feat: question power delete

Author: wlgh1553

apps/server/prisma/migrations/20241128045519_add_on_delete_cascade_to_reply_question/migration.sql

@@ -0,0 +1,5 @@
+-- DropForeignKey
+ALTER TABLE "Reply" DROP CONSTRAINT "Reply_question_id_fkey";
+
+-- AddForeignKey
+ALTER TABLE "Reply" ADD CONSTRAINT "Reply_question_id_fkey" FOREIGN KEY ("question_id") REFERENCES "Question"("question_id") ON DELETE CASCADE ON UPDATE CASCADE;

apps/server/prisma/schema.prisma

@@ -81,7 +81,7 @@ model Reply {
   deleted              Boolean  @default(false)
 
   session              Session          @relation("SessionReplies", fields: [sessionId], references: [sessionId])
-  question             Question         @relation("QuestionReplies", fields: [questionId], references: [questionId])
+  question             Question         @relation("QuestionReplies", fields: [questionId], references: [questionId], onDelete: Cascade)
   createUserTokenEntity UserSessionToken @relation("TokenReplies", fields: [createUserToken], references: [token])
   replyLikes           ReplyLike[]      @relation("ReplyLikes")
 }

apps/server/src/questions/questions.controller.ts

@@ -92,10 +92,10 @@ export class QuestionsController {
 
   @Delete(':questionId')
   @DeleteQuestionSwagger()
-  @UseGuards(SessionTokenValidationGuard, QuestionExistenceGuard, QuestionOwnershipGuard)
+  @UseGuards(SessionTokenValidationGuard, QuestionExistenceGuard)
   async deleteQuestion(@Param('questionId', ParseIntPipe) questionId: number, @Query() data: BaseDto, @Req() req: any) {
-    await this.questionsService.deleteQuestion(questionId, req.question);
     const { sessionId, token } = data;
+    await this.questionsService.deleteQuestion(questionId, req.question, data);
     const resultForOther = { questionId };
     this.socketGateway.broadcastQuestionDelete(sessionId, token, resultForOther);
     return {};

apps/server/src/questions/questions.service.ts

@@ -5,6 +5,7 @@ import { CreateQuestionDto } from './dto/create-question.dto';
 import { GetQuestionDto } from './dto/get-question.dto';
 import { QuestionsRepository } from './questions.repository';
 
+import { BaseDto } from '@common/base.dto';
 import {
   UpdateQuestionBodyDto,
   UpdateQuestionClosedDto,
@@ -127,13 +128,20 @@ export class QuestionsService {
     return await this.questionRepository.updateBody(questionId, body);
   }
 
-  async deleteQuestion(questionId: number, question: Question) {
-    const isReplied = await this.repliesRepository.findReplyByQuestionId(questionId);
-    if (isReplied) {
-      throw new ForbiddenException('답변이 달린 질문은 삭제할 수 없습니다.');
-    }
-    if (question.closed) {
-      throw new ForbiddenException('이미 완료된 답변은 삭제할 수 없습니다.');
+  async deleteQuestion(questionId: number, question: Question, { token }: BaseDto) {
+    const { isHost } = await this.sessionAuthRepository.findByToken(token);
+
+    if (!isHost) {
+      if (question.createUserToken !== token) {
+        throw new ForbiddenException('권한이 없습니다.');
+      }
+      const isReplied = await this.repliesRepository.findReplyByQuestionId(questionId);
+      if (isReplied) {
+        throw new ForbiddenException('답변이 달린 질문은 삭제할 수 없습니다.');
+      }
+      if (question.closed) {
+        throw new ForbiddenException('이미 완료된 답변은 삭제할 수 없습니다.');
+      }
     }
     return await this.questionRepository.deleteQuestion(questionId);
   }