feat: add Update API error

pet-sitter · Dec 9, 2023 · 459fcfe · 459fcfe
1 parent d61aa85
commit 459fcfe
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 28 deletions.
diff --git a/cmd/server/handler/sos_post_handler.go b/cmd/server/handler/sos_post_handler.go
@@ -24,17 +24,17 @@ func NewSosPostHandler(sosPostService sos_post.SosPostService, authService auth.
 	}
 }
 
-// uploadSosPost godoc
+// writeSosPost godoc
 // @Summary 돌봄급구 게시글을 업로드합니다.
 // @Description
 // @Tags posts
 // @Accept  json
 // @Produce  json
-// @Param request body sos_post.UploadSosPostRequest true "돌봄급구 게시글 업로드 요청"
+// @Param request body sos_post.WriteSosPostRequest true "돌봄급구 게시글 업로드 요청"
 // @Security FirebaseAuth
-// @Success 201 {object} sos_post.UploadSosPostResponse
+// @Success 201 {object} sos_post.WriteSosPostResponse
 // @Router /posts/sos [post]
-func (h *SosPostHandler) UploadSosPost(w http.ResponseWriter, r *http.Request) {
+func (h *SosPostHandler) WriteSosPost(w http.ResponseWriter, r *http.Request) {
 	foundUser, err := h.authService.VerifyAuthAndGetUser(r.Context(), r.Header.Get("Authorization"))
 	if err != nil {
 		commonviews.Unauthorized(w, nil, "unauthorized")
@@ -43,18 +43,18 @@ func (h *SosPostHandler) UploadSosPost(w http.ResponseWriter, r *http.Request) {
 
 	uid, _ := strconv.Atoi(foundUser.FirebaseUID)
 
-	var uploadSosPostRequest sos_post.UploadSosPostRequest
+	var writeSosPostRequest sos_post.WriteSosPostRequest
 
-	if err := json.NewDecoder(r.Body).Decode(&uploadSosPostRequest); err != nil {
+	if err := json.NewDecoder(r.Body).Decode(&writeSosPostRequest); err != nil {
 		commonviews.BadRequest(w, nil, err.Error())
 		return
 	}
-	if err := validator.New().Struct(uploadSosPostRequest); err != nil {
+	if err := validator.New().Struct(writeSosPostRequest); err != nil {
 		commonviews.BadRequest(w, nil, err.Error())
 		return
 	}
 
-	res, err := h.sosPostService.UploadSosPost(uid, &uploadSosPostRequest)
+	res, err := h.sosPostService.WriteSosPost(uid, &writeSosPostRequest)
 	if err != nil {
 		commonviews.InternalServerError(w, nil, err.Error())
 		return
@@ -201,11 +201,26 @@ func (h *SosPostHandler) FindSosPostByID(w http.ResponseWriter, r *http.Request)
 // @Success 200
 // @Router /posts/sos [put]
 func (h *SosPostHandler) UpdateSosPost(w http.ResponseWriter, r *http.Request) {
+	foundUser, err := h.authService.VerifyAuthAndGetUser(r.Context(), r.Header.Get("Authorization"))
+	if err != nil {
+		commonviews.Unauthorized(w, nil, "unauthorized")
+		return
+	}
+
+	uid, _ := strconv.Atoi(foundUser.FirebaseUID)
+
 	var updateSosPostRequest sos_post.UpdateSosPostRequest
 	if err := commonviews.ParseBody(w, r, &updateSosPostRequest); err != nil {
 		return
 	}
 
+	permission := h.sosPostService.CheckUpdatePermission(uid, updateSosPostRequest.ID)
+
+	if !permission {
+		commonviews.Forbidden(w, nil, "forbidden")
+		return
+	}
+
 	res, err := h.sosPostService.UpdateSosPost(&updateSosPostRequest)
 	if err != nil {
 		commonviews.InternalServerError(w, nil, err.Error())

diff --git a/internal/domain/sos_post/service.go b/internal/domain/sos_post/service.go
@@ -17,8 +17,8 @@ func NewSosPostService(sosPostStore SosPostStore, resourceMediaStore media.Resou
 	}
 }
 
-func (service *SosPostService) UploadSosPost(authorID int, request *UploadSosPostRequest) (*UploadSosPostResponse, error) {
-	sosPost, err := service.sosPostStore.CreateSosPost(authorID, request)
+func (service *SosPostService) WriteSosPost(authorID int, request *WriteSosPostRequest) (*WriteSosPostResponse, error) {
+	sosPost, err := service.sosPostStore.WriteSosPost(authorID, request)
 	if err != nil {
 		return nil, err
 	}
@@ -75,7 +75,7 @@ func (service *SosPostService) UploadSosPost(authorID int, request *UploadSosPos
 		petsView = append(petsView, p)
 	}
 
-	return &UploadSosPostResponse{
+	return &WriteSosPostResponse{
 		ID:           sosPost.ID,
 		AuthorID:     sosPost.AuthorID,
 		Title:        sosPost.Title,
@@ -346,12 +346,12 @@ func (service *SosPostService) FindSosPostByID(id int) (*FindSosPostResponse, er
 }
 
 func (service *SosPostService) UpdateSosPost(request *UpdateSosPostRequest) (*UpdateSosPostResponse, error) {
-	sosPost, err := service.sosPostStore.UpdateSosPost(request)
+	updateSosPost, err := service.sosPostStore.UpdateSosPost(request)
 	if err != nil {
 		return nil, err
 	}
 
-	mediaData, err := service.resourceMediaStore.FindResourceMediaByResourceID(sosPost.ID, string(media.SosResourceType))
+	mediaData, err := service.resourceMediaStore.FindResourceMediaByResourceID(updateSosPost.ID, string(media.SosResourceType))
 	if err != nil {
 		return nil, err
 	}
@@ -368,7 +368,7 @@ func (service *SosPostService) UpdateSosPost(request *UpdateSosPostRequest) (*Up
 		mediaView = append(mediaView, view)
 	}
 
-	conditions, err := service.sosPostStore.FindConditionByID(sosPost.ID)
+	conditions, err := service.sosPostStore.FindConditionByID(updateSosPost.ID)
 	if err != nil {
 		return nil, err
 	}
@@ -383,7 +383,7 @@ func (service *SosPostService) UpdateSosPost(request *UpdateSosPostRequest) (*Up
 		conditionsView = append(conditionsView, view)
 	}
 
-	pets, err := service.sosPostStore.FindPetsByID(sosPost.ID)
+	pets, err := service.sosPostStore.FindPetsByID(updateSosPost.ID)
 	if err != nil {
 		return nil, err
 	}
@@ -404,21 +404,29 @@ func (service *SosPostService) UpdateSosPost(request *UpdateSosPostRequest) (*Up
 	}
 
 	return &UpdateSosPostResponse{
-		ID:           sosPost.ID,
-		AuthorID:     sosPost.AuthorID,
-		Title:        sosPost.Title,
-		Content:      sosPost.Content,
+		ID:           updateSosPost.ID,
+		AuthorID:     updateSosPost.AuthorID,
+		Title:        updateSosPost.Title,
+		Content:      updateSosPost.Content,
 		Media:        mediaView,
 		Conditions:   conditionsView,
 		Pets:         petsView,
-		Reward:       sosPost.Reward,
-		DateStartAt:  sosPost.DateStartAt,
-		DateEndAt:    sosPost.DateEndAt,
-		TimeStartAt:  sosPost.TimeStartAt,
-		TimeEndAt:    sosPost.TimeEndAt,
-		CareType:     sosPost.CareType,
-		CarerGender:  sosPost.CarerGender,
-		RewardAmount: sosPost.RewardAmount,
-		ThumbnailID:  sosPost.ThumbnailID,
+		Reward:       updateSosPost.Reward,
+		DateStartAt:  updateSosPost.DateStartAt,
+		DateEndAt:    updateSosPost.DateEndAt,
+		TimeStartAt:  updateSosPost.TimeStartAt,
+		TimeEndAt:    updateSosPost.TimeEndAt,
+		CareType:     updateSosPost.CareType,
+		CarerGender:  updateSosPost.CarerGender,
+		RewardAmount: updateSosPost.RewardAmount,
+		ThumbnailID:  updateSosPost.ThumbnailID,
 	}, nil
 }
+
+func (service *SosPostService) CheckUpdatePermission(userID int, sosPostID int) bool {
+	sosPost, _ := service.sosPostStore.FindSosPostByID(sosPostID)
+	if sosPost.AuthorID != userID {
+		return false
+	}
+	return true
+}