Skip to content

[429] 정책 관련 테스트#106

Closed
Misu0616 wants to merge 169 commits into
mainfrom
test/429-policy-misu
Closed

[429] 정책 관련 테스트#106
Misu0616 wants to merge 169 commits into
mainfrom
test/429-policy-misu

Conversation

@Misu0616
Copy link
Copy Markdown
Contributor

@Misu0616 Misu0616 commented Mar 4, 2026
edited by coderabbitai Bot
Loading

개요

  1. AdminPolicyServiceImpl test 코드 추가
  2. UserPolicyServiceImpl test 코드 추가(반복/즉시 차단, 정책 조회 등)

관련 BackLog

Resolves: (429)

PR 유형

  • 새로운 기능 추가
  • 버그 수정
  • CSS 등 사용자 UI 디자인 변경
  • 코드에 영향을 주지 않는 변경사항(오타 수정, 탭 사이즈 변경, 변수명 변경)
  • 코드 리팩토링
  • 주석 추가 및 수정
  • 문서 수정
  • 테스트 추가, 테스트 리팩토링
  • 빌드 부분 혹은 패키지 매니저 수정
  • 파일 혹은 폴더명 수정
  • 파일 혹은 폴더 삭제

PR Checklist

  • 커밋 메시지 컨벤션에 맞게 작성했습니다.
  • 변경 사항에 대한 테스트를 했습니다.(버그 수정/기능에 대한 테스트).

Summary by CodeRabbit

New Features

  • Added authentication system with user and admin login.
  • Introduced notification and alarm management with customizable settings.
  • Implemented role-based access control and permission management for family members.
  • Added policy management system for data/speed limits and content blocking.
  • Launched Q&A system with answer creation and file attachments.
  • Enhanced file upload with presigned URL generation and validation.

Bug Fixes

  • Improved data timestamp accuracy by upgrading time field precision.

hyeonRS and others added 30 commits February 24, 2026 15:39
@hyeonRS
feat(security) : Login 관련 DTO 생성
b2de2c9
@hyeonRS
feat(security): Session 설정 파일 생성
79b94a4
@hyeonRS
feat(security) : 로그인 컨트롤러 생성
b2696e2
@hyeonRS
feat : UserDtails / UserDetailsService 구현체 생성
2d86679
@hyeonRS
Refactor(security) : securityConfig 책임 분리
14b560a
@hyeonRS
Feat(security) : principal 인증 후 패스워드 제거 및 lineId 저장
9112d0a
@hyeonRS
Refactor(security) : UserDetail 인스턴스 생성 빌더 패턴 적용
d61a031
@hyeonRS
Refactor(security) : 로그인 응답 시 임시 ResDTO 제거
8fceba6
@hyuuuun
feat(permission) : errorcode enum추가
f4d4c82
@hyuuuun
feat(permission) : 구성원 권한 관리 mapper 및 xml 추가
1d217bd 
- LineMapper /임시
- FamilyLineMapper /임시
- PermissionLineMapper
- PermissionMapper
@hyuuuun
Merge remote-tracking branch 'origin/dev' into feat/187-permission
7de821e
@hyuuuun
Merge remote-tracking branch 'origin/dev' into feat/187-permission
a3b36e2
@hyuuuun
feat(permission) : memberPermission(구성원권한) service 생성
e047792 
하위 백로그 : 기능
      104 : 조회
      103 : 권한 변경
      196 : 내 권한 상태 조회
@hyuuuun
test (permission) : memberPermission(구성원권한) service 테스트
0c7ec71 
하위 백로그 : 기능
      104 : 조회
      103 : 권한 변경
      196 : 내 권한 상태 조회
@hyuuuun
feat(permission) : errorcode enum추가
84c164b
@hyuuuun
feat(permission) : 조회 검증용 familyId+lineId로 familyLine 조회
0f44275
@hyuuuun
feat(permission) : 조회 검증 로직 추가 및 에러코드 적용
668ea59
@hyuuuun
Merge remote-tracking branch 'origin/dev' into feat/187-permission
af3d1e4
refactor(question): 임시 커밋
94814b8
@hyuuuun
test (permission) : familylineId mock
384f318
@hyuuuun
Merge remote-tracking branch 'origin/dev' into feat/187-permission
b309c6e
Merge branch 'dev' of https://github.com/pooli-dev/pooli-be into feat…
16649e1 
…/40-question
@Misu0616
refactor(policy): adminPolicyController 의 apiResponse 수정
1fb6fd9
feat(question): 문의사항 생성 및 삭제 로직 추가
d675cf3
Merge branch 'dev' of https://github.com/pooli-dev/pooli-be into feat…
5c0b624 
…/40-question
@Misu0616
refactor(policy): UserPolicyController apiResponse 수정 일부
755b50b
@hyuuuun
chroe (permission) : authenticationPrincipal로 바꿀 부분 주석 처리
94b6386
@Misu0616
refactor(policy): AdminPolicyController apiResponse convetion 맞게재수정
eadebd8
@hyuuuun
feat(Permission-role): 대표자 권한 양도 서비스 구현
b7f507a
@hyeonRS
Merge branch 'dev' into feat/4-auth-login
d87e1e4
Misu0616 and others added 22 commits March 4, 2026 00:11
@Misu0616
feat(policy): 관리자 정책, 카테고리 serviceImpl 구현
921fa49
@Misu0616
remove(policy): 변경 전 올린 mapper, serviceImple 삭제
3799455
@Misu0616
remove(policy): 변경 전 올린 mapper.xml 삭제
a203fc8
@pjh813
Merge pull request #95 from pooli-dev/feat/4-auth-login
5668dec 
[4] Authorize및 인가 응답 에러 메시지 분기 처리
@ms-0o0
Merge pull request #96 from pooli-dev/feat/409-permission
a89c9e8 
Feat/409 permission
feat(alarm): 미읽음 개수 알람 조회 추가
e59e4e5
feat(alarm): 알람 조회 알람 설정 기반으로 조회되게끔 변경
16454ca
Merge branch 'dev' of https://github.com/pooli-dev/pooli-be into feat…
5b1322f 
…/18-alarm
@hyuuuun
Merge pull request #97 from pooli-dev/feat/325-upload
a6cf68d 
feat(upload): 첨부 파일 개수 admin일 경우 제한 없게끔 코드 변경
Merge branch 'dev' of https://github.com/pooli-dev/pooli-be into feat…
aeb9abf 
…/18-alarm
document(alarm&question): 변경된 @PreAuthorize(@authz.requireAdmin(authe…
4b20d88 
…ntication)) 으로 코드 적용
@Misu0616
feat(policy): 누락된 xml 추가, 관리자 정책, 카테고리 postman test 완료
9e56019
@Misu0616
chore(policy): 정책 활성/비활성 상태 xml 변경
93007b7
@Misu0616
Merge branch 'feat/415-api-adminPolicy-misu' of https://github.com/po…
df3fc6e 
…oli-dev/pooli-be into feat/423-adminPolicy-misu
@Misu0616
chore(policy): branch 병합 오류 해결(파일 되살림)
ce6bb12
@Misu0616
Merge branch 'feat/411-adminMapperAndService-policy-misu' of https://…
1c8bd27 
…github.com/pooli-dev/pooli-be into feat/423-adminPolicy-misu
test(question) : 문의 답변 service 테스트 코드 추가
3c9c0b6
@hyuuuun
Merge pull request #99 from pooli-dev/feat/18-alarm
84b340b 
Feat/18 alarm
@Misu0616
refactor(policy): isNew 관련 쿼리 수정
c0bc5ee
@Misu0616
Merge pull request #103 from pooli-dev/test/427-question
2489e9e 
test(question) : 문의 답변 service 테스트 코드 추가
@Misu0616
Merge pull request #104 from pooli-dev/feat/423-adminPolicy-misu
bbe27e5 
[423] 관리자 정책/카테고리 추가
@Misu0616
test(policy): admin, user(차단) 관련 테스트 코드 작성 및 실행 확인
a94c627
@Misu0616 Misu0616 requested a review from Iwantcod March 4, 2026 04:21
@Misu0616 Misu0616 self-assigned this Mar 4, 2026
@Misu0616 Misu0616 added the test 테스트 label Mar 4, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Mar 4, 2026

정책 위반: main에는 dev에서만 PR이 가능합니다. 이 PR은 자동으로 닫습니다.

@github-actions github-actions Bot closed this Mar 4, 2026
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Mar 4, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: c4552aea-3caf-4b8b-a6ed-4a205f79d810

📥 Commits

Reviewing files that changed from the base of the PR and between 1537d50 and a94c627.

📒 Files selected for processing (149)
  • build.gradle
  • src/main/java/com/pooli/auth/authz/MethodAuthz.java
  • src/main/java/com/pooli/auth/controller/AuthController.java
  • src/main/java/com/pooli/auth/dto/request/LoginReqDto.java
  • src/main/java/com/pooli/auth/exception/CustomAccessDeniedHandler.java
  • src/main/java/com/pooli/auth/exception/CustomAuthenticationEntryPoint.java
  • src/main/java/com/pooli/auth/exception/denied/AdminOnlyDeniedException.java
  • src/main/java/com/pooli/auth/exception/denied/OwnerOnlyDeniedException.java
  • src/main/java/com/pooli/auth/exception/denied/UserOnlyDeniedException.java
  • src/main/java/com/pooli/auth/service/AuthUserDetails.java
  • src/main/java/com/pooli/auth/service/CustomUserDetailsService.java
  • src/main/java/com/pooli/common/config/CORSConfig.java
  • src/main/java/com/pooli/common/config/CsrfCustomizer.java
  • src/main/java/com/pooli/common/config/CsrfDisabledConfig.java
  • src/main/java/com/pooli/common/config/CsrfEnabledConfig.java
  • src/main/java/com/pooli/common/config/SecurityConfig.java
  • src/main/java/com/pooli/common/config/SecurityContextConfig.java
  • src/main/java/com/pooli/common/config/SessionConfig.java
  • src/main/java/com/pooli/common/controller/UploadController.java
  • src/main/java/com/pooli/common/dto/request/PresignedUrlReqDto.java
  • src/main/java/com/pooli/common/dto/request/UploadFileReqDto.java
  • src/main/java/com/pooli/common/exception/CommonErrorCode.java
  • src/main/java/com/pooli/common/exception/GlobalExceptionHandler.java
  • src/main/java/com/pooli/common/service/UploadService.java
  • src/main/java/com/pooli/common/service/UploadServiceImpl.java
  • src/main/java/com/pooli/common/validator/LineOwnershipValidator.java
  • src/main/java/com/pooli/common/validator/UploadValidationService.java
  • src/main/java/com/pooli/common/validator/UploadValidationServiceImpl.java
  • src/main/java/com/pooli/line/mapper/LineMapper.java
  • src/main/java/com/pooli/notification/controller/AlarmSettingController.java
  • src/main/java/com/pooli/notification/controller/NotiReadController.java
  • src/main/java/com/pooli/notification/controller/NotiSendController.java
  • src/main/java/com/pooli/notification/domain/dto/request/AlarmSettingReqDto.java
  • src/main/java/com/pooli/notification/domain/dto/request/NotiSendReqDto.java
  • src/main/java/com/pooli/notification/domain/dto/response/AlarmSettingResDto.java
  • src/main/java/com/pooli/notification/domain/dto/response/NotiSendResDto.java
  • src/main/java/com/pooli/notification/domain/entity/AlarmHistory.java
  • src/main/java/com/pooli/notification/domain/entity/AlarmSetting.java
  • src/main/java/com/pooli/notification/domain/enums/AlarmCode.java
  • src/main/java/com/pooli/notification/domain/enums/AlarmType.java
  • src/main/java/com/pooli/notification/domain/enums/NotificationTargetType.java
  • src/main/java/com/pooli/notification/exception/NotificationErrorCode.java
  • src/main/java/com/pooli/notification/mapper/AlarmHistoryMapper.java
  • src/main/java/com/pooli/notification/mapper/AlarmSettingMapper.java
  • src/main/java/com/pooli/notification/mapper/NotificationLineMapper.java
  • src/main/java/com/pooli/notification/service/AlarmHistoryService.java
  • src/main/java/com/pooli/notification/service/AlarmHistoryServiceImpl.java
  • src/main/java/com/pooli/notification/service/AlarmSettingService.java
  • src/main/java/com/pooli/notification/service/AlarmSettingServiceImpl.java
  • src/main/java/com/pooli/permission/controller/MemberPermissionController.java
  • src/main/java/com/pooli/permission/controller/PermissionController.java
  • src/main/java/com/pooli/permission/controller/RoleController.java
  • src/main/java/com/pooli/permission/domain/dto/request/MemberPermissionBulkUpsertReqDto.java
  • src/main/java/com/pooli/permission/domain/dto/request/MemberPermissionUpsertReqDto.java
  • src/main/java/com/pooli/permission/domain/dto/request/PermissionReqDto.java
  • src/main/java/com/pooli/permission/domain/dto/response/RepresentativeRoleTransferResDto.java
  • src/main/java/com/pooli/permission/exception/PermissionErrorCode.java
  • src/main/java/com/pooli/permission/mapper/FamilyLineMapper.java
  • src/main/java/com/pooli/permission/mapper/LineUserPermissionMapper.java
  • src/main/java/com/pooli/permission/mapper/PermissionLineMapper.java
  • src/main/java/com/pooli/permission/mapper/PermissionMapper.java
  • src/main/java/com/pooli/permission/service/MemberPermissionService.java
  • src/main/java/com/pooli/permission/service/MemberPermissionServiceImpl.java
  • src/main/java/com/pooli/permission/service/PermissionService.java
  • src/main/java/com/pooli/permission/service/PermissionServiceImpl.java
  • src/main/java/com/pooli/permission/service/RoleService.java
  • src/main/java/com/pooli/permission/service/RoleServiceImpl.java
  • src/main/java/com/pooli/policy/controller/AdminPolicyController.java
  • src/main/java/com/pooli/policy/controller/UserPolicyController.java
  • src/main/java/com/pooli/policy/domain/dto/request/AdminCategoryReqDto.java
  • src/main/java/com/pooli/policy/domain/dto/request/AdminPolicyActiveReqDto.java
  • src/main/java/com/pooli/policy/domain/dto/request/AdminPolicyReqDto.java
  • src/main/java/com/pooli/policy/domain/dto/request/PolicyActivationReqDto.java
  • src/main/java/com/pooli/policy/domain/dto/request/RepeatBlockPolicyReqDto.java
  • src/main/java/com/pooli/policy/domain/dto/response/ActivePolicyResDto.java
  • src/main/java/com/pooli/policy/domain/dto/response/AdminPolicyActiveResDto.java
  • src/main/java/com/pooli/policy/domain/dto/response/AdminPolicyCateResDto.java
  • src/main/java/com/pooli/policy/domain/dto/response/AdminPolicyResDto.java
  • src/main/java/com/pooli/policy/domain/dto/response/PolicyDeactivationResDto.java
  • src/main/java/com/pooli/policy/domain/dto/response/RepeatBlockPolicyResDto.java
  • src/main/java/com/pooli/policy/exception/PolicyErrorCode.java
  • src/main/java/com/pooli/policy/mapper/AdminPolicyMapper.java
  • src/main/java/com/pooli/policy/mapper/AppPolicyMapper.java
  • src/main/java/com/pooli/policy/mapper/DailyLimitMapper.java
  • src/main/java/com/pooli/policy/mapper/ImmediateBlockMapper.java
  • src/main/java/com/pooli/policy/mapper/PolicyBackOfficeMapper.java
  • src/main/java/com/pooli/policy/mapper/RepeatBlockDayMapper.java
  • src/main/java/com/pooli/policy/mapper/RepeatBlockMapper.java
  • src/main/java/com/pooli/policy/mapper/SharedLimitMapper.java
  • src/main/java/com/pooli/policy/mapper/WhitelistMapper.java
  • src/main/java/com/pooli/policy/repository/.gitkeep
  • src/main/java/com/pooli/policy/service/.gitkeep
  • src/main/java/com/pooli/policy/service/AdminPolicyService.java
  • src/main/java/com/pooli/policy/service/AdminPolicyServiceImpl.java
  • src/main/java/com/pooli/policy/service/UserPolicyService.java
  • src/main/java/com/pooli/policy/service/UserPolicyServiceImpl.java
  • src/main/java/com/pooli/question/controller/AnswerController.java
  • src/main/java/com/pooli/question/controller/AnwserController.java
  • src/main/java/com/pooli/question/controller/QuestionController.java
  • src/main/java/com/pooli/question/domain/dto/QuestionAttachmentDto.java
  • src/main/java/com/pooli/question/domain/dto/request/AnswerCreateReqDto.java
  • src/main/java/com/pooli/question/domain/dto/request/AttachmentReqDto.java
  • src/main/java/com/pooli/question/domain/dto/request/QuestionCreateReqDto.java
  • src/main/java/com/pooli/question/domain/dto/response/AnswerCreateResDto.java
  • src/main/java/com/pooli/question/domain/dto/response/AnswerResDto.java
  • src/main/java/com/pooli/question/domain/dto/response/AttachmentResDto.java
  • src/main/java/com/pooli/question/domain/dto/response/QuestionCreateResDto.java
  • src/main/java/com/pooli/question/domain/dto/response/QuestionResDto.java
  • src/main/java/com/pooli/question/exception/AnswerErrorCode.java
  • src/main/java/com/pooli/question/exception/QuestionErrorCode.java
  • src/main/java/com/pooli/question/mapper/AnswerMapper.java
  • src/main/java/com/pooli/question/mapper/QuestionMapper.java
  • src/main/java/com/pooli/question/service/AnswerService.java
  • src/main/java/com/pooli/question/service/AnswerServiceImpl.java
  • src/main/java/com/pooli/question/service/QuestionService.java
  • src/main/java/com/pooli/question/service/QuestionServiceImpl.java
  • src/main/java/com/pooli/question/service/QuestionValidationService.java
  • src/main/java/com/pooli/question/service/QuestionValidationServiceImpl.java
  • src/main/java/com/pooli/user/mapper/UserMapper.java
  • src/main/resources/application-local.yml
  • src/main/resources/application.yaml
  • src/main/resources/db/migration/V2603031140__recreate_alarm_history_with_line_fk.sql
  • src/main/resources/db/migration/V2603031330__modify_alarm_history_alarm_code_enum.sql
  • src/main/resources/db/migration/V2603031530__modify_alarm_history_alarm_code_enum.sql
  • src/main/resources/mapper/line/LineMapper.xml
  • src/main/resources/mapper/notification/AlarmHistoryMapper.xml
  • src/main/resources/mapper/notification/AlarmSettingMapper.xml
  • src/main/resources/mapper/notification/NotificationLineMapper.xml
  • src/main/resources/mapper/permission/FamilyLineMapper.xml
  • src/main/resources/mapper/permission/LineMapper.xml
  • src/main/resources/mapper/permission/PermissionLineMapper.xml
  • src/main/resources/mapper/permission/PermissionMapper.xml
  • src/main/resources/mapper/policy/AdminPolicyMapper.xml
  • src/main/resources/mapper/policy/AppPolicyMapper.xml
  • src/main/resources/mapper/policy/DailyLimitMapper.xml
  • src/main/resources/mapper/policy/ImmediateBlockMapper.xml
  • src/main/resources/mapper/policy/PolicyBackOfficeMapper.xml
  • src/main/resources/mapper/policy/RepeatBlockDayMapper.xml
  • src/main/resources/mapper/policy/RepeatBlockMapper.xml
  • src/main/resources/mapper/policy/SharedLimitMapper.xml
  • src/main/resources/mapper/policy/WhitelistMapper.xml
  • src/main/resources/mapper/question/AnswerMapper.xml
  • src/main/resources/mapper/question/QuestionMapper.xml
  • src/main/resources/mapper/user/UserMapper.xml
  • src/test/java/com/pooli/policy/service/AdminPolicyServiceImplTest.java
  • src/test/java/com/pooli/policy/service/UserPolicyServiceImplTest.java
  • src/test/java/com/pooli/question/service/AnswerServiceImplTest.java
  • src/test/java/com/pooli/question/service/QuestionServiceImplTest.java
  • src/test/java/com/pooli/question/service/QuestionValidationServiceTest.java
📝 Walkthrough

Walkthrough

This PR introduces comprehensive authentication, authorization, and notification system overhauls. Key additions include: new authentication controllers with custom exception handlers, role-based method security, session and CSRF configurations, a complete notification and alarm management system with user settings, refactored permission and policy management with enhanced validation, a new question-and-answer module with answer creation and deletion workflows, upload service enhancements with user context validation, and supporting database migrations and MyBatis mappers across all modules.

Changes

Cohort / File(s) Summary
Authentication & Security Framework
src/main/java/com/pooli/auth/authz/MethodAuthz.java, src/main/java/com/pooli/auth/controller/AuthController.java, src/main/java/com/pooli/auth/service/AuthUserDetails.java, src/main/java/com/pooli/auth/service/CustomUserDetailsService.java		 New Spring Security integration with method-level authorization helpers, user authentication endpoint, and custom UserDetails implementation supporting multiple roles (ADMIN, FAMILY_OWNER, FAMILY_MEMBER).
Exception Handlers & Error Codes
src/main/java/com/pooli/auth/exception/CustomAuthenticationEntryPoint.java, src/main/java/com/pooli/auth/exception/CustomAccessDeniedHandler.java, src/main/java/com/pooli/auth/exception/denied/*, src/main/java/com/pooli/common/exception/CommonErrorCode.java, src/main/java/com/pooli/common/exception/GlobalExceptionHandler.java		 New exception handlers for 401/403 responses with custom error codes; domain-specific access denial exceptions (AdminOnly, OwnerOnly, UserOnly) for granular authorization failures.
Session & CSRF Configuration
src/main/java/com/pooli/common/config/SessionConfig.java, src/main/java/com/pooli/common/config/CORSConfig.java, src/main/java/com/pooli/common/config/SecurityContextConfig.java, src/main/java/com/pooli/common/config/CsrfCustomizer.java, src/main/java/com/pooli/common/config/CsrfDisabledConfig.java, src/main/java/com/pooli/common/config/CsrfEnabledConfig.java, src/main/java/com/pooli/common/config/SecurityConfig.java		 Redis-backed HTTP sessions, CORS support with configurable origins, environment-specific CSRF protection (disabled in local, enabled in production with cookie-based tokens).
Upload Service Enhancement
src/main/java/com/pooli/common/controller/UploadController.java, src/main/java/com/pooli/common/dto/request/PresignedUrlReqDto.java, src/main/java/com/pooli/common/dto/request/UploadFileReqDto.java, src/main/java/com/pooli/common/service/UploadService.java, src/main/java/com/pooli/common/service/UploadServiceImpl.java, src/main/java/com/pooli/common/validator/UploadValidationService*		 User context integration in presigned URL generation; validation now enforces file count limits (3 files max) with admin bypass; ownership validation for upload requests.
Notification & Alarm System
src/main/java/com/pooli/notification/domain/*, src/main/java/com/pooli/notification/controller/*, src/main/java/com/pooli/notification/service/*, src/main/java/com/pooli/notification/mapper/*, src/main/java/com/pooli/notification/exception/NotificationErrorCode.java		 Complete refactor: replaced user-centric to line-centric alarm storage; new AlarmCode enum (FAMILY, USER, POLICY_CHANGE, POLICY_LIMIT, PERMISSION, QUESTION, OTHERS); centralized alarm setting management with per-type enable/disable; paginated history retrieval with unread counts; single unified update endpoint replacing multiple specific ones.
Permission System Refactor
src/main/java/com/pooli/permission/controller/*, src/main/java/com/pooli/permission/service/*, src/main/java/com/pooli/permission/domain/dto/*, src/main/java/com/pooli/permission/mapper/*, src/main/java/com/pooli/permission/exception/PermissionErrorCode.java		 New member permission bulk operations with family ownership validation; enhanced role transfer with security context update; permission CRUD with duplicate prevention; line-family mapping validation; ownership checks throughout.
Policy Management
src/main/java/com/pooli/policy/controller/AdminPolicyController.java, src/main/java/com/pooli/policy/controller/UserPolicyController.java, src/main/java/com/pooli/policy/service/*, src/main/java/com/pooli/policy/domain/dto/request/Admin*.java, src/main/java/com/pooli/policy/domain/dto/response/Admin*.java, src/main/java/com/pooli/policy/mapper/Admin*.java		 New admin policy management layer for CRUD and activation toggling; separated admin and user policy controllers; added policy categories; user policy service for repeat/immediate/limit policies; dynamic error code handling for inactive/conflicting policies.
Question & Answer Module
src/main/java/com/pooli/question/controller/*, src/main/java/com/pooli/question/service/*, src/main/java/com/pooli/question/domain/dto/*, src/main/java/com/pooli/question/mapper/*, src/main/java/com/pooli/question/exception/AnswerErrorCode.java		 New answer creation/deletion with attachment support; question categorization and listing with pagination; validation service for paging, ownership, and attachment limits (max 3); admin answer creation endpoint; attachment DTO refactor.
Data Access & Mappers
src/main/java/com/pooli/line/mapper/LineMapper.java, src/main/java/com/pooli/user/mapper/UserMapper.java, src/main/resources/mapper/*		 New and enhanced MyBatis mappers for line ownership, user roles, permission lines, notification targets, repeat blocks, immediate blocks, policies, questions, answers with comprehensive XML mappings; soft-delete semantics throughout.
Database Configuration
build.gradle, src/main/resources/application*.yml, src/main/resources/db/migration/V*		 Added spring-boot-starter-validation dependency; AWS S3 region updated to ap-northeast-2; schema migrations for alarm history refactor with new line_id FK and expanded enum values.

Sequence Diagram(s)

sequenceDiagram
    participant User as User/Client
    participant AC as AuthController
    participant AM as AuthenticationManager
    participant SCR as SecurityContextRepository
    participant CTR as CsrfTokenRepository
    participant SC as SecurityContext

    User->>AC: POST /api/auth/user/login (credentials)
    AC->>AM: authenticate(credentials)
    AM-->>AC: Authentication result
    alt Authentication Success
        AC->>AC: Sanitize user details (remove password)
        AC->>SCR: Save context with sanitized principal
        AC->>CTR: Generate & save CSRF token
        AC-->>User: 200 OK + Set-Cookie (JSESSIONID, XSRF-TOKEN)
    else Authentication Failure
        AC-->>User: 401 Unauthorized
    end

    User->>AC: POST /api/auth/admin/login (credentials)
    AC->>AM: authenticate(credentials)
    alt Admin Role Check Fails
        AC-->>User: 403 Forbidden (role denied)
    else Admin Role Present
        AC->>SCR: Save context
        AC->>CTR: Generate CSRF token
        AC-->>User: 200 OK
    end

    User->>AC: POST /api/auth/logout
    AC->>SCR: Clear context
    AC->>CTR: Reset token
    AC-->>User: 200 OK + Clear cookies
Loading 
sequenceDiagram
    participant Admin as Admin User
    participant NSC as NotiSendController
    participant AHS as AlarmHistoryService
    participant AHM as AlarmHistoryMapper
    participant NLM as NotificationLineMapper
    participant DB as Database

    Admin->>NSC: POST /api/notifications (NotiSendReqDto)
    NSC->>NSC: `@PreAuthorize` check (admin only)
    NSC->>AHS: sendNotification(request)
    AHS->>AHS: Validate targetType vs lineIds
    alt DIRECT target
        AHS->>AHS: Use provided lineIds
    else ALL target
        AHS->>NLM: findAllLineIds()
        NLM->>DB: SELECT line_id WHERE deleted_at IS NULL
    else OWNER/MEMBER target
        AHS->>NLM: findLineIdsByRole(role)
        NLM->>DB: JOIN family_line WHERE role = ?
    end
    AHS->>AHS: Validate target lines exist
    AHS->>AHS: Build JSON payload (type=NOTIFICATION)
    AHS->>AHM: insertNotificationAlarms(lineIds, code, payload)
    AHM->>DB: INSERT INTO ALARM_HISTORY (bulk)
    AHS-->>NSC: Success
    NSC-->>Admin: 201 Created
Loading

Estimated Code Review Effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly Related PRs

  • Feat/225 swagger permission seunghyun #18: Overlapping modifications to permission controllers, DTOs, and member permission management structures with code-level dependencies on role transfer and permission validation logic.
  • Feat/180 domain user minsu #26: Shared changes across notification/permission/policy controllers and their associated service implementations, indicating parallel feature development in overlapping domains.

Suggested Labels

refactor, authentication, authorization, feature

Suggested Reviewers

  • Iwantcod
  • hyuuuun

Poem

🐰 A rabbit hops through auth's new gate,
With roles and tokens, crisp and straight,
Alarms now ring for every line,
Permissions set, a grand design,
Security springs into place so fine!

✨ Finishing Touches
  • 📝 Generate docstrings (stacked PR)
  • 📝 Generate docstrings (commit on current branch)
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch test/429-policy-misu

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Mar 4, 2026

정책 위반: main에는 dev에서만 PR이 가능합니다. 이 PR은 자동으로 닫습니다.

@Misu0616 Misu0616 deleted the test/429-policy-misu branch March 11, 2026 01:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Iwantcod Iwantcod Awaiting requested review from Iwantcod

Assignees

@Misu0616 Misu0616

Labels

test 테스트

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@Misu0616 @hyeonRS @hyuuuun @Iwantcod @ms-0o0 @pjh813