Merge pull request #75 from PLADI-ALM/hotfix/PDS-89-getOfficeBookingD…

…etail [PDS-89/hotfix] 관리자 회의실 상세 조회 권한 수정
PLADI-ALM · Oct 10, 2023 · e590bea · e590bea
2 parents 924eb99 + d4cba90
commit e590bea
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 18 deletions.
diff --git a/src/main/java/com/example/pladialmserver/booking/controller/BookingAdminController.java b/src/main/java/com/example/pladialmserver/booking/controller/BookingAdminController.java
@@ -75,7 +75,7 @@ public ResponseCustom cancelBookingOffice(
     public ResponseCustom<OfficeBookingDetailRes> getOfficeBookingDetail(
             @Account User user,
             @Parameter(description = "(Long) 회의실 예약 Id", example = "1") @PathVariable(name="officeBookingId") Long officeBookingId){
-        return ResponseCustom.OK(bookingService.getOfficeBookingDetail(user, officeBookingId));
+        return ResponseCustom.OK(bookingService.getOfficeBookingDetailByAdmin(user, officeBookingId));
     }
 
     /**

diff --git a/src/main/java/com/example/pladialmserver/booking/controller/BookingController.java b/src/main/java/com/example/pladialmserver/booking/controller/BookingController.java
@@ -60,7 +60,7 @@ public ResponseCustom<OfficeBookingDetailRes> getOfficeBookingDetail(
             @Account User user,
             @Parameter(description = "(Long) 회의실 예약 Id", example = "1")
             @PathVariable(name="officeBookingId") Long officeBookingId){
-        return ResponseCustom.OK(bookingService.getOfficeBookingDetail(user, officeBookingId));
+        return ResponseCustom.OK(bookingService.getOfficeBookingDetailByBasic(user, officeBookingId));
     }
 
     /**

diff --git a/src/main/java/com/example/pladialmserver/booking/service/BookingService.java b/src/main/java/com/example/pladialmserver/booking/service/BookingService.java
@@ -48,19 +48,32 @@ else if(category.equals("resource")) {
         }
     }
 
-    // 권한 확인
-    private ResourceBooking checkAuthentication(User user, Long resourceBookingId, Role role) {
+    // 자원 예약 권한 확인
+    private ResourceBooking checkResourceBookingAuthentication(User user, Long resourceBookingId, Role role) {
         ResourceBooking resourceBooking = resourceBookingRepository.findById(resourceBookingId)
                 .orElseThrow(() -> new BaseException(BaseResponseCode.BOOKING_NOT_FOUND));
+        checkRole(role, resourceBooking.getUser(), user);
+        return resourceBooking;
+    }
+
+    // 회의실 예약 권한 확인
+    private OfficeBooking checkOfficeBookingAuthentication(User user, Long officeBookingId, Role role) {
+        OfficeBooking officeBooking = officeBookingRepository.findById(officeBookingId)
+                .orElseThrow(() -> new BaseException(BaseResponseCode.BOOKING_NOT_FOUND));
+        checkRole(role, officeBooking.getUser(), user);
+        return officeBooking;
+    }
+
+    // 권한 확인
+    private static void checkRole(Role role, User user, User target) {
         switch (role) {
             case BASIC:
-                if(!resourceBooking.getUser().equals(user)) throw new BaseException(BaseResponseCode.NO_AUTHENTICATION);
+                if (!user.equals(target)) throw new BaseException(BaseResponseCode.NO_AUTHENTICATION);
                 break;
             case ADMIN:
-                if(!user.getRole().equals(Role.ADMIN)) throw new BaseException(BaseResponseCode.NO_AUTHENTICATION);
+                if (!target.getRole().equals(Role.ADMIN)) throw new BaseException(BaseResponseCode.NO_AUTHENTICATION);
                 break;
         }
-        return resourceBooking;
     }
 
     // 자원 예약 반납 공통 메서드
@@ -73,6 +86,7 @@ private void returnBookingResource(ResourceBooking resourceBooking) {
         resourceBookingRepository.save(resourceBooking);
     }
 
+
     // ===================================================================================================================
     // [일반-회의실]
     // ===================================================================================================================
@@ -81,10 +95,8 @@ private void returnBookingResource(ResourceBooking resourceBooking) {
     /**
      * 회의실 예약 개별 조회
      */
-    public OfficeBookingDetailRes getOfficeBookingDetail(User user, Long officeBookingId) {
-        OfficeBooking officeBooking = officeBookingRepository.findById(officeBookingId)
-                .orElseThrow(() -> new BaseException(BaseResponseCode.BOOKING_NOT_FOUND));
-        if(!officeBooking.getUser().equals(user)) throw new BaseException(BaseResponseCode.NO_AUTHENTICATION);
+    public OfficeBookingDetailRes getOfficeBookingDetailByBasic(User user, Long officeBookingId) {
+        OfficeBooking officeBooking = checkOfficeBookingAuthentication(user, officeBookingId, Role.BASIC);
         return OfficeBookingDetailRes.toDto(officeBooking);
     }
 
@@ -139,7 +151,7 @@ public void checkBookingTime(){
      * 자원 예약 개별 조회
      */
     public ResourceBookingDetailRes getResourceBookingDetail(User user, Long resourceBookingId) {
-        ResourceBooking resourceBooking = checkAuthentication(user, resourceBookingId, Role.BASIC);
+        ResourceBooking resourceBooking = checkResourceBookingAuthentication(user, resourceBookingId, Role.BASIC);
         return ResourceBookingDetailRes.toDto(resourceBooking);
     }
 
@@ -148,7 +160,7 @@ public ResourceBookingDetailRes getResourceBookingDetail(User user, Long resourc
      */
     @Transactional
     public void cancelBookingResource(User user, Long resourceBookingId) {
-        ResourceBooking resourceBooking = checkAuthentication(user, resourceBookingId, Role.BASIC);
+        ResourceBooking resourceBooking = checkResourceBookingAuthentication(user, resourceBookingId, Role.BASIC);
 
         // 이미 취소된 예약이면
         if(resourceBooking.checkBookingStatus(BookingStatus.CANCELED)) throw new BaseException(BaseResponseCode.ALREADY_CANCELED_BOOKING);
@@ -165,7 +177,7 @@ public void cancelBookingResource(User user, Long resourceBookingId) {
      */
     @Transactional
     public void returnBookingResourceByBasic(User user, Long resourceBookingId) {
-        ResourceBooking resourceBooking = checkAuthentication(user, resourceBookingId, Role.BASIC);
+        ResourceBooking resourceBooking = checkResourceBookingAuthentication(user, resourceBookingId, Role.BASIC);
         returnBookingResource(resourceBooking);
     }
 
@@ -189,6 +201,14 @@ public Page<AdminBookingRes> getBookingOffices(Pageable pageable) {
         return bookings.map(AdminBookingRes::toDto);
     }
 
+    /**
+     * 관리자 회의실 예약 개별 조회
+     */
+    public OfficeBookingDetailRes getOfficeBookingDetailByAdmin(User user, Long officeBookingId) {
+        OfficeBooking officeBooking = checkOfficeBookingAuthentication(user, officeBookingId, Role.ADMIN);
+        return OfficeBookingDetailRes.toDto(officeBooking);
+    }
+
 
     // ===================================================================================================================
     // [관리자-자원]
@@ -198,7 +218,7 @@ public Page<AdminBookingRes> getBookingOffices(Pageable pageable) {
      * 관리자 자원 예약 개별 조회
      */
     public ResourceBookingDetailRes getResourceBookingDetailByAdmin(User user, Long resourceBookingId) {
-        ResourceBooking resourceBooking = checkAuthentication(user, resourceBookingId, Role.ADMIN);
+        ResourceBooking resourceBooking = checkResourceBookingAuthentication(user, resourceBookingId, Role.ADMIN);
         return ResourceBookingDetailRes.toDto(resourceBooking);
     }
 
@@ -207,7 +227,7 @@ public ResourceBookingDetailRes getResourceBookingDetailByAdmin(User user, Long
      */
     @Transactional
     public void rejectResourceBooking(User user, Long resourceBookingId) {
-        ResourceBooking resourceBooking = checkAuthentication(user, resourceBookingId, Role.ADMIN);
+        ResourceBooking resourceBooking = checkResourceBookingAuthentication(user, resourceBookingId, Role.ADMIN);
         // 예약대기가 아닌 경우
         if(!resourceBooking.checkBookingStatus(BookingStatus.WAITING)) throw new BaseException(BaseResponseCode.INVALID_BOOKING_STATUS);
         // 예약 취소
@@ -219,7 +239,7 @@ public void rejectResourceBooking(User user, Long resourceBookingId) {
      */
     @Transactional
     public void allowResourceBooking(User user, Long resourceBookingId) {
-        ResourceBooking resourceBooking = checkAuthentication(user, resourceBookingId, Role.ADMIN);
+        ResourceBooking resourceBooking = checkResourceBookingAuthentication(user, resourceBookingId, Role.ADMIN);
         // 예약대기가 아닌 경우
         if(!resourceBooking.checkBookingStatus(BookingStatus.WAITING)) throw new BaseException(BaseResponseCode.INVALID_BOOKING_STATUS);
         // 이미 예약된 날짜 여부 확인
@@ -234,7 +254,7 @@ public void allowResourceBooking(User user, Long resourceBookingId) {
      */
     @Transactional
     public void returnBookingResourceByAdmin(User user, Long resourceBookingId) {
-        ResourceBooking resourceBooking = checkAuthentication(user, resourceBookingId, Role.ADMIN);
+        ResourceBooking resourceBooking = checkResourceBookingAuthentication(user, resourceBookingId, Role.ADMIN);
         returnBookingResource(resourceBooking);
     }