답변 생성 수정 및 테스트 코드 작성 (#74)

Author: gffd94

src/main/java/com/oronaminc/join/answer/dto/AnswerCreateResponse.java

@@ -10,16 +10,13 @@
 @Builder
 @Schema(description = "WebSocket STOMP 통신 답변 응답 DTO")
 public record AnswerCreateResponse(
-    //TODO: QuestionCreateResponse와 유사-> 둘중 하나만?
     @Schema(description = "답변이 생성될 질문 ID")
     Long questionId,
     @Schema(description = "답변 생성/삭제/수정 상태", example = "CREATE")
     String event,
     @Schema(description = "답변 ID", example = "11")
     Long answerId,
     @Schema(description = "답변 내용", example = "답변입니다.")
-    @NotBlank(message = "답변 내용을 입력해주시기 바랍니다.")
-    @Size(max = 300, message = "답변 내용은 최대 300자까지 입력할 수 있습니다.")
     String content,
     @Schema(description = "답변 내용에 대한 공감 수", example = "23")
     int emojiCount,

src/main/java/com/oronaminc/join/answer/dto/AnswerRequest.java

@@ -6,7 +6,6 @@
 
 @Schema(description = "답변 생성/수정 요청 DTO")
 public record AnswerRequest(
-    //TODO: 빈값 or " " (space) 처리
     @NotBlank(message = "답변 내용을 입력해주시기 바랍니다.")
     @Size(max = 300, message = "답변 내용은 최대 300자까지 입력할 수 있습니다.")
     @Schema(description = "답변 내용", example = "답변입니다.")

src/main/java/com/oronaminc/join/answer/service/AnswerService.java

@@ -1,15 +1,14 @@
 package com.oronaminc.join.answer.service;
 
-import static com.oronaminc.join.global.exception.ErrorCode.BADREQUEST_DUPLICATION_ANSWER;
 
 import com.oronaminc.join.answer.dao.AnswerRepository;
 import com.oronaminc.join.answer.domain.Answer;
-import com.oronaminc.join.answer.dto.AnswerRequest;
 import com.oronaminc.join.answer.dto.AnswerGetResponse;
+import com.oronaminc.join.answer.dto.AnswerRequest;
 import com.oronaminc.join.answer.mapper.AnswerMapper;
+import com.oronaminc.join.answer.util.PermissionValidator;
 import com.oronaminc.join.emoji.domain.TargetType;
 import com.oronaminc.join.emoji.service.EmojiReader;
-import com.oronaminc.join.global.exception.ErrorException;
 import com.oronaminc.join.member.domain.Member;
 import com.oronaminc.join.member.service.MemberReader;
 import com.oronaminc.join.participant.service.ParticipantService;
@@ -28,32 +27,25 @@
 public class AnswerService {
 
     private final AnswerRepository answerRepository;
-    private final ParticipantService participantService;
     private final QuestionReader questionReader;
     private final MemberReader memberReader;
     private final AnswerReader answerReader;
     private final RoomReader roomReader;
     private final EmojiReader emojiReader;
+    private final PermissionValidator permissionValidator;
 
     @Transactional
     public Answer create(Long roomId, Long memberId, Long questionId,
         AnswerRequest request) {
 
         Member member = memberReader.getById(memberId);
         Room room = roomReader.getById(roomId);
-        Question question = questionReader.getByIdAndRoomId(questionId, roomId);
-
-        participantService.validateParticipant(member.getId(), room.getId());
-
-        if (answerReader.existsByQuestionIdAndMemberId(question.getId(), member.getId())) {
-            throw new ErrorException(BADREQUEST_DUPLICATION_ANSWER);
-        }
-
+        Question question = questionReader.getByIdAndRoomId(questionId, room.getId());
+        permissionValidator.validateAnswerCreatePermission(room.getId(), member.getId(), question);
         Answer answer = AnswerMapper.toEntity(question, member, request);
 
-        answerRepository.save(answer);
+        return answerRepository.save(answer);
 
-        return answer;
     }
 
     @Transactional
@@ -71,17 +63,17 @@ public AnswerGetResponse getAnswer(Long roomId, Long questionId, Long memberId)
     }
 
     @Transactional
-    public Answer update(Long answerId, AnswerRequest request) {
-        Answer answer = answerReader.getById(answerId);
+    public Answer update(Long answerId, Long memberId, AnswerRequest request) {
+        Answer answer = permissionValidator.validateAnswerUpdatePermission(answerId, memberId);
 
         answer.updataContent(request.content());
 
         return answer;
     }
 
     @Transactional
-    public void delete(Long answerId) {
-        Answer answer = answerReader.getById(answerId);
+    public void delete(Long answerId, Long memberId) {
+        Answer answer = permissionValidator.validateAnswerDeletePermission(answerId, memberId);
         answerRepository.delete(answer);
     }
 

src/main/java/com/oronaminc/join/answer/util/PermissionType.java

@@ -0,0 +1,18 @@
+package com.oronaminc.join.answer.util;
+
+import com.oronaminc.join.global.exception.ErrorCode;
+import lombok.Getter;
+
+
+@Getter
+public enum PermissionType {
+    CREATE, DELETE;
+
+    public ErrorCode toErrorCode() {
+        return switch (this) {
+            case CREATE -> ErrorCode.UNAUTHORIZED_ROLE_ANSWER;
+            case DELETE -> ErrorCode.UNAUTHORIZED_DELETE_ANSWER;
+        };
+    }
+
+}

src/main/java/com/oronaminc/join/answer/util/PermissionValidator.java

@@ -1,8 +1,6 @@
 package com.oronaminc.join.answer.util;
 
-import static com.oronaminc.join.global.exception.ErrorCode.UNAUTHORIZED_DELETE_ANSWER;
 import static com.oronaminc.join.global.exception.ErrorCode.UNAUTHORIZED_EDIT_ANSWER;
-import static com.oronaminc.join.global.exception.ErrorCode.UNAUTHORIZED_ROLE_ANSWER;
 
 import com.oronaminc.join.answer.domain.Answer;
 import com.oronaminc.join.answer.service.AnswerReader;
@@ -22,40 +20,40 @@ public class PermissionValidator {
     private final ParticipantReader participantReader;
     private final AnswerReader answerReader;
 
-    public void validateAnswerPermission(Long roomId, Long memberId) {
-        // TODO: 생성시 조건 ( null 이면 안됨, " " 안됨, 팀원이나 발표자, 질문 작성자 본인만 생성가능 )
-        Participant participant = participantReader.getByRoomIdAndMemberId(roomId, memberId);
-        ParticipantType type = participant.getParticipantType();
-
-        if (type == ParticipantType.GUEST) {
-            throw new ErrorException(UNAUTHORIZED_ROLE_ANSWER);
-        }
+    public void validateAnswerCreatePermission(Long roomId, Long memberId, Question question) {
+        validatePermission(roomId, memberId, question, PermissionType.CREATE);
     }
 
-    public void validateAnswerUpdatePermission(Long answerId, Long memberId) {
+    public Answer validateAnswerUpdatePermission(Long answerId, Long memberId) {
         Answer answer = answerReader.getById(answerId);
 
         if (!answer.getMember().getId().equals(memberId)) {
             throw new ErrorException(UNAUTHORIZED_EDIT_ANSWER);
         }
+
+        return answer;
     }
 
-    public void validateAnswerDeletePermission(Long answerId, Long memberId) {
+    public Answer validateAnswerDeletePermission(Long answerId, Long memberId) {
         Answer answer = answerReader.getById(answerId);
-
         Room room = answer.getQuestion().getRoom();
         Question question = answer.getQuestion();
 
-        Participant participant = participantReader.getByRoomIdAndMemberId(room.getId(), memberId);
-        ParticipantType type = participant.getParticipantType();
+        validatePermission(room.getId(), memberId, question, PermissionType.DELETE);
+
+        return answer;
+    }
 
+    private void validatePermission(Long roomId, Long memberId, Question question,
+        PermissionType permissionType) {
+        Participant participant = participantReader.getByRoomIdAndMemberId(roomId, memberId);
+        ParticipantType type = participant.getParticipantType();
         boolean isQuestionWriter = question.getMember().getId().equals(memberId);
 
         if (!(isQuestionWriter || type == ParticipantType.TEAM
             || type == ParticipantType.PRESENTER)) {
-            throw new ErrorException(UNAUTHORIZED_DELETE_ANSWER);
+            throw new ErrorException(permissionType.toErrorCode());
         }
-
     }
 
 }

src/main/java/com/oronaminc/join/global/exception/ErrorCode.java

@@ -44,12 +44,12 @@ public enum ErrorCode {
     UNAUTHORIZED_DELETE_QUESTION("QUESTION-004", "작성자 및 관리자만 질문을 삭제할 수 있습니다.", UNAUTHORIZED),
     TOO_MANY_REQUESTS_QUESTION("QUESTION-005", "잠시 후 다시 시도해주세요.", TOO_MANY_REQUESTS),
 
-    UNAUTHORIZED_ROLE_ANSWER("ANSWER-001", "팀원 또는 발표자만 댓글을 작성할 수 있습니다.", UNAUTHORIZED),
+    UNAUTHORIZED_ROLE_ANSWER("ANSWER-001", "질문 작성자 또는 팀원과 발표자만 댓글을 작성할 수 있습니다.", UNAUTHORIZED),
     NOT_FOUND_EXIST_ANSWER("ANSWER-002", "해당 질문에 대한 답변이 존재하지 않습니다.", NOT_FOUND),
     NOT_FOUND_ANSWER("ANSWER-003", "답변이 존재하지 않습니다.", NOT_FOUND),
-    BADREQUEST_DUPLICATION_ANSWER("ANSWER-004", "이미 답변한 질문입니다.", BAD_REQUEST),
-    UNAUTHORIZED_EDIT_ANSWER("ANSWER-005", "작성자가 아니면 해당 댓글을 수정할 수 없습니다.", UNAUTHORIZED),
-    UNAUTHORIZED_DELETE_ANSWER("ANSWER-006", "작성자 혹은 팀원, 발표자가 아니면 해당 댓글을 삭제할 수 없습니다.", UNAUTHORIZED),
+    UNAUTHORIZED_EDIT_ANSWER("ANSWER-004", "작성자가 아니면 해당 댓글을 수정할 수 없습니다.", UNAUTHORIZED),
+    UNAUTHORIZED_DELETE_ANSWER("ANSWER-005", "작성자 혹은 팀원, 발표자가 아니면 해당 댓글을 삭제할 수 없습니다.", UNAUTHORIZED),
+    TOO_MANY_REQUESTS_ANSWER("ANSWER-006", "잠시 후 다시 시도해주세요.", UNAUTHORIZED),
 
 
     ACCESS_DENIED_SESSION("SESSION-1201", "접근 권한이 없습니다.", FORBIDDEN),

src/main/java/com/oronaminc/join/global/ratelimit/RateLimitType.java

@@ -19,6 +19,14 @@ public enum RateLimitType {
             .capacity(3)
             .refillIntervally(3, Duration.ofSeconds(1))
             .build()
+    ),
+
+    CREATE_ANSWER(
+        "CREATE_ANSWER:{}:{}:{}",
+        Bandwidth.builder()
+            .capacity(5)
+            .refillIntervally(5, Duration.ofSeconds(10))
+        .build()
     );
 
     private final String format;

src/main/java/com/oronaminc/join/websocket/api/AnswerWebsocketController.java

@@ -1,5 +1,6 @@
 package com.oronaminc.join.websocket.api;
 
+import static com.oronaminc.join.global.exception.ErrorCode.TOO_MANY_REQUESTS_ANSWER;
 import static com.oronaminc.join.global.exception.ErrorCode.UNAUTHORIZED_MEMBER;
 
 import com.oronaminc.join.answer.domain.Answer;
@@ -9,8 +10,10 @@
 import com.oronaminc.join.answer.dto.AnswerUpdateResponse;
 import com.oronaminc.join.answer.mapper.AnswerMapper;
 import com.oronaminc.join.answer.service.AnswerService;
-import com.oronaminc.join.answer.util.PermissionValidator;
 import com.oronaminc.join.global.exception.ErrorException;
+import com.oronaminc.join.global.ratelimit.RateLimitService;
+import com.oronaminc.join.global.ratelimit.RateLimitType;
+import io.github.bucket4j.Bucket;
 import jakarta.validation.Valid;
 import java.security.Principal;
 import lombok.RequiredArgsConstructor;
@@ -27,7 +30,7 @@
 public class AnswerWebsocketController {
 
     private final AnswerService answerService;
-    private final PermissionValidator permissionValidator;
+    private final RateLimitService rateLimitService;
 
     @MessageMapping("/rooms/{roomId}/question/{questionId}/answers/create")
     @SendTo("/topic/rooms/{roomId}/answers")
@@ -39,11 +42,15 @@ public AnswerCreateResponse create(
     ) {
         Long memberId = getMemberId(principal);
 
-        permissionValidator.validateAnswerPermission(roomId, memberId);
+        Bucket bucket = rateLimitService.getBucket(RateLimitType.CREATE_ANSWER, roomId, memberId, questionId);
+
+        if (!bucket.tryConsume(1)) {
+            throw new ErrorException(TOO_MANY_REQUESTS_ANSWER);
+        }
 
         Answer answer = answerService.create(roomId, memberId, questionId, request);
 
-        log.info("답변 메세지 = {}", request.content());
+        log.info("답변 메세지 = {}", answer.getContent());
 
         return AnswerMapper.toAnswerCreateResponse(answer);
     }
@@ -58,26 +65,24 @@ public AnswerUpdateResponse update(
 
         Long memberId = getMemberId(principal);
 
-        permissionValidator.validateAnswerUpdatePermission(answerId, memberId);
+        Answer answer = answerService.update(answerId, memberId, request);
 
-        Answer answer = answerService.update(answerId, request);
+        log.info("수정 메세지 = {}", answer.getContent());
 
         return AnswerMapper.toAnswerUpdateResponse(answer);
     }
 
     @MessageMapping("/answers/{answerId}/delete")
     @SendTo("/topic/rooms/{roomId}/answers")
     public AnswerDeleteResponse delete(
-        @DestinationVariable Long roomId,
-        @DestinationVariable Long questionId,
         @DestinationVariable Long answerId,
         Principal principal
     ) {
         Long memberId = getMemberId(principal);
 
-        permissionValidator.validateAnswerDeletePermission(answerId, memberId);
+        answerService.delete(answerId, memberId);
 
-        answerService.delete(answerId);
+        log.info("삭제되었습니다.");
 
         return new AnswerDeleteResponse(answerId, "DELETE");
     }

src/test/java/com/oronaminc/join/answer/api/PermissionValidTests.java

@@ -65,13 +65,13 @@ void setUp() {
     }
 
     @Test
-    @DisplayName("TEAM or PRESENTER가 아닌 GUEST가 답변시 예외 발생")
-    void validateAnswerPermission_fail_not_team_or_presenter() {
+    @DisplayName("TEAM or PRESENTER or 작성자가 아닌 참여자가 답변시 예외 발생")
+    void validateAnswerPermission_fail_not_team_or_presenter_orWriter() {
         // given
         given(participantReader.getByRoomIdAndMemberId(1L, 1L)).willReturn(participant);
 
         // when & then
-        assertThatThrownBy(() -> permissionValidator.validateAnswerPermission(1L, 1L))
+        assertThatThrownBy(() -> permissionValidator.validateAnswerCreatePermission(1L, 1L, question))
             .isInstanceOf(ErrorException.class)
             .hasFieldOrPropertyWithValue("errorCode", ErrorCode.UNAUTHORIZED_ROLE_ANSWER);
     }
@@ -84,7 +84,7 @@ void validateAnswerPermission_fail_not_found_participant() {
             .willThrow(new ErrorException(ErrorCode.NOT_FOUND_PARTICIPANT));
 
         // when & then
-        assertThatThrownBy(() -> permissionValidator.validateAnswerPermission(1L, 1L))
+        assertThatThrownBy(() -> permissionValidator.validateAnswerCreatePermission(1L, 1L, question))
             .isInstanceOf(ErrorException.class)
             .hasFieldOrPropertyWithValue("errorCode", ErrorCode.NOT_FOUND_PARTICIPANT);
     }