release: 1.9.1 (#206)

devxb · web-flow · commit dff2ef47235c · 2025-12-07T00:59:00.000+09:00
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -88,6 +88,7 @@ jobs:
             "RELAY_APPROVE_TOKEN=${{ secrets.RELAY_APPROVE_TOKEN }}"
             "INTERNAL_AUTH_SECRET=${{ secrets.INTERNAL_AUTH_SECRET }}"
             "LOGIN_SECRET=${{ secrets.LOGIN_SECRET }}"
+            "GITANIMALS_ADMIN_TOKEN=${{ secrets.GITANIMALS_ADMIN_TOKEN }}"
 
       - name: build and push filebeat
         uses: docker/build-push-action@v4
diff --git a/deploy/api/Dockerfile b/deploy/api/Dockerfile
@@ -23,6 +23,7 @@ ARG QUIZ_APPROVE_TOKEN
 ARG RELAY_APPROVE_TOKEN
 ARG INTERNAL_AUTH_SECRET
 ARG LOGIN_SECRET
+ARG GITANIMALS_ADMIN_TOKEN
 
 ARG JAR_FILE=./*.jar
 COPY ${JAR_FILE} gitanimals-api.jar
@@ -49,7 +50,8 @@ ENV db_url=${DB_URL} \
   quiz_approve_token=${QUIZ_APPROVE_TOKEN} \
   relay_approve_token=${RELAY_APPROVE_TOKEN} \
   internal_auth_secret=${INTERNAL_AUTH_SECRET} \
-  login_secret=${LOGIN_SECRET}
+  login_secret=${LOGIN_SECRET} \
+  gitanimals_admin_token=${GITANIMALS_ADMIN_TOKEN}
 
 ENTRYPOINT java -Djava.net.preferIPv4Stack=true -jar gitanimals-api.jar \
   --spring.datasource.url=${db_url} \
@@ -74,4 +76,5 @@ ENTRYPOINT java -Djava.net.preferIPv4Stack=true -jar gitanimals-api.jar \
   --quiz.approve.token=${quiz_approve_token} \
   --relay.approve.token=${relay_approve_token} \
   --internal.auth.secret=${internal_auth_secret} \
-  --login.secret=${login_secret}
+  --login.secret=${login_secret} \
+  --gitanimals.admin.token=${gitanimals_admin_token}
diff --git a/docs/admin/identity/decrease_point_user_by_username.md b/docs/admin/identity/decrease_point_user_by_username.md
@@ -0,0 +1,22 @@
+# Get user by token
+
+username에 해당하는 유저의 포인트를 감소시킵니다.
+
+> [!WARN]   
+> 요청하면 별도의 승인절차를 거친 후 승인이 되었을때, 요청이 처리됩니다.  
+
+## Request
+### HTTP METHOD : `POST`
+### url : `https://api.gitanimals.org/admin/users/points/decrease/by-username/{username}`
+### RequestHeader
+- Admin-Secret: `{발급받은 어드민 토큰을 넘겨주세요.}`
+- Authorization: `{어드민 요청자의 인증토큰을 넘겨주세요.}`
+
+### Request Body
+```json
+{
+  "point": 100000, // 감소 시킬 포인트
+  "reason": "" // 요청을 처리하는 이유
+}
+```
+
diff --git a/docs/admin/identity/increase_point_user_by_username.md b/docs/admin/identity/increase_point_user_by_username.md
@@ -0,0 +1,21 @@
+# Get user by token
+
+username에 해당하는 유저의 포인트를 증가시킵니다.
+
+> [!WARN]   
+> 요청하면 별도의 승인절차를 거친 후 승인이 되었을때, 요청이 처리됩니다.  
+
+## Request
+### HTTP METHOD : `POST`
+### url : `https://api.gitanimals.org/admin/users/points/increase/by-username/{username}`
+### RequestHeader
+- Admin-Secret: `{발급받은 어드민 토큰을 넘겨주세요.}`
+- Authorization: `{어드민 요청자의 인증토큰을 넘겨주세요.}`
+
+### Request Body
+```json
+{
+  "point": 100000, // 증가 시킬 포인트
+  "reason": "" // 요청을 처리하는 이유
+}
+```
diff --git a/src/main/kotlin/org/gitanimals/core/admin/AbstractAdminRequest.kt b/src/main/kotlin/org/gitanimals/core/admin/AbstractAdminRequest.kt
@@ -0,0 +1,5 @@
+package org.gitanimals.core.admin
+
+interface AbstractAdminRequest {
+    val reason: String
+}
diff --git a/src/main/kotlin/org/gitanimals/core/admin/AdminCallDetected.kt b/src/main/kotlin/org/gitanimals/core/admin/AdminCallDetected.kt
@@ -0,0 +1,18 @@
+package org.gitanimals.core.admin
+
+import org.gitanimals.core.IdGenerator
+import org.gitanimals.core.filter.MDCFilter
+import org.gitanimals.core.redis.AsyncRedisPubSubEvent
+import org.gitanimals.core.redis.RedisPubSubChannel
+import org.slf4j.MDC
+
+data class AdminCallDetected(
+    val username: String,
+    val reason: String,
+    val path: String,
+    val description: String,
+) : AsyncRedisPubSubEvent(
+    channel = RedisPubSubChannel.ADMIN_CALL_DETECTED,
+    traceId = runCatching { MDC.get(MDCFilter.TRACE_ID) }
+        .getOrElse { IdGenerator.generate().toString() },
+)
diff --git a/src/main/kotlin/org/gitanimals/core/admin/AdminConst.kt b/src/main/kotlin/org/gitanimals/core/admin/AdminConst.kt
@@ -0,0 +1,5 @@
+package org.gitanimals.core.admin
+
+object AdminConst {
+    const val ADMIN_SECRET_KEY = "Admin-Secret"
+}
diff --git a/src/main/kotlin/org/gitanimals/core/redis/RedisPubSubChannel.kt b/src/main/kotlin/org/gitanimals/core/redis/RedisPubSubChannel.kt
@@ -12,4 +12,6 @@ object RedisPubSubChannel {
     const val DEAD_LETTER_OCCURRED = "DEAD_LETTER_OCCURRED"
 
     const val NEW_PET_DROP_RATE_DISTRIBUTION = "NEW_PET_DROP_RATE_DISTRIBUTION"
+
+    const val ADMIN_CALL_DETECTED = "ADMIN_CALL_DETECTED"
 }
diff --git a/src/main/kotlin/org/gitanimals/identity/controller/admin/AdminUserController.kt b/src/main/kotlin/org/gitanimals/identity/controller/admin/AdminUserController.kt
@@ -0,0 +1,85 @@
+package org.gitanimals.identity.controller.admin
+
+import org.gitanimals.core.admin.AdminCallDetected
+import org.gitanimals.core.admin.AdminConst.ADMIN_SECRET_KEY
+import org.gitanimals.identity.app.Token
+import org.gitanimals.identity.app.UserFacade
+import org.gitanimals.identity.controller.admin.request.PointDecreaseRequest
+import org.gitanimals.identity.controller.admin.request.PointIncreaseRequest
+import org.gitanimals.identity.domain.EntryPoint
+import org.gitanimals.identity.domain.UserService
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.context.ApplicationEventPublisher
+import org.springframework.http.HttpHeaders
+import org.springframework.http.HttpStatus
+import org.springframework.web.bind.annotation.*
+
+@RestController
+class AdminUserController(
+    private val userService: UserService,
+    private val userFacade: UserFacade,
+    private val eventPublisher: ApplicationEventPublisher,
+    @Value("\${gitanimals.admin.token}") private val adminToken: String,
+) {
+
+    @ResponseStatus(HttpStatus.OK)
+    @PostMapping("/admin/users/points/increase/by-username/{username}")
+    fun increaseUserPointsByUsername(
+        @PathVariable("username") username: String,
+        @RequestParam(
+            name = "entryPoint",
+            defaultValue = "GITHUB",
+        )
+        entryPoint: EntryPoint = EntryPoint.GITHUB,
+        @RequestHeader(ADMIN_SECRET_KEY) adminSecret: String,
+        @RequestHeader(HttpHeaders.AUTHORIZATION) authorization: String,
+        @RequestBody pointIncreaseRequest: PointIncreaseRequest,
+    ) {
+        require(adminSecret == adminToken) {
+            "WRONG TOKEN"
+        }
+
+        val user = userFacade.getUserByToken(Token.from(authorization))
+
+        userService.increasePointByUsernameWithoutIdempotency(username, entryPoint, pointIncreaseRequest.point)
+        eventPublisher.publishEvent(
+            AdminCallDetected(
+                username = user.getName(),
+                reason = pointIncreaseRequest.reason,
+                path = "/admin/users/points/increase/by-username/{username}",
+                description = "$username 유저에게 ${pointIncreaseRequest.point} 지급",
+            )
+        )
+    }
+
+    @ResponseStatus(HttpStatus.OK)
+    @PostMapping("/admin/users/points/decrease/by-username/{username}")
+    fun decreaseUserPointsByUsername(
+        @PathVariable("username") username: String,
+        @RequestParam(
+            name = "entryPoint",
+            defaultValue = "GITHUB",
+        )
+        entryPoint: EntryPoint = EntryPoint.GITHUB,
+        @RequestHeader(ADMIN_SECRET_KEY) adminSecret: String,
+        @RequestHeader(HttpHeaders.AUTHORIZATION) authorization: String,
+        @RequestBody pointDecreaseRequest: PointDecreaseRequest,
+    ) {
+        require(adminSecret == adminToken) {
+            "WRONG TOKEN"
+        }
+
+        val user = userFacade.getUserByToken(Token.from(authorization))
+
+        userService.decreasePointByUsernameWithoutIdempotency(username, entryPoint, pointDecreaseRequest.point)
+        eventPublisher.publishEvent(
+            AdminCallDetected(
+                username = user.getName(),
+                reason = pointDecreaseRequest.reason,
+                path = "/admin/users/points/decrease/by-username/{username}",
+                description = "$username 유저에게 ${pointDecreaseRequest.point} 차감",
+            )
+        )
+    }
+
+}
diff --git a/src/main/kotlin/org/gitanimals/identity/controller/admin/request/PointDecreaseRequest.kt b/src/main/kotlin/org/gitanimals/identity/controller/admin/request/PointDecreaseRequest.kt
@@ -0,0 +1,8 @@
+package org.gitanimals.identity.controller.admin.request
+
+import org.gitanimals.core.admin.AbstractAdminRequest
+
+data class PointDecreaseRequest(
+    val point: Long,
+    override val reason: String,
+) : AbstractAdminRequest
diff --git a/src/main/kotlin/org/gitanimals/identity/controller/admin/request/PointIncreaseRequest.kt b/src/main/kotlin/org/gitanimals/identity/controller/admin/request/PointIncreaseRequest.kt
@@ -0,0 +1,8 @@
+package org.gitanimals.identity.controller.admin.request
+
+import org.gitanimals.core.admin.AbstractAdminRequest
+
+data class PointIncreaseRequest(
+    val point: Long,
+    override val reason: String,
+) : AbstractAdminRequest
diff --git a/src/main/kotlin/org/gitanimals/identity/domain/UserService.kt b/src/main/kotlin/org/gitanimals/identity/domain/UserService.kt
@@ -115,6 +115,31 @@ class UserService(
         return user
     }
 
+    @Transactional
+    fun increasePointByUsernameWithoutIdempotency(
+        username: String,
+        entryPoint: EntryPoint,
+        point: Long,
+    ): User {
+        val user = getUserByNameAndEntryPoint(username, entryPoint)
+
+        user.increasePoint(point)
+        return user
+    }
+
+    @Transactional
+    fun decreasePointByUsernameWithoutIdempotency(
+        username: String,
+        entryPoint: EntryPoint,
+        point: Long,
+    ): User {
+        val user = getUserByNameAndEntryPoint(username, entryPoint)
+
+        user.decreasePoint(point)
+        return user
+    }
+
+
     @Transactional
     @Retryable(ObjectOptimisticLockingFailureException::class)
     fun updateUserAuthInfoByUsername(
diff --git a/src/main/kotlin/org/gitanimals/notification/app/AdminCallDetectedMessageListener.kt b/src/main/kotlin/org/gitanimals/notification/app/AdminCallDetectedMessageListener.kt
@@ -0,0 +1,42 @@
+package org.gitanimals.notification.app
+
+import com.fasterxml.jackson.databind.ObjectMapper
+import org.gitanimals.core.redis.TraceableMessageListener
+import org.gitanimals.notification.app.event.AdminCallDetected
+import org.gitanimals.notification.domain.Notification
+import org.slf4j.LoggerFactory
+import org.springframework.beans.factory.annotation.Qualifier
+import org.springframework.data.redis.connection.Message
+import org.springframework.data.redis.core.StringRedisTemplate
+import org.springframework.stereotype.Component
+
+@Component
+class AdminCallDetectedMessageListener(
+    private val redisTemplate: StringRedisTemplate,
+    private val objectMapper: ObjectMapper,
+    @Qualifier("gitAnimalsAdminCallDetectNotification") private val notification: Notification,
+) : TraceableMessageListener(redisTemplate, objectMapper) {
+
+    private val logger = LoggerFactory.getLogger(this::class.simpleName)
+
+    override fun onMessage(message: Message) {
+        runCatching {
+            val adminCallDetected = objectMapper.readValue(
+                redisTemplate.stringSerializer.deserialize(message.body),
+                AdminCallDetected::class.java,
+            )
+
+            notification.notify(
+                message = """
+                    _*Admin Call Detected*_
+                    *username*: ${adminCallDetected.username},
+                    *reason*: ${adminCallDetected.reason},
+                    *path*: ${adminCallDetected.path},
+                    *description*: ${adminCallDetected.description}
+                """.trimIndent(),
+            )
+        }.onFailure {
+            logger.error("Fail to notify dead letter. message: $message", it)
+        }
+    }
+}
diff --git a/src/main/kotlin/org/gitanimals/notification/app/event/AdminCallDetected.kt b/src/main/kotlin/org/gitanimals/notification/app/event/AdminCallDetected.kt
@@ -0,0 +1,8 @@
+package org.gitanimals.notification.app.event
+
+data class AdminCallDetected(
+    val username: String,
+    val reason: String,
+    val path: String,
+    val description: String,
+)
diff --git a/src/main/kotlin/org/gitanimals/notification/infra/RedisMessageListenerConfiguration.kt b/src/main/kotlin/org/gitanimals/notification/infra/RedisMessageListenerConfiguration.kt
@@ -17,6 +17,7 @@ class RedisMessageListenerConfiguration(
     private val slackDeadLetterMessageListener: SlackDeadLetterMessageListener,
     private val newPetDropRateDistributionMessageListener: NewPetDropRateDistributionMessageListener,
     private val notDeveloperQuizCreateRequestedMessageListener: NotDeveloperQuizCreateRequestedMessageListener,
+    private val adminCallDetectedMessageListener: AdminCallDetectedMessageListener,
 ) {
 
     @Bean
@@ -41,11 +42,15 @@ class RedisMessageListenerConfiguration(
             )
             this.addMessageListener(
                 newPetDropRateDistributionMessageListener,
-                ChannelTopic(RedisPubSubChannel.NEW_PET_DROP_RATE_DISTRIBUTION)
+                ChannelTopic(RedisPubSubChannel.NEW_PET_DROP_RATE_DISTRIBUTION),
             )
             this.addMessageListener(
                 notDeveloperQuizCreateRequestedMessageListener,
-                ChannelTopic(RedisPubSubChannel.NOT_DEVELOPER_QUIZ_CREATED)
+                ChannelTopic(RedisPubSubChannel.NOT_DEVELOPER_QUIZ_CREATED),
+            )
+            this.addMessageListener(
+                adminCallDetectedMessageListener,
+                ChannelTopic(RedisPubSubChannel.ADMIN_CALL_DETECTED),
             )
         }
     }
diff --git a/src/main/kotlin/org/gitanimals/notification/infra/SlackNotifiactions.kt b/src/main/kotlin/org/gitanimals/notification/infra/SlackNotifiactions.kt
@@ -97,3 +97,9 @@ class GitAnimalsDeadLetterSlackNotification(
     objectMapper: ObjectMapper,
     @Value(value = "\${slack.token}") token: String,
 ) : SlackNotification(token, "C08M0R0GEKV", objectMapper)
+
+@Component
+class GitAnimalsAdminCallDetectNotification(
+    objectMapper: ObjectMapper,
+    @Value(value = "\${slack.token}") token: String,
+) : SlackNotification(token, "C0A1XL7MRDL", objectMapper)
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
@@ -60,4 +60,4 @@ tokenizer.api.key=foo
 
 quiz.approve.token=
 relay.approve.token=
-
+gitanimals.admin.token=

Original file line number	Diff line number	Diff line change
`@@ -12,4 +12,6 @@ object RedisPubSubChannel {`
`12`	`12`	`const val DEAD_LETTER_OCCURRED = "DEAD_LETTER_OCCURRED"`
`13`	`13`
`14`	`14`	`const val NEW_PET_DROP_RATE_DISTRIBUTION = "NEW_PET_DROP_RATE_DISTRIBUTION"`
	`15`	`+`
	`16`	`+ const val ADMIN_CALL_DETECTED = "ADMIN_CALL_DETECTED"`
`15`	`17`	`}`