diff --git a/docs/20260223_회원차단동일본인인증확장.md b/docs/20260223_회원차단동일본인인증확장.md new file mode 100644 index 00000000..ca2f4189 --- /dev/null +++ b/docs/20260223_회원차단동일본인인증확장.md @@ -0,0 +1,17 @@ +# 회원 차단 동일 본인인증 확장 구현 + +- [x] `memberBlock` 기존 단일 유저 차단 동작 확인 +- [x] 차단 대상 유저가 본인인증(`Auth`)된 유저인지 확인 +- [x] 본인인증 유저일 경우 동일 `di`를 가진 유저 id 목록 조회 +- [x] 요청 유저(`memberId`)가 목록에 포함된 경우 제외 +- [x] 대상 유저 + 동일 본인인증 유저 전체에 대해 차단 활성화 처리 +- [x] 변경 파일 LSP 진단 및 관련 테스트 실행 + +## 검증 기록 + +- 무엇을: `MemberService.memberBlock`을 확장해 차단 대상 1명 + 동일 `Auth.di`를 가진 모든 계정을 일괄 차단하도록 수정했다. +- 왜: 본인인증 기반 다중 계정 우회 차단을 방지하고, 요청된 정책(동일 본인인증 정보 보유 계정 전체 차단)을 반영하기 위함이다. +- 어떻게 검증했는가: + - `lsp_diagnostics` 실행 시 `.kt` LSP 서버 미구성으로 진단 불가를 확인했다. + - `./gradlew test` 실행 성공. + - `./gradlew build -x test` 실행 성공(ktlint/check 포함). diff --git a/src/main/kotlin/kr/co/vividnext/sodalive/member/MemberService.kt b/src/main/kotlin/kr/co/vividnext/sodalive/member/MemberService.kt index 7ea24956..81e5d686 100644 --- a/src/main/kotlin/kr/co/vividnext/sodalive/member/MemberService.kt +++ b/src/main/kotlin/kr/co/vividnext/sodalive/member/MemberService.kt @@ -17,6 +17,7 @@ import kr.co.vividnext.sodalive.i18n.SodaMessageSource import kr.co.vividnext.sodalive.jwt.TokenProvider import kr.co.vividnext.sodalive.live.reservation.LiveReservationRepository import kr.co.vividnext.sodalive.live.room.detail.GetRoomDetailUser +import kr.co.vividnext.sodalive.member.auth.AuthRepository import kr.co.vividnext.sodalive.member.block.BlockMember import kr.co.vividnext.sodalive.member.block.BlockMemberRepository import kr.co.vividnext.sodalive.member.block.GetBlockedMemberListResponse @@ -80,6 +81,7 @@ class MemberService( private val stipulationAgreeRepository: StipulationAgreeRepository, private val creatorFollowingRepository: CreatorFollowingRepository, private val blockMemberRepository: BlockMemberRepository, + private val authRepository: AuthRepository, private val signOutRepository: SignOutRepository, private val nicknameChangeLogRepository: NicknameChangeLogRepository, private val memberTagRepository: MemberTagRepository, @@ -522,25 +524,35 @@ class MemberService( @Transactional fun memberBlock(request: MemberBlockRequest, memberId: Long) { - var blockMember = blockMemberRepository.getBlockAccount( - blockedMemberId = request.blockMemberId, - memberId = memberId - ) + val member = repository.findByIdOrNull(id = memberId) + ?: throw SodaException(messageKey = "common.error.invalid_request") + val blockedMember = repository.findByIdOrNull(id = request.blockMemberId) + ?: throw SodaException(messageKey = "common.error.invalid_request") - if (blockMember == null) { - val blockedMember = repository.findByIdOrNull(id = request.blockMemberId) - ?: throw SodaException(messageKey = "common.error.invalid_request") + val blockTargetMemberIds = mutableSetOf(request.blockMemberId) + blockedMember.auth?.di?.let { di -> + val verifiedMemberIds = authRepository.getMemberIdsByDi(di = di) + blockTargetMemberIds.addAll(verifiedMemberIds) + } + blockTargetMemberIds.remove(memberId) - val member = repository.findByIdOrNull(id = memberId) - ?: throw SodaException(messageKey = "common.error.invalid_request") + blockTargetMemberIds.forEach { targetMemberId -> + val targetMember = repository.findByIdOrNull(id = targetMemberId) ?: return@forEach - blockMember = BlockMember() - blockMember.member = member - blockMember.blockedMember = blockedMember + var blockMember = blockMemberRepository.getBlockAccount( + blockedMemberId = targetMemberId, + memberId = memberId + ) - blockMemberRepository.save(blockMember) - } else { - blockMember.isActive = true + if (blockMember == null) { + blockMember = BlockMember() + blockMember.member = member + blockMember.blockedMember = targetMember + + blockMemberRepository.save(blockMember) + } else { + blockMember.isActive = true + } } }