfos.isEmpty()) {
             return new ApplicationsResponse(List.of(), List.of(), List.of());
@@ -54,7 +59,9 @@ public ApplicationsResponse getApplicants(SiteUser siteUser, String regionCode,
     }
 
     @Transactional(readOnly = true)
-    public ApplicationsResponse getApplicantsByUserApplications(SiteUser siteUser) {
+    public ApplicationsResponse getApplicantsByUserApplications(long siteUserId) {
+        SiteUser siteUser = siteUserRepository.findById(siteUserId)
+                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
         Application userLatestApplication = applicationRepository.getApplicationBySiteUserIdAndTerm(siteUser.getId(), term);
 
         List<Long> univApplyInfoIds = Stream.of(
@@ -118,7 +125,9 @@ private List<ApplicantsResponse> createUniversityApplicantsResponses(
     }
 
     @Transactional(readOnly = true)
-    public void validateSiteUserCanViewApplicants(SiteUser siteUser) {
+    public void validateSiteUserCanViewApplicants(long siteUserId) {
+        SiteUser siteUser = siteUserRepository.findById(siteUserId)
+                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
         VerifyStatus verifyStatus = applicationRepository.getApplicationBySiteUserIdAndTerm(siteUser.getId(), term).getVerifyStatus();
         if (verifyStatus != VerifyStatus.APPROVED) {
             throw new CustomException(APPLICATION_NOT_APPROVED);

src/main/java/com/example/solidconnection/application/service/ApplicationSubmissionService.java

@@ -5,6 +5,7 @@
 import static com.example.solidconnection.common.exception.ErrorCode.INVALID_GPA_SCORE_STATUS;
 import static com.example.solidconnection.common.exception.ErrorCode.INVALID_LANGUAGE_TEST_SCORE;
 import static com.example.solidconnection.common.exception.ErrorCode.INVALID_LANGUAGE_TEST_SCORE_STATUS;
+import static com.example.solidconnection.common.exception.ErrorCode.USER_NOT_FOUND;
 
 import com.example.solidconnection.application.domain.Application;
 import com.example.solidconnection.application.dto.ApplicationSubmissionResponse;
@@ -18,6 +19,7 @@
 import com.example.solidconnection.score.repository.GpaScoreRepository;
 import com.example.solidconnection.score.repository.LanguageTestScoreRepository;
 import com.example.solidconnection.siteuser.domain.SiteUser;
+import com.example.solidconnection.siteuser.repository.SiteUserRepository;
 import java.util.Optional;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Value;
@@ -33,14 +35,17 @@ public class ApplicationSubmissionService {
     private final ApplicationRepository applicationRepository;
     private final GpaScoreRepository gpaScoreRepository;
     private final LanguageTestScoreRepository languageTestScoreRepository;
+    private final SiteUserRepository siteUserRepository;
 
     @Value("${university.term}")
     private String term;
 
     // 학점 및 어학성적이 모두 유효한 경우에만 지원서 등록이 가능하다.
     // 기존에 있던 status field 우선 APRROVED로 입력시킨다.
     @Transactional
-    public ApplicationSubmissionResponse apply(SiteUser siteUser, ApplyRequest applyRequest) {
+    public ApplicationSubmissionResponse apply(long siteUserId, ApplyRequest applyRequest) {
+        SiteUser siteUser = siteUserRepository.findById(siteUserId)
+                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
         UnivApplyInfoChoiceRequest univApplyInfoChoiceRequest = applyRequest.univApplyInfoChoiceRequest();
         GpaScore gpaScore = getValidGpaScore(siteUser, applyRequest.gpaScoreId());
         LanguageTestScore languageTestScore = getValidLanguageTestScore(siteUser, applyRequest.languageTestScoreId());

src/main/java/com/example/solidconnection/auth/controller/AuthController.java

@@ -21,7 +21,6 @@
 import com.example.solidconnection.common.exception.ErrorCode;
 import com.example.solidconnection.common.resolver.AuthorizedUser;
 import com.example.solidconnection.siteuser.domain.AuthType;
-import com.example.solidconnection.siteuser.domain.SiteUser;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
@@ -104,11 +103,11 @@ public ResponseEntity<Void> signOut(
 
     @DeleteMapping("/quit")
     public ResponseEntity<Void> quit(
-            @AuthorizedUser SiteUser siteUser,
-            Authentication authentication // todo: #299를 작업하며 인자를 (Authentication authentication)만 받도록 수정해야 함
+            Authentication authentication,
+            @AuthorizedUser long siteUserId
     ) {
         String accessToken = getAccessToken(authentication);
-        authService.quit(siteUser, accessToken);
+        authService.quit(siteUserId, accessToken);
         return ResponseEntity.ok().build();
     }
 

src/main/java/com/example/solidconnection/auth/service/AuthService.java

@@ -1,12 +1,14 @@
 package com.example.solidconnection.auth.service;
 
 import static com.example.solidconnection.common.exception.ErrorCode.REFRESH_TOKEN_EXPIRED;
+import static com.example.solidconnection.common.exception.ErrorCode.USER_NOT_FOUND;
 
 import com.example.solidconnection.auth.dto.ReissueRequest;
 import com.example.solidconnection.auth.dto.ReissueResponse;
 import com.example.solidconnection.auth.token.TokenBlackListService;
 import com.example.solidconnection.common.exception.CustomException;
 import com.example.solidconnection.siteuser.domain.SiteUser;
+import com.example.solidconnection.siteuser.repository.SiteUserRepository;
 import java.time.LocalDate;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
@@ -18,6 +20,7 @@ public class AuthService {
 
     private final AuthTokenProvider authTokenProvider;
     private final TokenBlackListService tokenBlackListService;
+    private final SiteUserRepository siteUserRepository;
 
     /*
      * 로그아웃한다.
@@ -37,7 +40,9 @@ public void signOut(String token) {
      * - 로그아웃한다.
      * */
     @Transactional
-    public void quit(SiteUser siteUser, String token) { // todo: #299를 작업하며 인자를 (String token)만 받도록 수정해야 함
+    public void quit(long siteUserId, String token) {
+        SiteUser siteUser = siteUserRepository.findById(siteUserId)
+                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
         LocalDate tomorrow = LocalDate.now().plusDays(1);
         siteUser.setQuitedAt(tomorrow);
         signOut(token);

src/main/java/com/example/solidconnection/common/resolver/AuthorizedUserResolver.java

@@ -4,7 +4,6 @@
 
 import com.example.solidconnection.common.exception.CustomException;
 import com.example.solidconnection.security.userdetails.SiteUserDetails;
-import com.example.solidconnection.siteuser.domain.SiteUser;
 import lombok.RequiredArgsConstructor;
 import org.springframework.core.MethodParameter;
 import org.springframework.security.core.Authentication;
@@ -22,29 +21,37 @@ public class AuthorizedUserResolver implements HandlerMethodArgumentResolver {
     @Override
     public boolean supportsParameter(MethodParameter parameter) {
         return parameter.hasParameterAnnotation(AuthorizedUser.class)
-                && parameter.getParameterType().equals(SiteUser.class);
+                && (parameter.getParameterType().equals(long.class)
+                || parameter.getParameterType().equals(Long.class));
     }
 
     @Override
     public Object resolveArgument(MethodParameter parameter,
                                   ModelAndViewContainer mavContainer,
                                   NativeWebRequest webRequest,
                                   WebDataBinderFactory binderFactory) {
-        SiteUser siteUser = extractSiteUserFromAuthentication();
-        if (parameter.getParameterAnnotation(AuthorizedUser.class).required() && siteUser == null) {
+        Long siteUserId = extractIdFromAuthentication();
+        if (isRequired(parameter) && siteUserId == null) {
             throw new CustomException(AUTHENTICATION_FAILED, "로그인 상태가 아닙니다.");
         }
-
-        return siteUser;
+        return siteUserId;
     }
 
-    private SiteUser extractSiteUserFromAuthentication() {
+    private Long extractIdFromAuthentication() {
         try {
             Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
             SiteUserDetails principal = (SiteUserDetails) authentication.getPrincipal();
-            return principal.getSiteUser();
+            return principal.getSiteUser().getId();
         } catch (Exception e) {
             return null;
         }
     }
+
+    private boolean isRequired(MethodParameter parameter) {
+        if (parameter.getParameterType().isPrimitive()) { // NPE 방지를 위해 required로 간주
+            return true;
+        }
+        AuthorizedUser authorizedUser = parameter.getParameterAnnotation(AuthorizedUser.class);
+        return authorizedUser != null && authorizedUser.required();
+    }
 }

src/main/java/com/example/solidconnection/community/board/controller/BoardController.java

@@ -4,7 +4,6 @@
 import com.example.solidconnection.community.board.domain.BoardCode;
 import com.example.solidconnection.community.post.dto.PostListResponse;
 import com.example.solidconnection.community.post.service.PostQueryService;
-import com.example.solidconnection.siteuser.domain.SiteUser;
 import java.util.ArrayList;
 import java.util.List;
 import lombok.RequiredArgsConstructor;
@@ -34,7 +33,7 @@ public ResponseEntity<?> findAccessibleCodes() {
 
     @GetMapping("/{code}")
     public ResponseEntity<?> findPostsByCodeAndCategory(
-            @AuthorizedUser SiteUser siteUser,
+            @AuthorizedUser long siteUserId, // todo: '사용하지 않는 인자'로 인증된 유저만 접근하게 하기보다는, 다른 방식으로 접근하는것이 좋을 것 같다
             @PathVariable(value = "code") String code,
             @RequestParam(value = "category", defaultValue = "전체") String category) {
         List<PostListResponse> postsByCodeAndPostCategory = postQueryService

src/main/java/com/example/solidconnection/community/comment/controller/CommentController.java

@@ -7,7 +7,6 @@
 import com.example.solidconnection.community.comment.dto.CommentUpdateRequest;
 import com.example.solidconnection.community.comment.dto.CommentUpdateResponse;
 import com.example.solidconnection.community.comment.service.CommentService;
-import com.example.solidconnection.siteuser.domain.SiteUser;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
@@ -28,29 +27,29 @@ public class CommentController {
 
     @PostMapping
     public ResponseEntity<?> createComment(
-            @AuthorizedUser SiteUser siteUser,
+            @AuthorizedUser long siteUserId,
             @Valid @RequestBody CommentCreateRequest commentCreateRequest
     ) {
-        CommentCreateResponse response = commentService.createComment(siteUser, commentCreateRequest);
+        CommentCreateResponse response = commentService.createComment(siteUserId, commentCreateRequest);
         return ResponseEntity.ok().body(response);
     }
 
     @PatchMapping("/{comment_id}")
     public ResponseEntity<?> updateComment(
-            @AuthorizedUser SiteUser siteUser,
+            @AuthorizedUser long siteUserId,
             @PathVariable("comment_id") Long commentId,
             @Valid @RequestBody CommentUpdateRequest commentUpdateRequest
     ) {
-        CommentUpdateResponse response = commentService.updateComment(siteUser, commentId, commentUpdateRequest);
+        CommentUpdateResponse response = commentService.updateComment(siteUserId, commentId, commentUpdateRequest);
         return ResponseEntity.ok().body(response);
     }
 
     @DeleteMapping("/{comment_id}")
     public ResponseEntity<?> deleteCommentById(
-            @AuthorizedUser SiteUser siteUser,
+            @AuthorizedUser long siteUserId,
             @PathVariable("comment_id") Long commentId
     ) {
-        CommentDeleteResponse response = commentService.deleteCommentById(siteUser, commentId);
+        CommentDeleteResponse response = commentService.deleteCommentById(siteUserId, commentId);
         return ResponseEntity.ok().body(response);
     }
 }

src/main/java/com/example/solidconnection/community/comment/service/CommentService.java

@@ -3,6 +3,7 @@
 import static com.example.solidconnection.common.exception.ErrorCode.CAN_NOT_UPDATE_DEPRECATED_COMMENT;
 import static com.example.solidconnection.common.exception.ErrorCode.INVALID_COMMENT_LEVEL;
 import static com.example.solidconnection.common.exception.ErrorCode.INVALID_POST_ACCESS;
+import static com.example.solidconnection.common.exception.ErrorCode.USER_NOT_FOUND;
 
 import com.example.solidconnection.common.exception.CustomException;
 import com.example.solidconnection.community.comment.domain.Comment;
@@ -36,7 +37,9 @@ public class CommentService {
     private final SiteUserRepository siteUserRepository;
 
     @Transactional(readOnly = true)
-    public List<PostFindCommentResponse> findCommentsByPostId(SiteUser siteUser, Long postId) {
+    public List<PostFindCommentResponse> findCommentsByPostId(long siteUserId, Long postId) {
+        SiteUser siteUser = siteUserRepository.findById(siteUserId)
+                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
         List<Comment> allComments = commentRepository.findCommentTreeByPostId(postId);
         List<Comment> filteredComments = filterCommentsByDeletionRules(allComments);
 
@@ -83,7 +86,9 @@ private Boolean isOwner(Comment comment, SiteUser siteUser) {
     }
 
     @Transactional
-    public CommentCreateResponse createComment(SiteUser siteUser, CommentCreateRequest commentCreateRequest) {
+    public CommentCreateResponse createComment(long siteUserId, CommentCreateRequest commentCreateRequest) {
+        SiteUser siteUser = siteUserRepository.findById(siteUserId)
+                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
         Post post = postRepository.getById(commentCreateRequest.postId());
 
         Comment parentComment = null;
@@ -105,7 +110,9 @@ private void validateCommentDepth(Comment parentComment) {
     }
 
     @Transactional
-    public CommentUpdateResponse updateComment(SiteUser siteUser, Long commentId, CommentUpdateRequest commentUpdateRequest) {
+    public CommentUpdateResponse updateComment(long siteUserId, Long commentId, CommentUpdateRequest commentUpdateRequest) {
+        SiteUser siteUser = siteUserRepository.findById(siteUserId)
+                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
         Comment comment = commentRepository.getById(commentId);
         validateDeprecated(comment);
         validateOwnership(comment, siteUser);
@@ -122,7 +129,9 @@ private void validateDeprecated(Comment comment) {
     }
 
     @Transactional
-    public CommentDeleteResponse deleteCommentById(SiteUser siteUser, Long commentId) {
+    public CommentDeleteResponse deleteCommentById(long siteUserId, Long commentId) {
+        SiteUser siteUser = siteUserRepository.findById(siteUserId)
+                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
         Comment comment = commentRepository.getById(commentId);
         validateOwnership(comment, siteUser);