test: 워크스페이스, 권한 테스트 코드 마무리

Author: summersummerwhy

apps/backend/src/workspace/workspace.controller.spec.ts

@@ -7,6 +7,8 @@ import { WorkspaceResponseMessage } from './workspace.controller';
 import { NotWorkspaceOwnerException } from '../exception/workspace-auth.exception';
 import { UserWorkspaceDto } from './dtos/userWorkspace.dto';
 import { TokenService } from '../auth/token/token.service';
+import { WorkspaceNotFoundException } from '../exception/workspace.exception';
+import { ForbiddenAccessException } from '../exception/access.exception';
 
 describe('WorkspaceController', () => {
   let controller: WorkspaceController;
@@ -22,6 +24,9 @@ describe('WorkspaceController', () => {
             createWorkspace: jest.fn(),
             deleteWorkspace: jest.fn(),
             getUserWorkspaces: jest.fn(),
+            generateInviteUrl: jest.fn(),
+            processInviteUrl: jest.fn(),
+            checkAccess: jest.fn(),
           },
         },
         {
@@ -168,11 +173,11 @@ describe('WorkspaceController', () => {
       const req = { user: { sub: 1 } };
       const token = 'valid-token';
 
-      jest.spyOn(service, 'processInviteToken').mockResolvedValue();
+      jest.spyOn(service, 'processInviteUrl').mockResolvedValue();
 
       const result = await controller.joinWorkspace(req, token);
 
-      expect(service.processInviteToken).toHaveBeenCalledWith(
+      expect(service.processInviteUrl).toHaveBeenCalledWith(
         req.user.sub,
         token,
       );
@@ -181,4 +186,66 @@ describe('WorkspaceController', () => {
       });
     });
   });
+
+  describe('checkWorkspaceAccess', () => {
+    it('워크스페이스에 접근 가능한 경우 메시지를 반환한다.', async () => {
+      const workspaceId = 'workspace-snowflake-id';
+      const userId = 'user-snowflake-id';
+
+      jest.spyOn(service, 'checkAccess').mockResolvedValue(undefined);
+
+      const result = await controller.checkWorkspaceAccess(workspaceId, userId);
+
+      expect(service.checkAccess).toHaveBeenCalledWith(userId, workspaceId);
+      expect(result).toEqual({
+        message: WorkspaceResponseMessage.WORKSPACE_ACCESS_CHECKED,
+      });
+    });
+
+    it('로그인하지 않은 사용자의 경우 null로 처리하고 접근 가능한 경우 메시지를 반환한다.', async () => {
+      const workspaceId = 'workspace-snowflake-id';
+      const userId = 'null'; // 로그인되지 않은 상태를 나타냄
+
+      jest.spyOn(service, 'checkAccess').mockResolvedValue(undefined);
+
+      const result = await controller.checkWorkspaceAccess(workspaceId, userId);
+
+      expect(service.checkAccess).toHaveBeenCalledWith(null, workspaceId);
+      expect(result).toEqual({
+        message: WorkspaceResponseMessage.WORKSPACE_ACCESS_CHECKED,
+      });
+    });
+
+    it('권한이 없는 경우 ForbiddenAccessException을 던진다.', async () => {
+      const workspaceId = 'workspace-snowflake-id';
+      const userId = 'user-snowflake-id';
+
+      // 권한 없음
+      jest
+        .spyOn(service, 'checkAccess')
+        .mockRejectedValue(new ForbiddenAccessException());
+
+      await expect(
+        controller.checkWorkspaceAccess(workspaceId, userId),
+      ).rejects.toThrow(ForbiddenAccessException);
+
+      expect(service.checkAccess).toHaveBeenCalledWith(userId, workspaceId);
+    });
+
+    it('워크스페이스가 존재하지 않는 경우 WorkspaceNotFoundException을 던진다.', async () => {
+      const workspaceId = 'invalid-snowflake-id';
+      const userId = 'user-snowflake-id';
+
+      // 워크스페이스 없음
+      jest
+        .spyOn(service, 'checkAccess')
+        .mockRejectedValue(new WorkspaceNotFoundException());
+
+      await expect(
+        controller.checkWorkspaceAccess(workspaceId, userId),
+      ).rejects.toThrow(WorkspaceNotFoundException);
+
+      expect(service.checkAccess).toHaveBeenCalledWith(userId, workspaceId);
+    });
+  });
 });

apps/backend/src/workspace/workspace.controller.ts

@@ -125,7 +125,7 @@ export class WorkspaceController {
   @HttpCode(HttpStatus.OK)
   async joinWorkspace(@Request() req, @Query('token') token: string) {
     const userId = req.user.sub; // 인증된 사용자 ID
-    await this.workspaceService.processInviteToken(userId, token);
+    await this.workspaceService.processInviteUrl(userId, token);
 
     return { message: WorkspaceResponseMessage.WORKSPACE_INVITED };
   }

apps/backend/src/workspace/workspace.service.spec.ts

@@ -10,25 +10,27 @@ import { CreateWorkspaceDto } from './dtos/createWorkspace.dto';
 import { Workspace } from './workspace.entity';
 import { Role } from '../role/role.entity';
 import { User } from '../user/user.entity';
-import { TokenModule } from '../auth/token/token.module';
+import { TokenService } from '../auth/token/token.service';
+import { ForbiddenAccessException } from '../exception/access.exception';
 
 describe('WorkspaceService', () => {
   let service: WorkspaceService;
   let workspaceRepository: WorkspaceRepository;
   let userRepository: UserRepository;
   let roleRepository: RoleRepository;
+  let tokenService: TokenService;
 
   beforeEach(async () => {
     const module: TestingModule = await Test.createTestingModule({
-      imports: [TokenModule],
       providers: [
         WorkspaceService,
         {
           provide: WorkspaceRepository,
           useValue: {
-            save: jest.fn(),
             findOneBy: jest.fn(),
+            findOne: jest.fn(),
             delete: jest.fn(),
+            save: jest.fn(),
           },
         },
         {
@@ -41,17 +43,26 @@ describe('WorkspaceService', () => {
           provide: RoleRepository,
           useValue: {
             findOneBy: jest.fn(),
+            findOne: jest.fn(),
             find: jest.fn(),
             save: jest.fn(),
           },
         },
+        {
+          provide: TokenService,
+          useValue: {
+            generateInviteToken: jest.fn(),
+            verifyInviteToken: jest.fn(),
+          },
+        },
       ],
     }).compile();
 
     service = module.get<WorkspaceService>(WorkspaceService);
     workspaceRepository = module.get<WorkspaceRepository>(WorkspaceRepository);
     userRepository = module.get<UserRepository>(UserRepository);
     roleRepository = module.get<RoleRepository>(RoleRepository);
+    tokenService = module.get<TokenService>(TokenService);
   });
 
   it('서비스 클래스가 정상적으로 인스턴스화된다.', () => {
@@ -248,4 +259,138 @@ describe('WorkspaceService', () => {
       });
     });
   });
+
+  describe('generateInviteUrl', () => {
+    it('정상적으로 초대 링크를 생성한다.', async () => {
+      const userId = 1;
+      const workspaceId = 'workspace-snowflake-id';
+      const workspaceMock = { id: 1 } as Workspace;
+      const tokenMock = 'invite-token';
+
+      jest
+        .spyOn(workspaceRepository, 'findOneBy')
+        .mockResolvedValue(workspaceMock);
+      jest
+        .spyOn(roleRepository, 'findOneBy')
+        .mockResolvedValue({ role: 'owner' } as Role);
+      jest
+        .spyOn(tokenService, 'generateInviteToken')
+        .mockReturnValue(tokenMock);
+
+      const result = await service.generateInviteUrl(userId, workspaceId);
+
+      expect(workspaceRepository.findOneBy).toHaveBeenCalledWith({
+        snowflakeId: workspaceId,
+      });
+      expect(roleRepository.findOneBy).toHaveBeenCalledWith({
+        userId,
+        workspaceId: workspaceMock.id,
+        role: 'owner',
+      });
+      expect(result).toEqual(
+        `https://octodocs.local/api/workspace/join?token=${tokenMock}`,
+      );
+    });
+
+    it('워크스페이스가 존재하지 않으면 예외를 던진다.', async () => {
+      jest.spyOn(workspaceRepository, 'findOneBy').mockResolvedValue(null);
+
+      await expect(
+        service.generateInviteUrl(1, 'invalid-workspace-id'),
+      ).rejects.toThrow(WorkspaceNotFoundException);
+    });
+
+    it('소유자가 아닌 사용자가 초대 링크를 생성하려고 하면 예외를 던진다.', async () => {
+      const workspaceMock = { id: 1 } as Workspace;
+
+      jest
+        .spyOn(workspaceRepository, 'findOneBy')
+        .mockResolvedValue(workspaceMock);
+      jest.spyOn(roleRepository, 'findOneBy').mockResolvedValue(null);
+
+      await expect(
+        service.generateInviteUrl(1, 'workspace-snowflake-id'),
+      ).rejects.toThrow(NotWorkspaceOwnerException);
+    });
+  });
+
+  describe('processInviteUrl', () => {
+    it('정상적으로 초대 링크를 처리한다.', async () => {
+      const userId = 1;
+      const token = 'invite-token';
+      const decodedToken = { workspaceId: '1', role: 'guest' };
+
+      jest
+        .spyOn(tokenService, 'verifyInviteToken')
+        .mockReturnValue(decodedToken);
+      jest.spyOn(roleRepository, 'findOneBy').mockResolvedValue(null);
+
+      await service.processInviteUrl(userId, token);
+
+      expect(tokenService.verifyInviteToken).toHaveBeenCalledWith(token);
+      expect(roleRepository.save).toHaveBeenCalledWith({
+        workspaceId: 1,
+        userId,
+        role: 'guest',
+      });
+    });
+
+    it('이미 워크스페이스에 등록된 사용자는 예외를 던진다.', async () => {
+      const userId = 1;
+      const token = 'invite-token';
+      const decodedToken = { workspaceId: '1', role: 'guest' };
+
+      jest
+        .spyOn(tokenService, 'verifyInviteToken')
+        .mockReturnValue(decodedToken);
+      jest.spyOn(roleRepository, 'findOneBy').mockResolvedValue({} as Role);
+
+      await expect(service.processInviteUrl(userId, token)).rejects.toThrow(
+        Error,
+      );
+    });
+  });
+
+  describe('checkAccess', () => {
+    it('퍼블릭 워크스페이스는 접근을 허용한다.', async () => {
+      jest
+        .spyOn(workspaceRepository, 'findOne')
+        .mockResolvedValue({ visibility: 'public' } as Workspace);
+
+      await expect(
+        service.checkAccess(null, 'workspace-snowflake-id'),
+      ).resolves.toBeUndefined();
+    });
+
+    it('프라이빗 워크스페이스는 권한이 없으면 예외를 던진다.', async () => {
+      jest
+        .spyOn(workspaceRepository, 'findOne')
+        .mockResolvedValue({ visibility: 'private' } as Workspace);
+      jest
+        .spyOn(userRepository, 'findOneBy')
+        .mockResolvedValue({ id: 1 } as User);
+      jest.spyOn(roleRepository, 'findOne').mockResolvedValue(null);
+
+      await expect(
+        service.checkAccess('user-snowflake-id', 'workspace-snowflake-id'),
+      ).rejects.toThrow(ForbiddenAccessException);
+    });
+
+    it('프라이빗 워크스페이스는 권한이 있으면 접근을 허용한다.', async () => {
+      const userMock = { id: 1 };
+      const workspaceMock = { id: 1, visibility: 'private' };
+
+      jest
+        .spyOn(workspaceRepository, 'findOne')
+        .mockResolvedValue(workspaceMock as Workspace);
+      jest
+        .spyOn(userRepository, 'findOneBy')
+        .mockResolvedValue(userMock as User);
+      jest.spyOn(roleRepository, 'findOne').mockResolvedValue({} as Role);
+
+      await expect(
+        service.checkAccess('user-snowflake-id', 'workspace-snowflake-id'),
+      ).resolves.toBeUndefined();
+    });
+  });
 });

apps/backend/src/workspace/workspace.service.ts

@@ -123,7 +123,7 @@ export class WorkspaceService {
     return `https://octodocs.local/api/workspace/join?token=${token}`;
   }
 
-  async processInviteToken(userId: number, token: string): Promise<void> {
+  async processInviteUrl(userId: number, token: string): Promise<void> {
     // 토큰 검증 및 디코딩
     const decodedToken = this.tokenService.verifyInviteToken(token);
     const { workspaceId, role } = decodedToken;