From c4dbdc1b8e059500bdd560e42cd613bc038005bf Mon Sep 17 00:00:00 2001 From: Klaus Date: Wed, 27 Aug 2025 17:43:32 +0900 Subject: [PATCH] =?UTF-8?q?fix(chat-room):=20=EB=B9=84=ED=99=9C=EC=84=B1?= =?UTF-8?q?=20=EC=B1=84=ED=8C=85=EB=B0=A9=20=EC=A0=91=EA=B7=BC=20=EB=B0=A9?= =?UTF-8?q?=EC=A7=80=EB=A5=BC=20=EC=9C=84=ED=95=B4=20=EC=A1=B0=ED=9A=8C=20?= =?UTF-8?q?=EB=A1=9C=EC=A7=81=20=EC=9D=BC=EC=9B=90=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 이 변경으로 비활성화된 채팅방에 대한 메시지 전송/조회/입장/리셋 등 모든 경로에서 안전하게 접근이 차단됩니다. --- .../room/repository/ChatRoomRepository.kt | 2 ++ .../chat/room/service/ChatRoomService.kt | 35 ++++++++----------- 2 files changed, 16 insertions(+), 21 deletions(-) diff --git a/src/main/kotlin/kr/co/vividnext/sodalive/chat/room/repository/ChatRoomRepository.kt b/src/main/kotlin/kr/co/vividnext/sodalive/chat/room/repository/ChatRoomRepository.kt index f161cd8..a5f3d6c 100644 --- a/src/main/kotlin/kr/co/vividnext/sodalive/chat/room/repository/ChatRoomRepository.kt +++ b/src/main/kotlin/kr/co/vividnext/sodalive/chat/room/repository/ChatRoomRepository.kt @@ -62,4 +62,6 @@ interface ChatRoomRepository : JpaRepository { @Param("member") member: Member, pageable: Pageable ): List + + fun findByIdAndIsActiveTrue(id: Long): ChatRoom? } diff --git a/src/main/kotlin/kr/co/vividnext/sodalive/chat/room/service/ChatRoomService.kt b/src/main/kotlin/kr/co/vividnext/sodalive/chat/room/service/ChatRoomService.kt index 8458fdb..975310b 100644 --- a/src/main/kotlin/kr/co/vividnext/sodalive/chat/room/service/ChatRoomService.kt +++ b/src/main/kotlin/kr/co/vividnext/sodalive/chat/room/service/ChatRoomService.kt @@ -69,9 +69,8 @@ class ChatRoomService( @Transactional fun purchaseMessage(member: Member, chatRoomId: Long, messageId: Long, container: String): ChatMessageItemDto { - val room = chatRoomRepository.findById(chatRoomId).orElseThrow { - SodaException("채팅방을 찾을 수 없습니다.") - } + val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId) + ?: throw SodaException("채팅방을 찾을 수 없습니다.") // 참여 여부 검증 participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) ?: throw SodaException("잘못된 접근입니다") @@ -288,9 +287,8 @@ class ChatRoomService( @Transactional(readOnly = true) fun isMyRoomSessionActive(member: Member, chatRoomId: Long): Boolean { - val room = chatRoomRepository.findById(chatRoomId).orElseThrow { - SodaException("채팅방을 찾을 수 없습니다.") - } + val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId) + ?: throw SodaException("채팅방을 찾을 수 없습니다.") val participant = participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) if (participant == null) { throw SodaException("잘못된 접근입니다") @@ -300,9 +298,8 @@ class ChatRoomService( @Transactional fun enterChatRoom(member: Member, chatRoomId: Long, characterImageId: Long? = null): ChatRoomEnterResponse { - val room = chatRoomRepository.findById(chatRoomId).orElseThrow { - SodaException("채팅방을 찾을 수 없습니다.") - } + val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId) + ?: throw SodaException("채팅방을 찾을 수 없습니다.") // 참여 여부 검증 participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) ?: throw SodaException("잘못된 접근입니다") @@ -424,9 +421,8 @@ class ChatRoomService( @Transactional fun leaveChatRoom(member: Member, chatRoomId: Long, throwOnSessionEndFailure: Boolean = false) { - val room = chatRoomRepository.findById(chatRoomId).orElseThrow { - SodaException("채팅방을 찾을 수 없습니다.") - } + val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId) + ?: throw SodaException("채팅방을 찾을 수 없습니다.") val participant = participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) ?: throw SodaException("잘못된 접근입니다") @@ -503,9 +499,8 @@ class ChatRoomService( @Transactional(readOnly = true) fun getChatMessages(member: Member, chatRoomId: Long, cursor: Long?, limit: Int = 20): ChatMessagesPageResponse { - val room = chatRoomRepository.findById(chatRoomId).orElseThrow { - SodaException("채팅방을 찾을 수 없습니다.") - } + val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId) + ?: throw SodaException("채팅방을 찾을 수 없습니다.") participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) ?: throw SodaException("잘못된 접근입니다") @@ -539,9 +534,8 @@ class ChatRoomService( @Transactional fun sendMessage(member: Member, chatRoomId: Long, message: String): SendChatMessageResponse { // 1) 방 존재 확인 - val room = chatRoomRepository.findById(chatRoomId).orElseThrow { - SodaException("채팅방을 찾을 수 없습니다.") - } + val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId) + ?: throw SodaException("채팅방을 찾을 수 없습니다.") // 2) 참여 여부 확인 (USER) val myParticipant = participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) ?: throw SodaException("잘못된 접근입니다") @@ -786,9 +780,8 @@ class ChatRoomService( @Transactional fun resetChatRoom(member: Member, chatRoomId: Long, container: String): CreateChatRoomResponse { // 0) 방 존재 및 내 참여 여부 확인 - val room = chatRoomRepository.findById(chatRoomId).orElseThrow { - SodaException("채팅방을 찾을 수 없습니다.") - } + val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId) + ?: throw SodaException("채팅방을 찾을 수 없습니다.") participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) ?: throw SodaException("잘못된 접근입니다")