[modify] step1 코드리뷰 반영

src/main/java/nextstep/MemberData.java

@@ -1,10 +1,7 @@
 package nextstep;
 
-import lombok.AllArgsConstructor;
 import nextstep.member.domain.Member;
-import nextstep.member.domain.MemberRepository;
 import nextstep.member.domain.RoleType;
-import org.springframework.stereotype.Component;
 
 import java.util.List;
 
@@ -17,6 +14,6 @@ public class MemberData {
     private static final String MEMBER_PASSWORD = "password";
     private static final int MEMBER_AGE = 20;
 
-    public static Member admin = new Member(ADMIN_EMAIL, ADMIN_PASSWORD, ADMIN_AGE, List.of(RoleType.ROLE_ADMIN.toString()));
-    public static Member member = new Member(MEMBER_EMAIL, MEMBER_PASSWORD, MEMBER_AGE, List.of(RoleType.ROLE_MEMBER.toString()));
+    public static Member admin = new Member(ADMIN_EMAIL, ADMIN_PASSWORD, ADMIN_AGE, List.of(RoleType.ROLE_ADMIN.name()));
+    public static Member member = new Member(MEMBER_EMAIL, MEMBER_PASSWORD, MEMBER_AGE, List.of(RoleType.ROLE_MEMBER.name()));
 }

src/main/java/nextstep/auth/authentication/Authenticator.java

@@ -19,13 +19,7 @@ public Authenticator(UserDetailsService userDetailsService) {
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
         AuthenticationToken token = convert(request);
-        LoginMember member;
-
-        try {
-            member = userDetailsService.loadUserByUsername(token.getPrincipal());
-        } catch (RuntimeException e) {
-            throw new AuthenticationException();
-        }
+        LoginMember member = userDetailsService.loadUserByUsername(token.getPrincipal());
 
         checkAuthentication(member, token.getCredentials());
         authenticate(member, response);

src/main/java/nextstep/member/application/MemberService.java

@@ -30,11 +30,13 @@ public MemberResponse findMember(String email) {
         return MemberResponse.of(member);
     }
 
+    @Transactional
     public void updateMember(Long id, MemberRequest param) {
         Member member = memberRepository.findById(id).orElseThrow(RuntimeException::new);
         member.update(param.toMember());
     }
 
+    @Transactional
     public void updateMember(String email, MemberRequest param) {
         Member member = memberRepository.findByEmail(email).orElseThrow(RuntimeException::new);
         member.update(param.toMember());

src/main/java/nextstep/member/ui/MemberController.java

@@ -1,6 +1,7 @@
 package nextstep.member.ui;
 
 import nextstep.auth.authorization.AuthenticationPrincipal;
+import nextstep.auth.secured.Secured;
 import nextstep.member.application.MemberService;
 import nextstep.member.application.dto.MemberRequest;
 import nextstep.member.application.dto.MemberResponse;
@@ -31,6 +32,7 @@ public ResponseEntity<MemberResponse> findMember(@PathVariable Long id) {
     }
 
     @PutMapping("/members/{id}")
+    @Secured("ROLE_ADMIN")
     public ResponseEntity<MemberResponse> updateMember(@PathVariable Long id, @RequestBody MemberRequest param) {
         memberService.updateMember(id, param);
         return ResponseEntity.ok().build();

src/main/java/nextstep/subway/ui/ControllerExceptionHandler.java

@@ -2,6 +2,7 @@
 
 import nextstep.auth.secured.RoleAuthenticationException;
 import org.springframework.dao.DataIntegrityViolationException;
+import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
@@ -20,6 +21,6 @@ public ResponseEntity<Void> handleIllegalArgsException(IllegalArgumentException
 
     @ExceptionHandler(RoleAuthenticationException.class)
     public ResponseEntity<Void> handleNoAuthenticationException(RoleAuthenticationException e) {
-        return ResponseEntity.badRequest().build();
+        return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
     }
 }

src/test/java/nextstep/subway/acceptance/AuthAcceptanceTest.java

@@ -8,7 +8,6 @@
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Test;
 import org.springframework.http.HttpStatus;
-import org.springframework.http.MediaType;
 
 import java.util.HashMap;
 import java.util.Map;
@@ -66,7 +65,7 @@ void fail_onlyAdminAuth() {
 
         ExtractableResponse<Response> response = 지하철역_생성_요청_토큰따로("서울역", accessToken);
 
-        assertThat(response.response().statusCode()).isEqualTo(HttpStatus.BAD_REQUEST.value());
+        assertThat(response.response().statusCode()).isEqualTo(HttpStatus.UNAUTHORIZED.value());
     }
 
     @DisplayName("권한 부족한 토큰 실패")
@@ -76,7 +75,7 @@ void fail_notAdminAuth() {
 
         ExtractableResponse<Response> response = 지하철역_생성_요청_토큰따로("서울역", accessToken);
 
-        assertThat(response.response().statusCode()).isEqualTo(HttpStatus.BAD_REQUEST.value());
+        assertThat(response.response().statusCode()).isEqualTo(HttpStatus.UNAUTHORIZED.value());
     }
 
     private ExtractableResponse<Response> 폼_로그인_후_내_회원_정보_조회_요청(String email, String password) {

src/test/java/nextstep/subway/acceptance/MemberAcceptanceTest.java

@@ -10,7 +10,7 @@
 import static org.assertj.core.api.Assertions.assertThat;
 
 class MemberAcceptanceTest extends AcceptanceTest {
-    public static final String EMAIL = "email@email.com";
+    public static final String EMAIL = "email2@email.com";
     public static final String PASSWORD = "password";
     public static final int AGE = 20;
 
@@ -67,10 +67,32 @@ void deleteMember() {
     @DisplayName("회원 정보를 관리한다.")
     @Test
     void manageMember() {
+        // given
+        ExtractableResponse<Response> createResponse = 회원_생성_요청(EMAIL, PASSWORD, AGE);
+        String newEmail = "[email protected]";
+
+        // when
+        ExtractableResponse<Response> response = 회원_정보_수정_요청(createResponse, newEmail, PASSWORD, AGE);
+        ExtractableResponse<Response> member = 회원_정보_조회_요청(createResponse);
+
+        // then
+        assertThat(response.statusCode()).isEqualTo(HttpStatus.OK.value());
+        assertThat(member.jsonPath().getString("email")).isEqualTo(newEmail);
     }
 
     @DisplayName("나의 정보를 관리한다.")
     @Test
     void manageMyInfo() {
+        // given
+        ExtractableResponse<Response> createResponse = 회원_생성_요청(EMAIL, PASSWORD, AGE);
+        String newEmail = "[email protected]";
+
+        // when
+        ExtractableResponse<Response> response = 베이직_인증으로_내_회원_정보_수정_요청(EMAIL, PASSWORD, newEmail, PASSWORD, AGE);
+        ExtractableResponse<Response> member = 회원_정보_조회_요청(createResponse);
+
+        // then
+        assertThat(response.statusCode()).isEqualTo(HttpStatus.OK.value());
+        assertThat(member.jsonPath().getString("email")).isEqualTo(newEmail);
     }
 }

src/test/java/nextstep/subway/acceptance/MemberSteps.java

@@ -3,6 +3,7 @@
 import io.restassured.RestAssured;
 import io.restassured.response.ExtractableResponse;
 import io.restassured.response.Response;
+import nextstep.subway.utils.SecurityUtil;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 
@@ -65,8 +66,7 @@ public class MemberSteps {
         params.put("password", password);
         params.put("age", age + "");
 
-        return RestAssured
-                .given().log().all()
+        return SecurityUtil.given()
                 .contentType(MediaType.APPLICATION_JSON_VALUE)
                 .body(params)
                 .when().put(uri)
@@ -91,6 +91,23 @@ public class MemberSteps {
                 .extract();
     }
 
+    public static ExtractableResponse<Response> 베이직_인증으로_내_회원_정보_수정_요청(String username, String password, String newEmail, String newPassword, Integer newAge) {
+        Map<String, String> params = new HashMap<>();
+        params.put("email", newEmail);
+        params.put("password", newPassword);
+        params.put("age", newAge + "");
+
+        return RestAssured.given().log().all()
+                .auth().preemptive().basic(username, password)
+                .when()
+                .body(params)
+                .contentType(MediaType.APPLICATION_JSON_VALUE)
+                .put("/members/me")
+                .then().log().all()
+                .statusCode(HttpStatus.OK.value())
+                .extract();
+    }
+
     public static void 회원_정보_조회됨(ExtractableResponse<Response> response, String email, int age) {
         assertThat(response.jsonPath().getString("id")).isNotNull();
         assertThat(response.jsonPath().getString("email")).isEqualTo(email);

src/test/java/nextstep/subway/utils/SecurityUtil.java

@@ -4,17 +4,15 @@
 import io.restassured.specification.RequestSpecification;
 import nextstep.MemberData;
 import nextstep.auth.token.JwtTokenProvider;
-import nextstep.member.domain.RoleType;
 import org.springframework.test.util.ReflectionTestUtils;
 
-import java.util.List;
+import static nextstep.subway.acceptance.MemberSteps.로그인_되어_있음;
 
 public class SecurityUtil {
 
-    static JwtTokenProvider jwtTokenProvider = getUnlimitedJwtTokenProvider();
-    static String token = jwtTokenProvider.createToken(MemberData.admin.getEmail(), List.of(RoleType.ROLE_ADMIN.toString()));
-
     public static RequestSpecification given() {
+        String token = 로그인_되어_있음(MemberData.admin.getEmail(), MemberData.admin.getPassword());
+
         return RestAssured.given().log().all()
                 .auth().oauth2(token);
     }