From 59293948b488e75f91374302b17e7267260ce4d9 Mon Sep 17 00:00:00 2001 From: bangyewon <90364660+bangyewon@users.noreply.github.com> Date: Mon, 13 Jan 2025 16:13:01 +0900 Subject: [PATCH] =?UTF-8?q?[refactor]=20=ED=95=99=EC=8A=B5=EB=A6=AC?= =?UTF-8?q?=ED=8F=AC=ED=8A=B8=20=EC=A0=84=EC=B2=B4=EC=A1=B0=ED=9A=8C=20req?= =?UTF-8?q?uestParam=20=EC=82=AD=EC=A0=9C=20#134?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/ScoreReportController.java | 5 ++-- .../service/ScoreReportService.java | 25 +++++++++++++++---- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/src/main/java/classfit/example/classfit/scoreReport/controller/ScoreReportController.java b/src/main/java/classfit/example/classfit/scoreReport/controller/ScoreReportController.java index 90c4fb6c..3123765b 100644 --- a/src/main/java/classfit/example/classfit/scoreReport/controller/ScoreReportController.java +++ b/src/main/java/classfit/example/classfit/scoreReport/controller/ScoreReportController.java @@ -106,10 +106,9 @@ public ApiResponse showStudentReport(@AuthMember Memb @GetMapping("/all-report") @Operation(summary = "학습 리포트 전체조회", description = "학원 별 생성한 성적 리포트 전체조회 API입니다.") public ApiResponse> findAllReport( - @AuthMember Member member, - @RequestParam(name = "academyId") Long academyId) { + @AuthMember Member member) { - List response = scoreReportService.findAllReport(member, academyId); + List response = scoreReportService.findAllReport(member); return ApiResponse.success(response, 200, "FIND-ALL-STUDENT-REPORTS"); } diff --git a/src/main/java/classfit/example/classfit/scoreReport/service/ScoreReportService.java b/src/main/java/classfit/example/classfit/scoreReport/service/ScoreReportService.java index 2f720249..dc834a83 100644 --- a/src/main/java/classfit/example/classfit/scoreReport/service/ScoreReportService.java +++ b/src/main/java/classfit/example/classfit/scoreReport/service/ScoreReportService.java @@ -62,6 +62,7 @@ public CreateReportResponse createReport(@AuthMember Member member, SubClass subClass = subClassRepository.findById(request.subClassId()) .orElseThrow( () -> new ClassfitException("서브 클래스를 찾을 수 없어요.", HttpStatus.NOT_FOUND)); + validateAcademy(member, member.getAcademy().getId()); List exams = examRepository.findAllById(request.examIdList()); if (exams.isEmpty()) { @@ -143,6 +144,7 @@ public List findReport(@AuthMember Member member, Long mainC SubClass subClass = subClassRepository.findById(subClassId) .orElseThrow( () -> new ClassfitException("서브 클래스를 찾을 수 없어요.", HttpStatus.NOT_FOUND)); + validateAcademy(member, mainClass.getMember().getAcademy().getId()); List studentReports = scoreReportRepository.findFirstReportByStudent( mainClassId, subClassId); @@ -159,15 +161,13 @@ public List findReport(@AuthMember Member member, Long mainC } @Transactional(readOnly = true) - public List findAllReport(@AuthMember Member member, Long academyId) { + public List findAllReport(@AuthMember Member member) { + + Long academyId = member.getAcademy().getId(); Academy academy = academyRepository.findById(academyId) .orElseThrow(() -> new ClassfitException("학원을 찾을 수 없어요.", HttpStatus.NOT_FOUND)); - if (!Objects.equals(member.getAcademy().getId(), academyId)) { - throw new ClassfitException("해당 학원에 접근할 권한이 없습니다.", HttpStatus.FORBIDDEN); - } - List scoreReports = scoreReportRepository.findAllByAcademy(academy); return scoreReports.stream() @@ -191,12 +191,15 @@ public void deleteReport(@AuthMember Member member, Long studentReportId) { @Transactional(readOnly = true) public List findClassStudents(@AuthMember Member member, Long mainClassId, Long subClassId) { + MainClass mainClass = mainClassRepository.findById(mainClassId) .orElseThrow( () -> new ClassfitException("메인 클래스를 찾을 수 없어요.", HttpStatus.NOT_FOUND)); SubClass subClass = subClassRepository.findById(subClassId) .orElseThrow( () -> new ClassfitException("서브 클래스를 찾을 수 없어요.", HttpStatus.NOT_FOUND)); + validateAcademy(member, mainClass.getMember().getAcademy().getId()); + List classStudents = classStudentRepository.findStudentIdsByMainClassIdAndSubClassId( mainClassId, subClassId); return classStudents.stream() @@ -208,12 +211,14 @@ public List findClassStudents(@AuthMember Member member, Long @Transactional public List sentStudentOpinion(@AuthMember Member member, List requests) { + List responses = new ArrayList<>(); for (SentStudentOpinionRequest request : requests) { ScoreReport scoreReport = scoreReportRepository.findById(request.reportId()) .orElseThrow( () -> new ClassfitException("학습리포트를 찾을 수 없어요.", HttpStatus.NOT_FOUND)); + validateAcademy(member, scoreReport.getMainClass().getMember().getAcademy().getId()); scoreReport.updateStudentOpinion(request.studentOpinion()); @@ -234,6 +239,7 @@ public ShowStudentReportResponse showStudentReport(@AuthMember Member member, Lo .orElseThrow( () -> new ClassfitException("학습리포트를 찾을 수 없어요.", HttpStatus.NOT_FOUND)); + validateAcademy(member, scoreReport.getMainClass().getMember().getAcademy().getId()); List attendanceInfoList = scoreReport.getStudent().getAttendances().stream() .collect(Collectors.groupingBy( Attendance::getStatus, @@ -285,4 +291,13 @@ public ShowStudentReportResponse showStudentReport(@AuthMember Member member, Lo } + private void validateAcademy(Member member, Long academyId) { + Academy academy = academyRepository.findById(academyId) + .orElseThrow(() -> new ClassfitException("학원을 찾을 수 없어요.", HttpStatus.NOT_FOUND)); + if (!Objects.equals(member.getAcademy().getId(), academyId)) { + throw new ClassfitException("해당 학원에 접근할 권한이 없습니다.", HttpStatus.FORBIDDEN); + } + } + + }