공유페이지 url로 조회 api 수정 완료 (#213)

* modify : SpaceWallController의 findByShareURL 메서드 헤더에 토큰 추가 (#212)

- required = false 설정으로 비회원일 경우에도 url로 공유페이지에 접속 가능하도록 함

* modify : SpaceWallFindService에서 token의 유무와 본인페이지 여부에 따른 로직 추가 (#212)

src/main/java/com/javajober/spaceWall/controller/SpaceWallController.java

@@ -83,13 +83,12 @@ public ResponseEntity<ApiResponse.Response<SpaceWallResponse>> findPending(
     }
 
     @GetMapping("/wall/{shareURL}")
-    public ResponseEntity<ApiResponse.Response<SpaceWallResponse>> findByShareURL(@PathVariable final String shareURL) {
-
-        SpaceWallResponse data = spaceWallFindService.findByShareURL(shareURL);
+    public ResponseEntity<ApiResponse.Response<SpaceWallResponse>> findByShareURL(
+            @PathVariable final String shareURL, @RequestHeader(value = "Authorization", required = false) String token) {
 
+        SpaceWallResponse data = spaceWallFindService.findByShareURL(shareURL, token, jwtTokenizer);
         return ApiResponse.response(ApiStatus.OK, "공유페이지 조회를 성공했습니다.", data);
     }
-
     @GetMapping("/wall/has-duplicate/{shareURL}")
     public ResponseEntity<ApiResponse.Response<DuplicateURLResponse>> hasDuplicateShareURL (@PathVariable final String shareURL) {
 

src/main/java/com/javajober/spaceWall/service/SpaceWallFindService.java

@@ -4,6 +4,7 @@
 
 import com.javajober.core.exception.ApiStatus;
 import com.javajober.core.exception.ApplicationException;
+import com.javajober.core.security.JwtTokenizer;
 import com.javajober.core.util.response.CommonResponse;
 import com.javajober.spaceWall.domain.BlockType;
 import com.javajober.spaceWall.domain.FlagType;
@@ -32,8 +33,8 @@ public class SpaceWallFindService {
     private final BlockStrategyFactory blockStrategyFactory;
     private final BlockJsonProcessor jsonProcessor;
 
-    public SpaceWallFindService(final SpaceWallRepository spaceWallRepository,
-                                final BlockStrategyFactory blockStrategyFactory, final BlockJsonProcessor jsonProcessor) {
+    public SpaceWallFindService(final SpaceWallRepository spaceWallRepository, final BlockStrategyFactory blockStrategyFactory,
+                                final BlockJsonProcessor jsonProcessor) {
 
         this.spaceWallRepository = spaceWallRepository;
         this.blockStrategyFactory = blockStrategyFactory;
@@ -46,19 +47,31 @@ public DuplicateURLResponse hasDuplicateShareURL(final String shareURL) {
     }
 
     @Transactional
-    public SpaceWallResponse findByShareURL(final String shareURL) {
-
+    public SpaceWallResponse findByShareURL(final String shareURL, final String token, final JwtTokenizer jwtTokenizer) {
         SpaceWall spaceWall = spaceWallRepository.getByShareURL(shareURL);
-        if (!spaceWall.getIsPublic()) {
-            throw new ApplicationException(ApiStatus.FORBIDDEN, "공유페이지에 접근 권한이 없습니다.");
-        }
+        checkToken(token, jwtTokenizer, spaceWall);
+
         Long memberId = spaceWall.getMember().getId();
         Long spaceId = spaceWall.getAddSpace().getId();
         Long spaceWallId = spaceWall.getId();
 
         return find(memberId, spaceId, spaceWallId, FlagType.SAVED);
     }
 
+    private void checkToken(final String token, final JwtTokenizer jwtTokenizer, final SpaceWall spaceWall) {
+        if (token == null) {
+            if (!spaceWall.getIsPublic()) {
+                throw new ApplicationException(ApiStatus.FORBIDDEN, "공유페이지에 접근 권한이 없습니다.");
+            }
+            return;
+        }
+        Long memberIdFromToken = jwtTokenizer.getUserIdFromToken(token);
+        Long memberIdFromSpaceWall = spaceWall.getMember().getId();
+        if ((!Objects.equals(memberIdFromToken, memberIdFromSpaceWall)) && !spaceWall.getIsPublic()) {
+            throw new ApplicationException(ApiStatus.FORBIDDEN, "공유페이지에 접근 권한이 없습니다.");
+        }
+    }
+
     @Transactional
     public SpaceWallResponse find(final Long memberId, final Long spaceId, final Long spaceWallId, final FlagType flag) {
         SpaceWall spaceWall = spaceWallRepository.findSpaceWall(spaceWallId, spaceId, memberId, flag);