feat(recruit-board): RecruitBoard Command Controller 추가

Author: leebs0521

src/main/java/com/somemore/recruitboard/controller/RecruitBoardCommandApiController.java

@@ -19,9 +19,8 @@
 import java.time.LocalDateTime;
 import java.util.UUID;
 import lombok.RequiredArgsConstructor;
-import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.access.annotation.Secured;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.PatchMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -33,7 +32,7 @@
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.multipart.MultipartFile;
 
-@Tag(name = "RecruitBoard", description = "봉사 활동 모집글 생성 수정 삭제 API")
+@Tag(name = "Recruit Board Command API", description = "봉사 활동 모집글 생성 수정 삭제 API")
 @RequiredArgsConstructor
 @RequestMapping("/api")
 @RestController
@@ -44,23 +43,25 @@ public class RecruitBoardCommandApiController {
     private final DeleteRecruitBoardUseCase deleteRecruitBoardUseCase;
     private final ImageUploadUseCase imageUploadUseCase;
 
-    @PreAuthorize("hasRole('CENTER')")
+    @Secured("ROLE_CENTER")
     @Operation(summary = "봉사 활동 모집글 등록", description = "봉사 활동 모집글을 등록합니다.")
     @PostMapping(value = "/recruit-board", consumes = MULTIPART_FORM_DATA_VALUE)
     public ApiResponse<Long> createRecruitBoard(
+            @AuthenticationPrincipal String userId,
             @Valid @RequestPart("data") RecruitBoardCreateRequestDto requestDto,
-            @RequestPart("img_file") MultipartFile image
+            @RequestPart(value = "img_file", required = false) MultipartFile image
     ) {
 
         String imgUrl = imageUploadUseCase.uploadImage(new ImageUploadRequestDto(image));
         return ApiResponse.ok(
                 201,
-                createRecruitBoardUseCase.createRecruitBoard(requestDto, getCenterId(), imgUrl),
+                createRecruitBoardUseCase.createRecruitBoard(requestDto, getCenterId(userId),
+                        imgUrl),
                 "봉사 활동 모집글 등록 성공"
         );
     }
 
-    @PreAuthorize("hasRole('CENTER')")
+    @Secured("ROLE_CENTER")
     @Operation(summary = "봉사 활동 모집글 수정", description = "봉사 활동 모집글을 수정합니다.")
     @PutMapping(value = "/recruit-board/{id}", consumes = MULTIPART_FORM_DATA_VALUE)
     public ApiResponse<String> updateRecruitBoard(
@@ -70,12 +71,12 @@ public ApiResponse<String> updateRecruitBoard(
             @RequestPart("img_file") MultipartFile image
     ) {
         String imgUrl = imageUploadUseCase.uploadImage(new ImageUploadRequestDto(image));
-        updateRecruitBoardUseCase.updateRecruitBoard(requestDto, id, getCenterId(), imgUrl);
+        updateRecruitBoardUseCase.updateRecruitBoard(requestDto, id, getCenterId(userId), imgUrl);
 
         return ApiResponse.ok("봉사 활동 모집글 수정 성공");
     }
 
-    @PreAuthorize("hasRole('CENTER')")
+    @Secured("ROLE_CENTER")
     @Operation(summary = "봉사 활동 모집글 위치 수정", description = "봉사 활동 모집글의 위치를 수정합니다.")
     @PutMapping(value = "/recruit-board/{id}/location")
     public ApiResponse<String> updateRecruitBoardLocation(
@@ -84,11 +85,11 @@ public ApiResponse<String> updateRecruitBoardLocation(
             @Valid @RequestBody RecruitBoardLocationUpdateRequestDto requestDto
     ) {
 
-        updateRecruitBoardUseCase.updateRecruitBoardLocation(requestDto, id, getCenterId());
+        updateRecruitBoardUseCase.updateRecruitBoardLocation(requestDto, id, getCenterId(userId));
         return ApiResponse.ok("봉사 활동 모집글 위치 수정 성공");
     }
 
-    @PreAuthorize("hasRole('CENTER')")
+    @Secured("ROLE_CENTER")
     @Operation(summary = "봉사 활동 모집글 상태 수정", description = "봉사 활동 모집글의 상태를 수정합니다.")
     @PatchMapping(value = "/recruit-board/{id}")
     public ApiResponse<String> updateRecruitBoardStatus(
@@ -97,25 +98,26 @@ public ApiResponse<String> updateRecruitBoardStatus(
             @RequestBody RecruitBoardStatusUpdateRequestDto requestDto
     ) {
         LocalDateTime now = LocalDateTime.now();
-        updateRecruitBoardUseCase.updateRecruitBoardStatus(requestDto.status(), id, getCenterId(),
+        updateRecruitBoardUseCase.updateRecruitBoardStatus(requestDto.status(), id,
+                getCenterId(userId),
                 now);
 
         return ApiResponse.ok("봉사 활동 모집글 상태 수정 성공");
     }
 
-    @PreAuthorize("hasRole('CENTER')")
+    @Secured("ROLE_CENTER")
     @Operation(summary = "봉사 활동 모집글 삭제", description = "봉사 활동 모집글을 삭제합니다.")
     @DeleteMapping(value = "/recruit-board/{id}")
     public ApiResponse<String> deleteRecruitBoard(
             @AuthenticationPrincipal String userId,
             @PathVariable Long id
     ) {
-        deleteRecruitBoardUseCase.deleteRecruitBoard(getCenterId(), id);
+        deleteRecruitBoardUseCase.deleteRecruitBoard(getCenterId(userId), id);
         return ApiResponse.ok("봉사 활동 모집글 삭제 성공");
     }
 
-    private static UUID getCenterId() {
-        return UUID.fromString(SecurityContextHolder.getContext().getAuthentication().getName());
+    private static UUID getCenterId(String userId) {
+        return UUID.fromString(userId);
     }
 
 }