klaus
/
sodalive-backend-spring-boot
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

fix(chat-room): 비활성 채팅방 접근 방지를 위해 조회 로직 일원화 

- 이 변경으로 비활성화된 채팅방에 대한 메시지 전송/조회/입장/리셋 등 모든 경로에서 안전하게 접근이 차단됩니다.
This commit is contained in:
Klaus 2025-08-27 17:43:32 +09:00
parent 42ed4692af
commit c4dbdc1b8e
2 changed files with 16 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/kotlin/kr/co/vividnext/sodalive/chat/room/repository/ChatRoomRepository.kt
View File

@ -62,4 +62,6 @@ interface ChatRoomRepository : JpaRepository<ChatRoom, Long> {
@Param("member") member: Member, @Param("member") member: Member,
pageable: Pageable pageable: Pageable
): List<ChatRoomListQueryDto> ): List<ChatRoomListQueryDto>
fun findByIdAndIsActiveTrue(id: Long): ChatRoom?
} }

35
src/main/kotlin/kr/co/vividnext/sodalive/chat/room/service/ChatRoomService.kt
View File

@ -69,9 +69,8 @@ class ChatRoomService(
@Transactional @Transactional
fun purchaseMessage(member: Member, chatRoomId: Long, messageId: Long, container: String): ChatMessageItemDto { fun purchaseMessage(member: Member, chatRoomId: Long, messageId: Long, container: String): ChatMessageItemDto {
val room = chatRoomRepository.findById(chatRoomId).orElseThrow { val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId)
SodaException("채팅방을 찾을 수 없습니다.") ?: throw SodaException("채팅방을 찾을 수 없습니다.")
}
// 참여 여부 검증 // 참여 여부 검증
participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member)
?: throw SodaException("잘못된 접근입니다") ?: throw SodaException("잘못된 접근입니다")
@ -288,9 +287,8 @@ class ChatRoomService(
@Transactional(readOnly = true) @Transactional(readOnly = true)
fun isMyRoomSessionActive(member: Member, chatRoomId: Long): Boolean { fun isMyRoomSessionActive(member: Member, chatRoomId: Long): Boolean {
val room = chatRoomRepository.findById(chatRoomId).orElseThrow { val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId)
SodaException("채팅방을 찾을 수 없습니다.") ?: throw SodaException("채팅방을 찾을 수 없습니다.")
}
val participant = participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) val participant = participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member)
if (participant == null) { if (participant == null) {
throw SodaException("잘못된 접근입니다") throw SodaException("잘못된 접근입니다")
@ -300,9 +298,8 @@ class ChatRoomService(
@Transactional @Transactional
fun enterChatRoom(member: Member, chatRoomId: Long, characterImageId: Long? = null): ChatRoomEnterResponse { fun enterChatRoom(member: Member, chatRoomId: Long, characterImageId: Long? = null): ChatRoomEnterResponse {
val room = chatRoomRepository.findById(chatRoomId).orElseThrow { val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId)
SodaException("채팅방을 찾을 수 없습니다.") ?: throw SodaException("채팅방을 찾을 수 없습니다.")
}
// 참여 여부 검증 // 참여 여부 검증
participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member)
?: throw SodaException("잘못된 접근입니다") ?: throw SodaException("잘못된 접근입니다")
@ -424,9 +421,8 @@ class ChatRoomService(
@Transactional @Transactional
fun leaveChatRoom(member: Member, chatRoomId: Long, throwOnSessionEndFailure: Boolean = false) { fun leaveChatRoom(member: Member, chatRoomId: Long, throwOnSessionEndFailure: Boolean = false) {
val room = chatRoomRepository.findById(chatRoomId).orElseThrow { val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId)
SodaException("채팅방을 찾을 수 없습니다.") ?: throw SodaException("채팅방을 찾을 수 없습니다.")
}
val participant = participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) val participant = participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member)
?: throw SodaException("잘못된 접근입니다") ?: throw SodaException("잘못된 접근입니다")
@ -503,9 +499,8 @@ class ChatRoomService(
@Transactional(readOnly = true) @Transactional(readOnly = true)
fun getChatMessages(member: Member, chatRoomId: Long, cursor: Long?, limit: Int = 20): ChatMessagesPageResponse { fun getChatMessages(member: Member, chatRoomId: Long, cursor: Long?, limit: Int = 20): ChatMessagesPageResponse {
val room = chatRoomRepository.findById(chatRoomId).orElseThrow { val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId)
SodaException("채팅방을 찾을 수 없습니다.") ?: throw SodaException("채팅방을 찾을 수 없습니다.")
}
participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member)
?: throw SodaException("잘못된 접근입니다") ?: throw SodaException("잘못된 접근입니다")
@ -539,9 +534,8 @@ class ChatRoomService(
@Transactional @Transactional
fun sendMessage(member: Member, chatRoomId: Long, message: String): SendChatMessageResponse { fun sendMessage(member: Member, chatRoomId: Long, message: String): SendChatMessageResponse {
// 1) 방 존재 확인 // 1) 방 존재 확인
val room = chatRoomRepository.findById(chatRoomId).orElseThrow { val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId)
SodaException("채팅방을 찾을 수 없습니다.") ?: throw SodaException("채팅방을 찾을 수 없습니다.")
}
// 2) 참여 여부 확인 (USER) // 2) 참여 여부 확인 (USER)
val myParticipant = participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) val myParticipant = participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member)
?: throw SodaException("잘못된 접근입니다") ?: throw SodaException("잘못된 접근입니다")
@ -786,9 +780,8 @@ class ChatRoomService(
@Transactional @Transactional
fun resetChatRoom(member: Member, chatRoomId: Long, container: String): CreateChatRoomResponse { fun resetChatRoom(member: Member, chatRoomId: Long, container: String): CreateChatRoomResponse {
// 0) 방 존재 및 내 참여 여부 확인 // 0) 방 존재 및 내 참여 여부 확인
val room = chatRoomRepository.findById(chatRoomId).orElseThrow { val room = chatRoomRepository.findByIdAndIsActiveTrue(chatRoomId)
SodaException("채팅방을 찾을 수 없습니다.") ?: throw SodaException("채팅방을 찾을 수 없습니다.")
}
participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member) participantRepository.findByChatRoomAndMemberAndIsActiveTrue(room, member)
?: throw SodaException("잘못된 접근입니다") ?: throw SodaException("잘못된 접근입니다")