[BE] Feat/#378 Admin API 구현 (#405)

* feat: 전체 회원 조회 기능 구현

* feat: 회원 삭제(탈퇴) 기능 구현

* feat: 회원 삭제(탈퇴)시 Pin/Topic Soft-deleting 구현

* refactor: Admin DTO 분리

* feat: Member 상세 정보 조회 기능 구현

* feat: Topic 삭제 및 이미지 삭제 기능 구현

* feat: Pin 삭제 및 이미지 삭제 기능 구현

* feat: Admin API 구현

* refactor: Member 상태(차단, 탈퇴 등) 필드에 따른 로그인 로직 수정

* refactor: @SqlDelete 삭제 및 JPQL 대체

* feat: AdminInterceptor 구현

* test: Repository soft-deleting 테스트 구현

* test: AdminQueryService 테스트 구현

* test: AdminCommandService 테스트 구현

* test: AdminController Restdocs 테스트 구현

* test: AdminInterceptor Mocking

* test: 통합 테스트 구현

* refactor: 오탈자 수정

* refactor: Auth 관련 예외 클래스 추가

* refactor: 불필요한 메서드 제거

* refactor: findMemberById 예외 수정

* test: GithubActions 실패 테스트 수정

* refactor: isAdmin() 메서드 추가

* refactor: 회원 삭제(탈퇴)시, 추가 정보(즐겨찾기 등) 삭제

backend/src/docs/asciidoc/admin.adoc

@@ -0,0 +1,29 @@
+== 관리자 기능
+
+=== 전체 회원 조회
+
+operation::admin-controller-test/find-all-member-details[snippets='http-request,http-response']
+
+=== 회원 상세 조회
+
+operation::admin-controller-test/find-member[snippets='http-request,http-response']
+
+=== 회원 차단(삭제)
+
+operation::admin-controller-test/delete-member[snippets='http-request,http-response']
+
+=== 토픽 삭제
+
+operation::admin-controller-test/delete-topic[snippets='http-request,http-response']
+
+=== 토픽 이미지 삭제
+
+operation::admin-controller-test/delete-topic-image[snippets='http-request,http-response']
+
+=== 핀 삭제
+
+operation::admin-controller-test/delete-pin[snippets='http-request,http-response']
+
+=== 핀 이미지 삭제
+
+operation::admin-controller-test/delete-pin-image[snippets='http-request,http-response']

backend/src/docs/asciidoc/index.adoc

@@ -15,3 +15,4 @@ include::member.adoc[]
 include::permission.adoc[]
 include::oauth.adoc[]
 include::bookmark.adoc[]
+include::admin.adoc[]

backend/src/main/java/com/mapbefine/mapbefine/admin/application/AdminCommandService.java

@@ -0,0 +1,127 @@
+package com.mapbefine.mapbefine.admin.application;
+
+import static com.mapbefine.mapbefine.permission.exception.PermissionErrorCode.PERMISSION_FORBIDDEN_BY_NOT_ADMIN;
+import static com.mapbefine.mapbefine.topic.exception.TopicErrorCode.TOPIC_NOT_FOUND;
+
+import com.mapbefine.mapbefine.atlas.domain.AtlasRepository;
+import com.mapbefine.mapbefine.auth.domain.AuthMember;
+import com.mapbefine.mapbefine.bookmark.domain.BookmarkRepository;
+import com.mapbefine.mapbefine.member.domain.Member;
+import com.mapbefine.mapbefine.member.domain.MemberRepository;
+import com.mapbefine.mapbefine.member.domain.Role;
+import com.mapbefine.mapbefine.member.domain.Status;
+import com.mapbefine.mapbefine.permission.domain.PermissionRepository;
+import com.mapbefine.mapbefine.permission.exception.PermissionException.PermissionForbiddenException;
+import com.mapbefine.mapbefine.pin.domain.Pin;
+import com.mapbefine.mapbefine.pin.domain.PinImageRepository;
+import com.mapbefine.mapbefine.pin.domain.PinRepository;
+import com.mapbefine.mapbefine.topic.domain.Topic;
+import com.mapbefine.mapbefine.topic.domain.TopicRepository;
+import com.mapbefine.mapbefine.topic.exception.TopicException;
+import java.util.List;
+import java.util.NoSuchElementException;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+@Transactional
+public class AdminCommandService {
+
+    private final MemberRepository memberRepository;
+    private final TopicRepository topicRepository;
+    private final PinRepository pinRepository;
+    private final PinImageRepository pinImageRepository;
+    private final PermissionRepository permissionRepository;
+    private final AtlasRepository atlasRepository;
+    private final BookmarkRepository bookmarkRepository;
+
+    public AdminCommandService(
+            MemberRepository memberRepository,
+            TopicRepository topicRepository,
+            PinRepository pinRepository,
+            PinImageRepository pinImageRepository,
+            PermissionRepository permissionRepository,
+            AtlasRepository atlasRepository,
+            BookmarkRepository bookmarkRepository
+    ) {
+        this.memberRepository = memberRepository;
+        this.topicRepository = topicRepository;
+        this.pinRepository = pinRepository;
+        this.pinImageRepository = pinImageRepository;
+        this.permissionRepository = permissionRepository;
+        this.atlasRepository = atlasRepository;
+        this.bookmarkRepository = bookmarkRepository;
+    }
+
+    public void blockMember(AuthMember authMember, Long memberId) {
+        validateAdminPermission(authMember);
+
+        Member member = findMemberById(memberId);
+        member.updateStatus(Status.BLOCKED);
+
+        deleteAllRelatedMember(member);
+    }
+
+    private void deleteAllRelatedMember(Member member) {
+        List<Long> pinIds = extractPinIdsByMember(member);
+        Long memberId = member.getId();
+
+        pinImageRepository.deleteAllByPinIds(pinIds);
+        topicRepository.deleteAllByMemberId(memberId);
+        pinRepository.deleteAllByMemberId(memberId);
+        permissionRepository.deleteAllByMemberId(memberId);
+        atlasRepository.deleteAllByMemberId(memberId);
+        bookmarkRepository.deleteAllByMemberId(memberId);
+    }
+
+    private Member findMemberById(Long id) {
+        return memberRepository.findById(id)
+                .orElseThrow(() -> new NoSuchElementException("findMemberByAuthMember; member not found; id=" + id));
+    }
+
+    private void validateAdminPermission(AuthMember authMember) {
+        if (authMember.isRole(Role.ADMIN)) {
+            return;
+        }
+
+        throw new PermissionForbiddenException(PERMISSION_FORBIDDEN_BY_NOT_ADMIN);
+    }
+
+    private List<Long> extractPinIdsByMember(Member member) {
+        return member.getCreatedPins()
+                .stream()
+                .map(Pin::getId)
+                .toList();
+    }
+
+    public void deleteTopic(AuthMember authMember, Long topicId) {
+        validateAdminPermission(authMember);
+
+        topicRepository.deleteById(topicId);
+    }
+
+    public void deleteTopicImage(AuthMember authMember, Long topicId) {
+        validateAdminPermission(authMember);
+
+        Topic topic = findTopicById(topicId);
+        topic.removeImage();
+    }
+
+    private Topic findTopicById(Long topicId) {
+        return topicRepository.findById(topicId)
+                .orElseThrow(() -> new TopicException.TopicNotFoundException(TOPIC_NOT_FOUND, List.of(topicId)));
+    }
+
+    public void deletePin(AuthMember authMember, Long pinId) {
+        validateAdminPermission(authMember);
+
+        pinRepository.deleteById(pinId);
+    }
+
+    public void deletePinImage(AuthMember authMember, Long pinImageId) {
+        validateAdminPermission(authMember);
+
+        pinImageRepository.deleteById(pinImageId);
+    }
+
+}

backend/src/main/java/com/mapbefine/mapbefine/admin/application/AdminQueryService.java

@@ -0,0 +1,61 @@
+package com.mapbefine.mapbefine.admin.application;
+
+import com.mapbefine.mapbefine.admin.dto.AdminMemberDetailResponse;
+import com.mapbefine.mapbefine.admin.dto.AdminMemberResponse;
+import com.mapbefine.mapbefine.auth.domain.AuthMember;
+import com.mapbefine.mapbefine.member.domain.Member;
+import com.mapbefine.mapbefine.member.domain.MemberRepository;
+import com.mapbefine.mapbefine.member.domain.Role;
+import com.mapbefine.mapbefine.permission.exception.PermissionErrorCode;
+import com.mapbefine.mapbefine.permission.exception.PermissionException.PermissionForbiddenException;
+import com.mapbefine.mapbefine.pin.domain.Pin;
+import com.mapbefine.mapbefine.topic.domain.Topic;
+import java.util.List;
+import java.util.NoSuchElementException;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+@Transactional(readOnly = true)
+public class AdminQueryService {
+
+    private final MemberRepository memberRepository;
+
+    public AdminQueryService(MemberRepository memberRepository) {
+        this.memberRepository = memberRepository;
+    }
+
+    public List<AdminMemberResponse> findAllMemberDetails(AuthMember authMember) {
+        validateAdminPermission(authMember);
+
+        List<Member> members = memberRepository.findAllByMemberInfoRole(Role.USER);
+
+        return members.stream()
+                .map(AdminMemberResponse::from)
+                .toList();
+    }
+
+    private Member findMemberById(Long id) {
+        return memberRepository.findById(id)
+                .orElseThrow(() -> new NoSuchElementException("findMemberByAuthMember; member not found; id=" + id));
+    }
+
+    private void validateAdminPermission(AuthMember authMember) {
+        if (authMember.isRole(Role.ADMIN)) {
+            return;
+        }
+
+        throw new PermissionForbiddenException(PermissionErrorCode.PERMISSION_FORBIDDEN_BY_NOT_ADMIN);
+    }
+
+    public AdminMemberDetailResponse findMemberDetail(AuthMember authMember, Long memberId) {
+        validateAdminPermission(authMember);
+
+        Member findMember = findMemberById(memberId);
+        List<Topic> topics = findMember.getCreatedTopics();
+        List<Pin> pins = findMember.getCreatedPins();
+
+        return AdminMemberDetailResponse.of(findMember, topics, pins);
+    }
+
+}

backend/src/main/java/com/mapbefine/mapbefine/admin/dto/AdminMemberDetailResponse.java

@@ -0,0 +1,48 @@
+package com.mapbefine.mapbefine.admin.dto;
+
+import com.mapbefine.mapbefine.member.domain.Member;
+import com.mapbefine.mapbefine.member.domain.MemberInfo;
+import com.mapbefine.mapbefine.pin.domain.Pin;
+import com.mapbefine.mapbefine.pin.dto.response.PinResponse;
+import com.mapbefine.mapbefine.topic.domain.Topic;
+import com.mapbefine.mapbefine.topic.dto.response.TopicResponse;
+import java.time.LocalDateTime;
+import java.util.List;
+
+public record AdminMemberDetailResponse(
+        Long id,
+        String nickName,
+        String email,
+        String imageUrl,
+        List<TopicResponse> topics,
+        List<PinResponse> pins,
+        LocalDateTime updatedAt
+) {
+
+    // TODO: 2023/09/12 topics, pins 모두 member를 통해 얻어올 수 있다. Service에서 꺼내서 넘겨줄 것인가 ? 아니면 DTO에서 꺼내올 것인가 ?
+    public static AdminMemberDetailResponse of(
+            Member member,
+            List<Topic> topics,
+            List<Pin> pins
+    ) {
+        MemberInfo memberInfo = member.getMemberInfo();
+        List<TopicResponse> topicResponses = topics.stream()
+                .map(TopicResponse::fromGuestQuery)
+                .toList();
+        List<PinResponse> pinResponses = pins.stream()
+                .map(PinResponse::from)
+                .toList();
+
+        return new AdminMemberDetailResponse(
+                member.getId(),
+                memberInfo.getNickName(),
+                memberInfo.getEmail(),
+                memberInfo.getImageUrl(),
+                topicResponses,
+                pinResponses,
+                member.getUpdatedAt()
+        );
+    }
+
+
+}

backend/src/main/java/com/mapbefine/mapbefine/admin/dto/AdminMemberResponse.java

@@ -0,0 +1,27 @@
+package com.mapbefine.mapbefine.admin.dto;
+
+import com.mapbefine.mapbefine.member.domain.Member;
+import com.mapbefine.mapbefine.member.domain.MemberInfo;
+import java.time.LocalDateTime;
+
+public record AdminMemberResponse(
+        Long id,
+        String nickName,
+        String email,
+        String imageUrl,
+        LocalDateTime updatedAt
+) {
+
+    public static AdminMemberResponse from(Member member) {
+        MemberInfo memberInfo = member.getMemberInfo();
+
+        return new AdminMemberResponse(
+                member.getId(),
+                memberInfo.getNickName(),
+                memberInfo.getEmail(),
+                memberInfo.getImageUrl(),
+                member.getUpdatedAt()
+        );
+    }
+
+}

backend/src/main/java/com/mapbefine/mapbefine/admin/presentation/AdminController.java

@@ -0,0 +1,78 @@
+package com.mapbefine.mapbefine.admin.presentation;
+
+import com.mapbefine.mapbefine.admin.application.AdminCommandService;
+import com.mapbefine.mapbefine.admin.application.AdminQueryService;
+import com.mapbefine.mapbefine.admin.dto.AdminMemberDetailResponse;
+import com.mapbefine.mapbefine.admin.dto.AdminMemberResponse;
+import com.mapbefine.mapbefine.auth.domain.AuthMember;
+import java.util.List;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/admin")
+public class AdminController {
+
+    private final AdminQueryService adminQueryService;
+    private final AdminCommandService adminCommandService;
+
+
+    public AdminController(AdminQueryService adminQueryService, AdminCommandService adminCommandService) {
+        this.adminQueryService = adminQueryService;
+        this.adminCommandService = adminCommandService;
+    }
+
+    @GetMapping("/members")
+    public ResponseEntity<List<AdminMemberResponse>> findAllMembers(AuthMember authMember) {
+        List<AdminMemberResponse> responses = adminQueryService.findAllMemberDetails(authMember);
+
+        return ResponseEntity.ok(responses);
+    }
+
+    @DeleteMapping("/members/{memberId}")
+    public ResponseEntity<Void> deleteMember(AuthMember authMember, @PathVariable Long memberId) {
+        adminCommandService.blockMember(authMember, memberId);
+
+        return ResponseEntity.noContent().build();
+    }
+
+    @GetMapping("/members/{memberId}")
+    public ResponseEntity<AdminMemberDetailResponse> findMember(AuthMember authMember, @PathVariable Long memberId) {
+        AdminMemberDetailResponse response = adminQueryService.findMemberDetail(authMember, memberId);
+
+        return ResponseEntity.ok(response);
+    }
+
+    @DeleteMapping("/topics/{topicId}")
+    public ResponseEntity<Void> deleteTopic(AuthMember authMember, @PathVariable Long topicId) {
+        adminCommandService.deleteTopic(authMember, topicId);
+
+        return ResponseEntity.noContent().build();
+    }
+
+    @DeleteMapping("/topics/{topicId}/images")
+    public ResponseEntity<Void> deleteTopicImage(AuthMember authMember, @PathVariable Long topicId) {
+        adminCommandService.deleteTopicImage(authMember, topicId);
+
+        return ResponseEntity.noContent().build();
+    }
+
+    @DeleteMapping("/pins/{pinId}")
+    public ResponseEntity<Void> deletePin(AuthMember authMember, @PathVariable Long pinId) {
+        adminCommandService.deletePin(authMember, pinId);
+
+        return ResponseEntity.noContent().build();
+    }
+
+    @DeleteMapping("/pins/images/{imageId}")
+    public ResponseEntity<Void> deletePinImage(AuthMember authMember, @PathVariable Long imageId) {
+        adminCommandService.deletePinImage(authMember, imageId);
+
+        return ResponseEntity.noContent().build();
+    }
+
+}

backend/src/main/java/com/mapbefine/mapbefine/atlas/domain/AtlasRepository.java

@@ -10,4 +10,5 @@ public interface AtlasRepository extends JpaRepository<Atlas, Long> {
 
     void deleteByMemberIdAndTopicId(Long memberId, Long topicId);
 
+    void deleteAllByMemberId(Long memberId);
 }