From 6201671b742389b8ddce4222691149e52c2d9eec Mon Sep 17 00:00:00 2001 From: Gyuwon Yi Date: Wed, 5 Mar 2025 15:34:19 +0900 Subject: [PATCH] =?UTF-8?q?=ED=8C=90=EB=A7=A4=EC=9E=90=20=EC=83=81?= =?UTF-8?q?=ED=92=88=20=EC=A1=B0=ED=9A=8C=20API=EC=97=90=20=EC=86=8C?= =?UTF-8?q?=EC=9C=A0=EC=9E=90=20=EA=B2=80=EC=82=AC=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 테스트 시나리오 - 다른 판매자가 등록한 상품 식별자를 사용하면 404 Not Found 상태코드를 반환한다 --- README.md | 2 +- src/main/java/commerce/Product.java | 2 ++ .../controller/SellerProductsController.java | 9 +++++++-- .../api/seller/products/id/GET_specs.java | 20 +++++++++++++++++++ 4 files changed, 30 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5ea2069..d54b072 100644 --- a/README.md +++ b/README.md @@ -334,7 +334,7 @@ - [x] 올바르게 요청하면 200 OK 상태코드를 반환한다 - [x] 판매자가 아닌 사용자의 접근 토큰을 사용하면 403 Forbidden 상태코드를 반환한다 - [x] 존재하지 않는 상품 식별자를 사용하면 404 Not Found 상태코드를 반환한다 -- [ ] 다른 판매자가 등록한 상품 식별자를 사용하면 404 Not Found 상태코드를 반환한다 +- [x] 다른 판매자가 등록한 상품 식별자를 사용하면 404 Not Found 상태코드를 반환한다 - [ ] 상품 식별자를 올바르게 반환한다 - [ ] 상품 정보를 올바르게 반환한다 - [ ] 상품 등록 시각을 올바르게 반환한다 diff --git a/src/main/java/commerce/Product.java b/src/main/java/commerce/Product.java index 165a96f..2e70f0a 100644 --- a/src/main/java/commerce/Product.java +++ b/src/main/java/commerce/Product.java @@ -21,4 +21,6 @@ public class Product { @Column(unique = true) private UUID id; + + private UUID sellerId; } diff --git a/src/main/java/commerce/api/controller/SellerProductsController.java b/src/main/java/commerce/api/controller/SellerProductsController.java index 90b8180..f86fe61 100644 --- a/src/main/java/commerce/api/controller/SellerProductsController.java +++ b/src/main/java/commerce/api/controller/SellerProductsController.java @@ -1,6 +1,7 @@ package commerce.api.controller; import java.net.URI; +import java.security.Principal; import java.util.UUID; import commerce.Product; @@ -18,7 +19,8 @@ public record SellerProductsController(ProductRepository repository) { @PostMapping("/seller/products") ResponseEntity registerProduct( - @RequestBody RegisterProductCommand command + @RequestBody RegisterProductCommand command, + Principal user ) { if (isValidUri(command.imageUri()) == false) { return ResponseEntity.badRequest().build(); @@ -27,6 +29,7 @@ ResponseEntity registerProduct( UUID id = UUID.randomUUID(); var product = new Product(); product.setId(id); + product.setSellerId(UUID.fromString(user.getName())); repository.save(product); URI location = URI.create("/seller/products/" + id); return ResponseEntity.created(location).build(); @@ -42,9 +45,11 @@ private boolean isValidUri(String value) { } @GetMapping("/seller/products/{id}") - ResponseEntity findProduct(@PathVariable UUID id) { + ResponseEntity findProduct(@PathVariable UUID id, Principal user) { + UUID sellerId = UUID.fromString(user.getName()); return repository .findById(id) + .filter(product -> product.getSellerId().equals(sellerId)) .map(product -> ResponseEntity.ok().build()) .orElseGet(() -> ResponseEntity.notFound().build()); } diff --git a/src/test/java/test/commerce/api/seller/products/id/GET_specs.java b/src/test/java/test/commerce/api/seller/products/id/GET_specs.java index 5dc7212..aa39008 100644 --- a/src/test/java/test/commerce/api/seller/products/id/GET_specs.java +++ b/src/test/java/test/commerce/api/seller/products/id/GET_specs.java @@ -71,4 +71,24 @@ public class GET_specs { // Assert assertThat(response.getStatusCode().value()).isEqualTo(404); } + + @Test + void 다른_판매자가_등록한_상품_식별자를_사용하면_404_Not_Found_상태코드를_반환한다( + @Autowired TestFixture fixture + ) { + // Arrange + fixture.createSellerThenSetAsDefaultUser(); + UUID id = fixture.registerProduct(); + + fixture.createSellerThenSetAsDefaultUser(); + + // Act + ResponseEntity response = fixture.client().getForEntity( + "/seller/products/" + id, + SellerProductView.class + ); + + // Assert + assertThat(response.getStatusCode().value()).isEqualTo(404); + } }