Merge branch 'develop' into feature/backend/#152

osamhack2021 · Oct 10, 2021 · b4d14df · b4d14df
2 parents d13e65c + 240812f
commit b4d14df
Show file tree

Hide file tree

Showing 9 changed files with 77 additions and 76 deletions.
diff --git a/backend/controllers/authController.js b/backend/controllers/authController.js
@@ -1,41 +1,44 @@
+
 const authService = require('../services/authService.js');
 const userService = require('../services/userService.js');
 
 module.exports = {
-  async login(req, res) {
-    try {
-      const { user, token } = await authService.login(req.body);
-      const projection = {
-        _id: true,
-        serviceNumber: true,
-        password: true,
-        name: true,
-        rank: true,
-        title: true,
-        status: true,
-        group: true,
-        email: true,
-        tel: true,
-        lastLogin: true,
-        firstLogin: true,
-        bookmarks: true,
-        subscriptions: true,
-      };
-      res.cookie('jwt', token);
-      res.status(200).send({
-        result: 'OK',
-        user,
-        token,
-      });
-    } catch (err) {
-      res.status(err.status || 500).send(err.message);
-    }
-  },
+    login: async function(req, res) {
+        try {
+            const token = await authService.login(req.body);
+            const projection = {
+                _id:true,
+                serviceNumber: true,
+                name:true,
+                rank:true,
+                title:true,
+                status:true,
+                group: true,
+                email:true,
+                tel: true,
+                lastLogin:true,
+                firstLogin:true,
+                bookmarks:true,
+                subscriptions:true
+              };
+            const user = await userService.findOne({serviceNumber:req.body.serviceNumber}, projection);
+
+            res.cookie('jwt', token);
+            res.status(200).send({
+                result: 'OK',
+                user,
+                token
+            });
 
-  async logout(req, res) {
-    res.cookie('jwt', '');
-    res.status(200).send({
-      result: 'OK',
-    });
-  },
-};
+        } catch(err) {
+            res.status(err.status || 500).send(err.message);
+        }
+    },
+
+    logout: async function(req, res) {
+        res.cookie('jwt', '');
+        res.status(200).send({
+            result: 'OK',
+        });
+    }
+}
diff --git a/backend/controllers/groupController.js b/backend/controllers/groupController.js
@@ -13,12 +13,12 @@ module.exports = {
             // Only allowed fields are Searchable
             for(let key of keys) {
                 if(!valids.includes(key))
-                    throw new BusinessError(`${key} is not allowed param`);
+                    throw new BusinessError(`Invalid: ${key}로는 검색할 수 없습니다!`);
             }
 
             const result = await groupService.search(req.query);
 
-            if(result.length < 1) throw new NotFoundError(`Not Found: No results were found for your search`);
+            if(result.length < 1) throw new NotFoundError(`NotFound: 검색결과가 없습니다.`);
 
             res.status(200).send(result);
         } catch(err) {
@@ -33,7 +33,7 @@ module.exports = {
 
             const result = await groupService.read({ _id: group_id });
 
-            if(result === null) throw new NotFoundError(`Not Found: No result is found for group_id: ${group_id}`);
+            if(result === null) throw new NotFoundError(`NotFound: 검색결과가 없습니다.`);
 
             res.status(200).send(result);
         } catch(err) {
@@ -70,10 +70,10 @@ module.exports = {
             const group = await groupService.read({ _id: group_id }, projection);
 
             // Invalid group_id
-            if(group === null) throw new NotFoundError(`Not Found: No result is found for group_id: ${group_id}`);
+            if(group === null) throw new NotFoundError(`NotFound: 검색결과가 없습니다.`);
 
             // Admin check
-            if(!group.admins.some(admin => admin.equals(res.locals._id))) throw new ForbiddenError(`Forbidden: You are not admin of this group`);
+            if(!group.admins.some(admin => admin.equals(res.locals._id))) throw new ForbiddenError(`Forbidden: 그룹의 관리자만 수정할 수 있습니다.`);
 
             await groupService.update(group_id, req.body);
 
@@ -90,7 +90,7 @@ module.exports = {
 
             let result = await groupService.delete(group_id);
 
-            if(result === null) throw new NotFoundError(`Not Found: No result is found for group_id: ${group_id}`);
+            if(result === null) throw new NotFoundError(`Not Found: 검색결과가 없습니다.`);
 
             res.status(204).send();
         } catch(err) {

diff --git a/backend/controllers/itemController.js b/backend/controllers/itemController.js
@@ -16,12 +16,12 @@ module.exports = {
             // Only allowed fields are Searchable
             for(let key of keys) {
                 if(!valids.includes(key))
-                    throw new BusinessError(`${key} is not allowed param`);
+                    throw new BusinessError(`Invalid: ${key}로는 검색할 수 없습니다!`);
             }            
 
             const result = await itemService.search(req.query);
 
-            if(result.length < 1) throw new NotFoundError(`Not Found: No results were found for your search`);
+            if(result.length < 1) throw new NotFoundError(`Not Found: 검색결과가 없습니다.`);
 
             res.status(200).send(result);
 
@@ -39,7 +39,7 @@ module.exports = {
                 filters: `status:"modified" AND NOT accessGroups.read:"${res.locals.group}"`
             });
 
-            if(result.hits.length < 1) throw new NotFoundError('Not Found');
+            if(result.hits.length < 1) throw new NotFoundError(`NotFound: 검색결과가 없습니다.`);
 
             res.status(200).send(result.hits);
         } catch(err) {
@@ -54,12 +54,12 @@ module.exports = {
 
             const item = await itemService.read({ _id: item_id });
 
-            if(item === null) throw new NotFoundError(`Not Found: No result is found for item_id: ${item_id}`);
+            if(item === null) throw new NotFoundError(`NotFound: 검색결과가 없습니다.`);
 
             // Check session's read authority
             const user = await userService.findOne({ serviceNumber: res.locals.serviceNumber });
             if(!item.accessGroups.read.some(i => i.equals(user.group)))
-                throw new ForbiddenError(`Forbidden: You are not in readable group`);
+                throw new ForbiddenError(`Forbidden: 읽기 권한이 없습니다.`);
 
             res.status(200).send(item);
         } catch(err) {
@@ -110,11 +110,11 @@ module.exports = {
 
             let item = await itemService.read({ _id: item_id }, { populate: false });
 
-            if(item === null) throw new NotFoundError(`Not Found: No result is found for item_id: ${item_id}`);
+            if(item === null) throw new NotFoundError(`Not Found: 검색 결과가 없습니다.`);
 
             // Check session's edit authority
             if(!item.accessGroups.edit.some(i => i.equals(res.locals.group)))
-                throw new ForbiddenError(`Forbidden: You are not in editable group`);
+                throw new ForbiddenError(`Forbidden: 수정 권한이 없습니다.`);
 
             // Append Contributor
             item = Object.assign(item, { contributors: [...item.contributors, res.locals._id] });
@@ -140,8 +140,7 @@ module.exports = {
             let item = await itemService.read({ _id: item_id }, { populate: false });
 
             if(item === null)
-                throw new NotFoundError(`Not Found: No result is found for item_id: ${item_id}`);
-
+                throw new NotFoundError(`Not Found: 검색 결과가 없습니다.`);
 
             // Algolia
             await algolia.deleteObject(item_id);

diff --git a/backend/controllers/userController.js b/backend/controllers/userController.js
@@ -10,7 +10,7 @@ module.exports = {
          // Only allowed fields are Searchable
         for(let key of keys) {
             if(!valids.includes(key))
-                throw new BusinessError(`${key} is not allowed param`);
+                throw new BusinessError(`${key} 는 검색할 수는 없는 속성입니다.`);
         }
 
 
@@ -71,7 +71,7 @@ module.exports = {
              // Only allowed fields are Searchable
             for(let key of keys) {
                 if(!valids.includes(key))
-                    throw new BusinessError(`${key} is not allowed param`);
+                    throw new BusinessError(`${key} 는 User에 존재하지 않거나, 변경할 수 없는 속성입니다`);
             }
 
             await authService.editUserAuth(res.locals._id.toString(),req.params.id);

diff --git a/backend/models/User.js b/backend/models/User.js
@@ -16,6 +16,7 @@ const userSchema = mongoose.Schema({
         military: { type: String },
         mobile: { type: String }
     },
+    profileImageUrl: { type: String },
     lastLogin: { type: Date },
     firstLogin: { type: Date },
     bookmarks: [{ type: Types.ObjectId, ref: 'Item' }],

diff --git a/backend/routes/api/jwt.js b/backend/routes/api/jwt.js
@@ -16,7 +16,6 @@ router.all('', (req, res, next) => {
 
         next();
     } catch(err) {
-        console.log(err);
         res.status(err.status).send(err.message);
     }
 });
@@ -31,7 +30,6 @@ router.all('/admin/*', (req, res, next) => {
 
         next();
     } catch(err) {
-        console.log(err);
         res.status(err.status).send(err.message);
     }
 });

diff --git a/backend/services/authService.js b/backend/services/authService.js
@@ -22,7 +22,7 @@ function decodeToken(token) {
 
     return decoded;
   } catch (err) {
-    throw new ForbiddenError(err.message);
+    throw new ForbiddenError('로그인이 필요한 서비스입니다.');
   }
 }
 
@@ -108,13 +108,13 @@ module.exports = {
 				 {_id:true, serviceNumber: true, password:true, group:true, status: true})
             .catch(err => {
                 if(err instanceof TypeError) {
-                    throw new AuthError("LOGIN fail");
+                    throw new AuthError("로그인에 실패했습니다.");
                 }
-                throw new RuntimeError(err.message);
+                throw new RuntimeError('로그인에 실패했습니다.');
             });
 
 		if(loginUser === null|| loginUser.password !== params.password) {
-			throw new AuthError('LOGIN fail');
+			throw new AuthError('로그인에 실패했습니다.');
 		}
 
 		const token = jwt.sign({
@@ -138,7 +138,7 @@ module.exports = {
 
 		const isAd = await isAdmin(decode._id).catch(err => {throw err});
 		if(!isAd) {
-			throw new ForbiddenError('not have access');
+			throw new ForbiddenError('접근 권한이 존재하지 않습니다');
 		}
 		return isAd;	
 	},
@@ -150,7 +150,7 @@ module.exports = {
 
 		if(!isSelf(loginUserId, targetUserId) &&
 			!results.includes(true)) {
-			throw new ForbiddenError('not have access');
+			throw new ForbiddenError('접근 권한이 존재하지 않습니다');
 		}
 
 		return true;
@@ -162,7 +162,7 @@ module.exports = {
 				.catch(err =>{throw err});
 
 		if(!results.includes(true)) {
-			throw new ForbiddenError('not have access');
+			throw new ForbiddenError('접근 권한이 존재하지 않습니다');
 		}
 
 		return true;
@@ -185,7 +185,7 @@ module.exports = {
 		const results = await Promise.all([isGroupManager(loginUserId, targetGroupId), isAdmin(loginUserId)])
 				.catch(err =>{throw err});
 		if(!results.includes(true)){
-			throw new ForbiddenError('not have access');
+			throw new ForbiddenError('접근 권한이 존재하지 않습니다');
 		}
 
 		return true;
@@ -196,7 +196,7 @@ module.exports = {
 		const results = await Promise.all([isItemEditor(loginUserId, targetItemId), isAdmin(loginUserId)])
 				.catch(err =>{throw err});
 		if(!results.includes(true)){
-			throw new ForbiddenError('not have access');
+			throw new ForbiddenError('접근 권한이 존재하지 않습니다');
 		}
 
 		return true;
@@ -206,7 +206,7 @@ module.exports = {
 		const results = await Promise.all([isItemReader(loginUserId, targetItemId), isAdmin(loginUserId)])
 					.catch(err =>{throw err});
 		if(!results){
-			throw new ForbiddenError('not have access');
+			throw new ForbiddenError('접근 권한이 존재하지 않습니다');
 		}
 
 		return true;

diff --git a/backend/services/itemService.js b/backend/services/itemService.js
@@ -1,5 +1,5 @@
 const Item = require('../models/Item.js');
-const { BusinessError } = require('./errors/BusinessError.js');
+const { RuntimeError } = require('./errors/RuntimeError.js');
 
 const LIMIT = 20;
 
@@ -49,7 +49,7 @@ module.exports = {
             return await query_.exec();
 
         } catch(err) {
-            throw new BusinessError(err.message);
+            throw new RuntimeError(err.message);
         }
     },
 
@@ -72,7 +72,7 @@ module.exports = {
 
             return await query.exec();
         } catch(err) {
-            throw new BusinessError(err.message);
+            throw new RuntimeError(err.message);
         }
     },
 
@@ -81,7 +81,7 @@ module.exports = {
             const result = await Item.create(payload);
             return result;
         } catch(err) {
-            throw new BusinessError(err.message);
+            throw new RuntimeError(err.message);
         }
     },
 
@@ -107,15 +107,15 @@ module.exports = {
             return result;
 
         } catch(err) {
-            throw new BusinessError(err.message);
+            throw new RuntimeError(err.message);
         }
     },
 
     delete: async (_id) => {
         try {
             return Item.findOneAndDelete({ _id });
         } catch(err) {
-            throw new BusinessError(err.message);
+            throw new RuntimeError(err.message);
         }
     }
 };