From 4805656eb7c4952a22c1e1de3daad0853b8ffed7 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 3 Mar 2025 16:31:33 +0900
Subject: [PATCH 001/122] =?UTF-8?q?[FIX]=20SecurityContext=EC=97=90?=
 =?UTF-8?q?=EC=84=9C=20=EC=9D=B8=EC=A6=9D=20=EA=B0=9D=EC=B2=B4=20=20?=
 =?UTF-8?q?=ED=83=80=EC=9E=85=20=EB=B6=88=EC=9D=BC=EC=B9=98=20=ED=95=B4?=
 =?UTF-8?q?=EA=B2=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

userId를 Long -> String으로 casting하여 타입이 일관적이지 않았음
---
 .../websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
index 5edf3d16b..134bf9d9e 100644
--- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
@@ -35,7 +35,7 @@ protected void doFilterInternal(@NonNull HttpServletRequest request,
             final JwtValidationType validationResult = jwtUtil.validateJWT(token);
             if (validationResult == VALID_ACCESS) {
                 Long userId = jwtUtil.getUserIdFromJwt(token);
-                UserAuthentication authentication = new UserAuthentication(userId.toString(), null, null);
+                UserAuthentication authentication = new UserAuthentication(userId, null, null);
                 authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
                 SecurityContextHolder.getContext().setAuthentication(authentication);
             } else if (validationResult == EXPIRED_ACCESS) {

From 0cc731ae116428e30bbcfdc933ba6603aa51159f Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 3 Mar 2025 16:36:56 +0900
Subject: [PATCH 002/122] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?=
 =?UTF-8?q?=ED=95=9C=20=EC=A3=BC=EC=84=9D=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/config/jwt/UserAuthentication.java     | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java b/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java
index 79b458893..92f67f42e 100644
--- a/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java
@@ -6,7 +6,6 @@
 
 public class UserAuthentication extends UsernamePasswordAuthenticationToken {
 
-    // 사용자 인증 객체 생성
     public UserAuthentication(Object principal, Object credentials,
                               Collection<? extends GrantedAuthority> authorities) {
         super(principal, credentials, authorities);

From 84fda4f184e7a976c524ff6f8cb53d963c8ca6e5 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 3 Mar 2025 16:37:05 +0900
Subject: [PATCH 003/122] =?UTF-8?q?[STYLE]=20=ED=8C=8C=EC=9D=BC=20?=
 =?UTF-8?q?=EB=81=9D=20=EA=B0=9C=ED=96=89=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/config/jwt/UserAuthentication.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java b/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java
index 92f67f42e..53c1e6188 100644
--- a/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java
@@ -10,4 +10,4 @@ public UserAuthentication(Object principal, Object credentials,
                               Collection<? extends GrantedAuthority> authorities) {
         super(principal, credentials, authorities);
     }
-}
\ No newline at end of file
+}

From c209fe2535d541a135f0c94112f5cee2514cb7c1 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 3 Mar 2025 16:37:37 +0900
Subject: [PATCH 004/122] =?UTF-8?q?[STYLE]=20=EC=BD=94=EB=93=9C=20?=
 =?UTF-8?q?=ED=8F=AC=EB=A7=B7=ED=8C=85?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/config/jwt/UserAuthentication.java   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java b/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java
index 53c1e6188..a2605e437 100644
--- a/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java
@@ -6,7 +6,8 @@
 
 public class UserAuthentication extends UsernamePasswordAuthenticationToken {
 
-    public UserAuthentication(Object principal, Object credentials,
+    public UserAuthentication(Object principal,
+                              Object credentials,
                               Collection<? extends GrantedAuthority> authorities) {
         super(principal, credentials, authorities);
     }

From cfa319f552215eb7db2820e617cc22d35ef17b14 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 3 Mar 2025 16:46:51 +0900
Subject: [PATCH 005/122] =?UTF-8?q?[RENAME]=20JWT=20=EC=9D=B8=EC=A6=9D=20?=
 =?UTF-8?q?=EA=B0=9D=EC=B2=B4=EC=9E=84=EC=9D=84=20=EB=AA=85=ED=99=95?=
 =?UTF-8?q?=ED=95=98=EA=B2=8C=20=ED=95=98=EA=B8=B0=20=EC=9C=84=ED=95=9C=20?=
 =?UTF-8?q?rename?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

from UserAuthentication
to CustomAuthenticationToken
---
 .../config/jwt/CustomAuthenticationToken.java      | 14 ++++++++++++++
 .../config/jwt/JwtAuthenticationFilter.java        |  6 +++---
 .../WSSServer/config/jwt/UserAuthentication.java   | 14 --------------
 .../WSSServer/oauth2/service/AppleService.java     |  8 ++++----
 .../WSSServer/oauth2/service/KakaoService.java     |  8 ++++----
 .../org/websoso/WSSServer/service/AuthService.java |  8 ++++----
 .../org/websoso/WSSServer/service/UserService.java |  6 +++---
 7 files changed, 32 insertions(+), 32 deletions(-)
 create mode 100644 src/main/java/org/websoso/WSSServer/config/jwt/CustomAuthenticationToken.java
 delete mode 100644 src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java

diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/CustomAuthenticationToken.java b/src/main/java/org/websoso/WSSServer/config/jwt/CustomAuthenticationToken.java
new file mode 100644
index 000000000..f4113deda
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/CustomAuthenticationToken.java
@@ -0,0 +1,14 @@
+package org.websoso.WSSServer.config.jwt;
+
+import java.util.Collection;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+
+public class CustomAuthenticationToken extends UsernamePasswordAuthenticationToken {
+
+    public CustomAuthenticationToken(Object principal,
+                                     Object credentials,
+                                     Collection<? extends GrantedAuthority> authorities) {
+        super(principal, credentials, authorities);
+    }
+}
diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
index 134bf9d9e..ff484b17f 100644
--- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
@@ -35,9 +35,9 @@ protected void doFilterInternal(@NonNull HttpServletRequest request,
             final JwtValidationType validationResult = jwtUtil.validateJWT(token);
             if (validationResult == VALID_ACCESS) {
                 Long userId = jwtUtil.getUserIdFromJwt(token);
-                UserAuthentication authentication = new UserAuthentication(userId, null, null);
-                authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
-                SecurityContextHolder.getContext().setAuthentication(authentication);
+                CustomAuthenticationToken customAuthenticationToken = new CustomAuthenticationToken(userId, null, null);
+                customAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+                SecurityContextHolder.getContext().setAuthentication(customAuthenticationToken);
             } else if (validationResult == EXPIRED_ACCESS) {
                 handleExpiredAccessToken(request, response);
                 return;
diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java b/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java
deleted file mode 100644
index a2605e437..000000000
--- a/src/main/java/org/websoso/WSSServer/config/jwt/UserAuthentication.java
+++ /dev/null
@@ -1,14 +0,0 @@
-package org.websoso.WSSServer.config.jwt;
-
-import java.util.Collection;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.GrantedAuthority;
-
-public class UserAuthentication extends UsernamePasswordAuthenticationToken {
-
-    public UserAuthentication(Object principal,
-                              Object credentials,
-                              Collection<? extends GrantedAuthority> authorities) {
-        super(principal, credentials, authorities);
-    }
-}
diff --git a/src/main/java/org/websoso/WSSServer/oauth2/service/AppleService.java b/src/main/java/org/websoso/WSSServer/oauth2/service/AppleService.java
index 8aab4cb92..d72be14bf 100644
--- a/src/main/java/org/websoso/WSSServer/oauth2/service/AppleService.java
+++ b/src/main/java/org/websoso/WSSServer/oauth2/service/AppleService.java
@@ -48,8 +48,8 @@
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.client.RestClient;
+import org.websoso.WSSServer.config.jwt.CustomAuthenticationToken;
 import org.websoso.WSSServer.config.jwt.JwtProvider;
-import org.websoso.WSSServer.config.jwt.UserAuthentication;
 import org.websoso.WSSServer.domain.RefreshToken;
 import org.websoso.WSSServer.domain.User;
 import org.websoso.WSSServer.domain.UserAppleToken;
@@ -284,9 +284,9 @@ private AuthResponse authenticate(String socialId, String email, String nickname
             userAppleTokenRepository.save(UserAppleToken.create(user, appleRefreshToken));
         }
 
-        UserAuthentication userAuthentication = new UserAuthentication(user.getUserId(), null, null);
-        String accessToken = jwtProvider.generateAccessToken(userAuthentication);
-        String refreshToken = jwtProvider.generateRefreshToken(userAuthentication);
+        CustomAuthenticationToken customAuthenticationToken = new CustomAuthenticationToken(user.getUserId(), null, null);
+        String accessToken = jwtProvider.generateAccessToken(customAuthenticationToken);
+        String refreshToken = jwtProvider.generateRefreshToken(customAuthenticationToken);
 
         refreshTokenRepository.save(new RefreshToken(refreshToken, user.getUserId()));
 
diff --git a/src/main/java/org/websoso/WSSServer/oauth2/service/KakaoService.java b/src/main/java/org/websoso/WSSServer/oauth2/service/KakaoService.java
index b7232b05e..eb46e9c5f 100644
--- a/src/main/java/org/websoso/WSSServer/oauth2/service/KakaoService.java
+++ b/src/main/java/org/websoso/WSSServer/oauth2/service/KakaoService.java
@@ -12,8 +12,8 @@
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.client.RestClient;
+import org.websoso.WSSServer.config.jwt.CustomAuthenticationToken;
 import org.websoso.WSSServer.config.jwt.JwtProvider;
-import org.websoso.WSSServer.config.jwt.UserAuthentication;
 import org.websoso.WSSServer.domain.RefreshToken;
 import org.websoso.WSSServer.domain.User;
 import org.websoso.WSSServer.dto.auth.AuthResponse;
@@ -70,9 +70,9 @@ public AuthResponse getUserInfoFromKakao(String kakaoAccessToken) {
             user = userRepository.save(User.createBySocial(socialId, defaultNickname, kakaoUserInfo.email()));
         }
 
-        UserAuthentication userAuthentication = new UserAuthentication(user.getUserId(), null, null);
-        String accessToken = jwtProvider.generateAccessToken(userAuthentication);
-        String refreshToken = jwtProvider.generateRefreshToken(userAuthentication);
+        CustomAuthenticationToken customAuthenticationToken = new CustomAuthenticationToken(user.getUserId(), null, null);
+        String accessToken = jwtProvider.generateAccessToken(customAuthenticationToken);
+        String refreshToken = jwtProvider.generateRefreshToken(customAuthenticationToken);
 
         RefreshToken redisRefreshToken = new RefreshToken(refreshToken, user.getUserId());
         refreshTokenRepository.save(redisRefreshToken);
diff --git a/src/main/java/org/websoso/WSSServer/service/AuthService.java b/src/main/java/org/websoso/WSSServer/service/AuthService.java
index 80767fc78..4cf640385 100644
--- a/src/main/java/org/websoso/WSSServer/service/AuthService.java
+++ b/src/main/java/org/websoso/WSSServer/service/AuthService.java
@@ -5,10 +5,10 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
+import org.websoso.WSSServer.config.jwt.CustomAuthenticationToken;
 import org.websoso.WSSServer.config.jwt.JWTUtil;
 import org.websoso.WSSServer.config.jwt.JwtProvider;
 import org.websoso.WSSServer.config.jwt.JwtValidationType;
-import org.websoso.WSSServer.config.jwt.UserAuthentication;
 import org.websoso.WSSServer.domain.RefreshToken;
 import org.websoso.WSSServer.dto.auth.ReissueResponse;
 import org.websoso.WSSServer.exception.exception.CustomAuthException;
@@ -32,9 +32,9 @@ public ReissueResponse reissue(String refreshToken) {
         }
 
         Long userId = jwtUtil.getUserIdFromJwt(refreshToken);
-        UserAuthentication userAuthentication = new UserAuthentication(userId, null, null);
-        String newAccessToken = jwtProvider.generateAccessToken(userAuthentication);
-        String newRefreshToken = jwtProvider.generateRefreshToken(userAuthentication);
+        CustomAuthenticationToken customAuthenticationToken = new CustomAuthenticationToken(userId, null, null);
+        String newAccessToken = jwtProvider.generateAccessToken(customAuthenticationToken);
+        String newRefreshToken = jwtProvider.generateRefreshToken(customAuthenticationToken);
 
         refreshTokenRepository.delete(storedRefreshToken);
         refreshTokenRepository.save(new RefreshToken(newRefreshToken, userId));
diff --git a/src/main/java/org/websoso/WSSServer/service/UserService.java b/src/main/java/org/websoso/WSSServer/service/UserService.java
index c2721a19b..e7f846f21 100644
--- a/src/main/java/org/websoso/WSSServer/service/UserService.java
+++ b/src/main/java/org/websoso/WSSServer/service/UserService.java
@@ -18,8 +18,8 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
+import org.websoso.WSSServer.config.jwt.CustomAuthenticationToken;
 import org.websoso.WSSServer.config.jwt.JwtProvider;
-import org.websoso.WSSServer.config.jwt.UserAuthentication;
 import org.websoso.WSSServer.domain.Avatar;
 import org.websoso.WSSServer.domain.Genre;
 import org.websoso.WSSServer.domain.GenrePreference;
@@ -95,8 +95,8 @@ public NicknameValidation isNicknameAvailable(User user, String nickname) {
     public LoginResponse login(Long userId) {
         User user = getUserOrException(userId);
 
-        UserAuthentication userAuthentication = new UserAuthentication(user.getUserId(), null, null);
-        String token = jwtProvider.generateAccessToken(userAuthentication);
+        CustomAuthenticationToken customAuthenticationToken = new CustomAuthenticationToken(user.getUserId(), null, null);
+        String token = jwtProvider.generateAccessToken(customAuthenticationToken);
 
         return LoginResponse.of(token);
     }

From b97b10b17851bb73542cb6feb4dafaaf8ffafa3a Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 13 Mar 2025 01:07:52 +0900
Subject: [PATCH 006/122] =?UTF-8?q?[CHORE]=20=EB=A9=94=EC=84=9C=EB=93=9C?=
 =?UTF-8?q?=20=EB=B3=B4=EC=95=88=20=ED=99=9C=EC=84=B1=ED=99=94=EB=A5=BC=20?=
 =?UTF-8?q?=EC=9C=84=ED=95=9C=20@EnableMethodSecurity=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/main/java/org/websoso/WSSServer/config/SecurityConfig.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/config/SecurityConfig.java b/src/main/java/org/websoso/WSSServer/config/SecurityConfig.java
index d37776141..cb08453e7 100644
--- a/src/main/java/org/websoso/WSSServer/config/SecurityConfig.java
+++ b/src/main/java/org/websoso/WSSServer/config/SecurityConfig.java
@@ -3,6 +3,7 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
@@ -18,6 +19,7 @@
 @Configuration
 @RequiredArgsConstructor
 @EnableWebSecurity
+@EnableMethodSecurity
 public class SecurityConfig {
     private final JwtAuthenticationFilter jwtAuthenticationFilter;
     private final CustomJwtAuthenticationEntryPoint customJwtAuthenticationEntryPoint;

From 066b7e5be4e18a3d8fb56a451c73956ac4dd3f86 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 13 Mar 2025 01:08:50 +0900
Subject: [PATCH 007/122] =?UTF-8?q?[STYLE]=20=EC=BD=94=EB=93=9C=20?=
 =?UTF-8?q?=EC=BB=A8=EB=B2=A4=EC=85=98=EC=97=90=20=EB=A7=9E=EA=B2=8C=20for?=
 =?UTF-8?q?matting?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/main/java/org/websoso/WSSServer/service/UserService.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/service/UserService.java b/src/main/java/org/websoso/WSSServer/service/UserService.java
index e7f846f21..1ef1f734f 100644
--- a/src/main/java/org/websoso/WSSServer/service/UserService.java
+++ b/src/main/java/org/websoso/WSSServer/service/UserService.java
@@ -120,8 +120,8 @@ public void editProfileStatus(User user, EditProfileStatusRequest editProfileSta
 
     @Transactional(readOnly = true)
     public User getUserOrException(Long userId) {
-        return userRepository.findById(userId).orElseThrow(() ->
-                new CustomUserException(USER_NOT_FOUND, "user with the given id was not found"));
+        return userRepository.findById(userId)
+                .orElseThrow(() -> new CustomUserException(USER_NOT_FOUND, "user with the given id was not found"));
     }
 
     @Transactional(readOnly = true)

From 9de7622174cf897ffa4920d1c913556fac0df361 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 13 Mar 2025 01:12:01 +0900
Subject: [PATCH 008/122] =?UTF-8?q?[FEAT]=20=EB=A6=AC=EC=86=8C=EC=8A=A4=20?=
 =?UTF-8?q?=EA=B6=8C=ED=95=9C=20=EA=B2=80=EC=A6=9D=EC=9D=84=20=EC=9C=84?=
 =?UTF-8?q?=ED=95=9C=20ResourceAuthorizationValidator=20=EC=9D=B8=ED=84=B0?=
 =?UTF-8?q?=ED=8E=98=EC=9D=B4=EC=8A=A4=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/validator/ResourceAuthorizationValidator.java | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/auth/validator/ResourceAuthorizationValidator.java

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/ResourceAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/ResourceAuthorizationValidator.java
new file mode 100644
index 000000000..acda77266
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/ResourceAuthorizationValidator.java
@@ -0,0 +1,10 @@
+package org.websoso.WSSServer.auth.validator;
+
+import org.websoso.WSSServer.domain.User;
+
+public interface ResourceAuthorizationValidator {
+
+    boolean hasPermission(Long resourceId, User user);
+
+    Class<?> getResourceType();
+}

From 09f5de5857bc442cf31bdefbf8964fd79d826d87 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 13 Mar 2025 01:33:25 +0900
Subject: [PATCH 009/122] =?UTF-8?q?[FEAT]=20=EB=A6=AC=EC=86=8C=EC=8A=A4=20?=
 =?UTF-8?q?=EA=B6=8C=ED=95=9C=20=EA=B2=80=EC=A6=9D=EC=9D=84=20=EC=9C=84?=
 =?UTF-8?q?=ED=95=9C=20ResourceAuthorizationHandler=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

HashMap인 validatorMap을 통해 ResourceAuthorizationValidator의 구현체를 저장하고 사용
---
 .../auth/ResourceAuthorizationHandler.java          | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java

diff --git a/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
new file mode 100644
index 000000000..8fe7973e5
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
@@ -0,0 +1,13 @@
+package org.websoso.WSSServer.auth;
+
+import java.util.HashMap;
+import java.util.Map;
+import org.springframework.stereotype.Component;
+import org.websoso.WSSServer.auth.validator.ResourceAuthorizationValidator;
+
+@Component
+public class ResourceAuthorizationHandler {
+
+    private final Map<Class<?>, ResourceAuthorizationValidator> validatorMap = new HashMap<>();
+
+}

From ddafe037a50d870f7cdf130b33a5121a8c931ec1 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 13 Mar 2025 01:35:23 +0900
Subject: [PATCH 010/122] =?UTF-8?q?[FEAT]=20ResourceAuthorizationHandler?=
 =?UTF-8?q?=EC=97=90=EC=84=9C=20ResourceAuthorizationValidator=20=EC=9E=90?=
 =?UTF-8?q?=EB=8F=99=20=EB=A7=A4=ED=95=91=20=EA=B8=B0=EB=8A=A5=20=EC=B6=94?=
 =?UTF-8?q?=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

@Autowired를 통해 List<ResourceAuthorizationValidator>를 주입, for loop를 통해 validatorMap에 validator의 resourceType을 key로 저장
---
 .../WSSServer/auth/ResourceAuthorizationHandler.java      | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
index 8fe7973e5..6f4be91c8 100644
--- a/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
+++ b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
@@ -1,7 +1,9 @@
 package org.websoso.WSSServer.auth;
 
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.websoso.WSSServer.auth.validator.ResourceAuthorizationValidator;
 
@@ -10,4 +12,10 @@ public class ResourceAuthorizationHandler {
 
     private final Map<Class<?>, ResourceAuthorizationValidator> validatorMap = new HashMap<>();
 
+    @Autowired
+    public ResourceAuthorizationHandler(List<ResourceAuthorizationValidator> validators) {
+        for (ResourceAuthorizationValidator validator : validators) {
+            validatorMap.put(validator.getResourceType(), validator);
+        }
+    }
 }

From f843b0770978b1a96ddcffa9b1103238efdaad36 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 13 Mar 2025 01:38:28 +0900
Subject: [PATCH 011/122] =?UTF-8?q?[FEAT]=20ResourceAuthorizationHandler?=
 =?UTF-8?q?=EC=97=90=20=EB=A6=AC=EC=86=8C=EC=8A=A4=20=EA=B6=8C=ED=95=9C=20?=
 =?UTF-8?q?=EA=B2=80=EC=A6=9D=20=EA=B8=B0=EB=8A=A5=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 존재하지 않는 resourceType인 경우 null에 대해 exception throw
- Validator에서 permission 체크하도록
---
 .../WSSServer/auth/ResourceAuthorizationHandler.java     | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
index 6f4be91c8..4911f4419 100644
--- a/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
+++ b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
@@ -6,6 +6,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.websoso.WSSServer.auth.validator.ResourceAuthorizationValidator;
+import org.websoso.WSSServer.domain.User;
 
 @Component
 public class ResourceAuthorizationHandler {
@@ -18,4 +19,12 @@ public ResourceAuthorizationHandler(List<ResourceAuthorizationValidator> validat
             validatorMap.put(validator.getResourceType(), validator);
         }
     }
+
+    public boolean hasPermission(Long resourceId, User user, Class<?> resourceType) {
+        ResourceAuthorizationValidator validator = validatorMap.get(resourceType);
+        if (validator == null) {
+            throw new RuntimeException();
+        }
+        return validator.hasPermission(resourceId, user);
+    }
 }

From b76c01d0d2a361f139bfa8c46dd73af3a3933d30 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 13 Mar 2025 01:42:20 +0900
Subject: [PATCH 012/122] =?UTF-8?q?[REFACTOR]=20Optional=EC=9D=84=20?=
 =?UTF-8?q?=ED=86=B5=ED=95=B4=20hasPermission=20=EB=A9=94=EC=84=9C?=
 =?UTF-8?q?=EB=93=9C=20=EB=A6=AC=ED=8C=A9=ED=84=B0=EB=A7=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Optional과 orElseThrow를 통해 null 처리 간결하게 변경
---
 .../WSSServer/auth/ResourceAuthorizationHandler.java     | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
index 4911f4419..2ebfe2ffc 100644
--- a/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
+++ b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
@@ -3,6 +3,7 @@
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.websoso.WSSServer.auth.validator.ResourceAuthorizationValidator;
@@ -21,10 +22,8 @@ public ResourceAuthorizationHandler(List<ResourceAuthorizationValidator> validat
     }
 
     public boolean hasPermission(Long resourceId, User user, Class<?> resourceType) {
-        ResourceAuthorizationValidator validator = validatorMap.get(resourceType);
-        if (validator == null) {
-            throw new RuntimeException();
-        }
-        return validator.hasPermission(resourceId, user);
+        return Optional.ofNullable(validatorMap.get(resourceType))
+                .orElseThrow(RuntimeException::new)
+                .hasPermission(resourceId, user);
     }
 }

From ca4871130e18d69e7e20325e76aed97950a46110 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:06:55 +0900
Subject: [PATCH 013/122] =?UTF-8?q?[FEAT]=20FeedAuthorizationValidator=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../validator/FeedAuthorizationValidator.java  | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
new file mode 100644
index 000000000..b65d17015
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
@@ -0,0 +1,18 @@
+package org.websoso.WSSServer.auth.validator;
+
+import org.springframework.stereotype.Component;
+import org.websoso.WSSServer.domain.User;
+
+@Component
+public class FeedAuthorizationValidator implements ResourceAuthorizationValidator {
+
+    @Override
+    public boolean hasPermission(Long resourceId, User user) {
+        return false;
+    }
+
+    @Override
+    public Class<?> getResourceType() {
+        return null;
+    }
+}

From 16176e6d952172d1c36186cb5ddb7c5a2631925a Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:07:53 +0900
Subject: [PATCH 014/122] =?UTF-8?q?[FEAT]=20FeedRepository=20=EC=A3=BC?=
 =?UTF-8?q?=EC=9E=85=20by=20@RequiredArgsConstructor?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/auth/validator/FeedAuthorizationValidator.java | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
index b65d17015..6cfff393a 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
@@ -1,11 +1,16 @@
 package org.websoso.WSSServer.auth.validator;
 
+import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
 import org.websoso.WSSServer.domain.User;
+import org.websoso.WSSServer.repository.FeedRepository;
 
 @Component
+@RequiredArgsConstructor
 public class FeedAuthorizationValidator implements ResourceAuthorizationValidator {
 
+    private final FeedRepository feedRepository;
+
     @Override
     public boolean hasPermission(Long resourceId, User user) {
         return false;

From 354d10e6446f854cf3650aa19a3b800b7014059b Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:09:24 +0900
Subject: [PATCH 015/122] =?UTF-8?q?[FEAT]=20getResourceType()=20=EA=B5=AC?=
 =?UTF-8?q?=ED=98=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/auth/validator/FeedAuthorizationValidator.java   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
index 6cfff393a..5cae02e9e 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
@@ -2,6 +2,7 @@
 
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
+import org.websoso.WSSServer.domain.Feed;
 import org.websoso.WSSServer.domain.User;
 import org.websoso.WSSServer.repository.FeedRepository;
 
@@ -18,6 +19,6 @@ public boolean hasPermission(Long resourceId, User user) {
 
     @Override
     public Class<?> getResourceType() {
-        return null;
+        return Feed.class;
     }
 }

From f861975fdc560743608661181fb8759a11f81864 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:12:37 +0900
Subject: [PATCH 016/122] =?UTF-8?q?[FEAT]=20=EC=A1=B4=EC=9E=AC=ED=95=98?=
 =?UTF-8?q?=EB=8A=94=20=EB=A6=AC=EC=86=8C=EC=8A=A4=EC=9D=B8=EC=A7=80=20?=
 =?UTF-8?q?=EC=A1=B0=ED=9A=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/validator/FeedAuthorizationValidator.java        | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
index 5cae02e9e..144166e27 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
@@ -1,9 +1,12 @@
 package org.websoso.WSSServer.auth.validator;
 
+import static org.websoso.WSSServer.exception.error.CustomFeedError.FEED_NOT_FOUND;
+
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
 import org.websoso.WSSServer.domain.Feed;
 import org.websoso.WSSServer.domain.User;
+import org.websoso.WSSServer.exception.exception.CustomFeedException;
 import org.websoso.WSSServer.repository.FeedRepository;
 
 @Component
@@ -13,8 +16,9 @@ public class FeedAuthorizationValidator implements ResourceAuthorizationValidato
     private final FeedRepository feedRepository;
 
     @Override
-    public boolean hasPermission(Long resourceId, User user) {
-        return false;
+    public boolean hasPermission(Long feedId, User user) {
+        Feed feed = feedRepository.findById(feedId)
+                .orElseThrow(() -> new CustomFeedException(FEED_NOT_FOUND, "feed with the given id was not found"));
     }
 
     @Override

From 27e70821184b8800d54c458d823efb7c81cd308d Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:19:33 +0900
Subject: [PATCH 017/122] =?UTF-8?q?[FEAT]=20=EA=B6=8C=ED=95=9C=EC=9D=B4=20?=
 =?UTF-8?q?=EC=97=86=EB=8A=94=20=EA=B2=BD=EC=9A=B0=20=EC=98=88=EC=99=B8=20?=
 =?UTF-8?q?throw?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

권한 X = 본인의 리소스가 아닌 경우
---
 .../auth/validator/FeedAuthorizationValidator.java       | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
index 144166e27..002251597 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
@@ -1,12 +1,14 @@
 package org.websoso.WSSServer.auth.validator;
 
 import static org.websoso.WSSServer.exception.error.CustomFeedError.FEED_NOT_FOUND;
+import static org.websoso.WSSServer.exception.error.CustomUserError.INVALID_AUTHORIZED;
 
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
 import org.websoso.WSSServer.domain.Feed;
 import org.websoso.WSSServer.domain.User;
 import org.websoso.WSSServer.exception.exception.CustomFeedException;
+import org.websoso.WSSServer.exception.exception.CustomUserException;
 import org.websoso.WSSServer.repository.FeedRepository;
 
 @Component
@@ -19,6 +21,13 @@ public class FeedAuthorizationValidator implements ResourceAuthorizationValidato
     public boolean hasPermission(Long feedId, User user) {
         Feed feed = feedRepository.findById(feedId)
                 .orElseThrow(() -> new CustomFeedException(FEED_NOT_FOUND, "feed with the given id was not found"));
+
+        if (!feed.getUser().getUserId()
+                .equals(user.getUserId())) {
+            throw new CustomUserException(INVALID_AUTHORIZED,
+                    "User with ID " + user.getUserId() + " is not the owner of feed " + feed.getFeedId());
+        }
+        return true;
     }
 
     @Override

From 8d4410101d3999a86d693d56808cb93c6265ae82 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:20:10 +0900
Subject: [PATCH 018/122] =?UTF-8?q?[REFACTOR]=20feed=20=EC=A1=B0=ED=9A=8C?=
 =?UTF-8?q?=20=EB=A1=9C=EC=A7=81=20=EB=A9=94=EC=84=9C=EB=93=9C=EB=A1=9C=20?=
 =?UTF-8?q?=EC=B6=94=EC=B6=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/validator/FeedAuthorizationValidator.java        | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
index 002251597..97fcb36fa 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
@@ -19,8 +19,7 @@ public class FeedAuthorizationValidator implements ResourceAuthorizationValidato
 
     @Override
     public boolean hasPermission(Long feedId, User user) {
-        Feed feed = feedRepository.findById(feedId)
-                .orElseThrow(() -> new CustomFeedException(FEED_NOT_FOUND, "feed with the given id was not found"));
+        Feed feed = getFeedOrException(feedId);
 
         if (!feed.getUser().getUserId()
                 .equals(user.getUserId())) {
@@ -30,6 +29,11 @@ public boolean hasPermission(Long feedId, User user) {
         return true;
     }
 
+    private Feed getFeedOrException(Long feedId) {
+        return feedRepository.findById(feedId)
+                .orElseThrow(() -> new CustomFeedException(FEED_NOT_FOUND, "feed with the given id was not found"));
+    }
+
     @Override
     public Class<?> getResourceType() {
         return Feed.class;

From 92af2d400807f61b990187d775bb942db9208abf Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:22:28 +0900
Subject: [PATCH 019/122] =?UTF-8?q?[REFACTOR]=20=EA=B6=8C=ED=95=9C=20?=
 =?UTF-8?q?=EA=B2=80=EC=A6=9D=20=EB=A1=9C=EC=A7=81=20=EB=A9=94=EC=84=9C?=
 =?UTF-8?q?=EB=93=9C=EB=A1=9C=20=EC=B6=94=EC=B6=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/validator/FeedAuthorizationValidator.java         | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
index 97fcb36fa..fc330571e 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
@@ -21,8 +21,7 @@ public class FeedAuthorizationValidator implements ResourceAuthorizationValidato
     public boolean hasPermission(Long feedId, User user) {
         Feed feed = getFeedOrException(feedId);
 
-        if (!feed.getUser().getUserId()
-                .equals(user.getUserId())) {
+        if (!isFeedOwner(feed, user)) {
             throw new CustomUserException(INVALID_AUTHORIZED,
                     "User with ID " + user.getUserId() + " is not the owner of feed " + feed.getFeedId());
         }
@@ -34,6 +33,10 @@ private Feed getFeedOrException(Long feedId) {
                 .orElseThrow(() -> new CustomFeedException(FEED_NOT_FOUND, "feed with the given id was not found"));
     }
 
+    private boolean isFeedOwner(Feed feed, User user) {
+        return feed.getUser().getUserId().equals(user.getUserId());
+    }
+
     @Override
     public Class<?> getResourceType() {
         return Feed.class;

From 47456decc414711cf95e6c16c1a917010ec04816 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:25:08 +0900
Subject: [PATCH 020/122] =?UTF-8?q?[FEAT]=20AuthorizationService=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../websoso/WSSServer/auth/AuthorizationService.java  | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java

diff --git a/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
new file mode 100644
index 000000000..882391568
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
@@ -0,0 +1,11 @@
+package org.websoso.WSSServer.auth;
+
+import org.springframework.stereotype.Service;
+
+@Service
+public class AuthorizationService {
+
+    public boolean validate(Long resourceId, Long userId, Class<?> resourceType) {
+
+    }
+}

From eaa546cf6cf4379aa03036c8e02809c76237100e Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:26:20 +0900
Subject: [PATCH 021/122] =?UTF-8?q?[FEAT]=20AuthorizationService=EC=97=90?=
 =?UTF-8?q?=20UserRepository=20=EC=A3=BC=EC=9E=85?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

by @RequiredArgsConstructor
---
 .../org/websoso/WSSServer/auth/AuthorizationService.java     | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
index 882391568..0a0013ebb 100644
--- a/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
+++ b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
@@ -1,10 +1,15 @@
 package org.websoso.WSSServer.auth;
 
+import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
+import org.websoso.WSSServer.repository.UserRepository;
 
 @Service
+@RequiredArgsConstructor
 public class AuthorizationService {
 
+    private final UserRepository userRepository;
+
     public boolean validate(Long resourceId, Long userId, Class<?> resourceType) {
 
     }

From 3709b577c01a2900d1457cb438636a1fd228df16 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:28:39 +0900
Subject: [PATCH 022/122] =?UTF-8?q?[FEAT]=20=EC=82=AC=EC=9A=A9=EC=9E=90=20?=
 =?UTF-8?q?=EC=A1=B4=EC=9E=AC=20=EC=97=AC=EB=B6=80=20=EA=B2=80=EC=A6=9D=20?=
 =?UTF-8?q?=EB=A1=9C=EC=A7=81=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/auth/AuthorizationService.java   | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
index 0a0013ebb..602a68c17 100644
--- a/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
+++ b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
@@ -1,7 +1,11 @@
 package org.websoso.WSSServer.auth;
 
+import static org.websoso.WSSServer.exception.error.CustomUserError.USER_NOT_FOUND;
+
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
+import org.websoso.WSSServer.domain.User;
+import org.websoso.WSSServer.exception.exception.CustomUserException;
 import org.websoso.WSSServer.repository.UserRepository;
 
 @Service
@@ -11,6 +15,7 @@ public class AuthorizationService {
     private final UserRepository userRepository;
 
     public boolean validate(Long resourceId, Long userId, Class<?> resourceType) {
-
+        User user = userRepository.findById(userId)
+                .orElseThrow(() -> new CustomUserException(USER_NOT_FOUND, "user with the given id was not found"));
     }
 }

From 0891bac6f3e8021f116e0591ec55833c4f7fe34d Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:31:57 +0900
Subject: [PATCH 023/122] =?UTF-8?q?[REFACTOR]=20=EB=A9=94=EC=84=9C?=
 =?UTF-8?q?=EB=93=9C=20rename?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

from hasPermission
to authorizeResourceAccess
---
 .../websoso/WSSServer/auth/ResourceAuthorizationHandler.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
index 2ebfe2ffc..b528d217a 100644
--- a/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
+++ b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
@@ -21,7 +21,7 @@ public ResourceAuthorizationHandler(List<ResourceAuthorizationValidator> validat
         }
     }
 
-    public boolean hasPermission(Long resourceId, User user, Class<?> resourceType) {
+    public boolean authorizeResourceAccess(Long resourceId, User user, Class<?> resourceType) {
         return Optional.ofNullable(validatorMap.get(resourceType))
                 .orElseThrow(RuntimeException::new)
                 .hasPermission(resourceId, user);

From 73a08cca952b6febec5c8131a46f7d7866d0faa2 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:36:30 +0900
Subject: [PATCH 024/122] =?UTF-8?q?[FEAT]=20ResourceAuthorizationHandler?=
 =?UTF-8?q?=EB=A1=9C=20=EC=9D=B4=ED=9B=84=20=EA=B2=80=EC=A6=9D=20=EB=A1=9C?=
 =?UTF-8?q?=EC=A7=81=20=EC=9C=84=EC=9E=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/auth/AuthorizationService.java  | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
index 602a68c17..998ce8d23 100644
--- a/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
+++ b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
@@ -13,9 +13,12 @@
 public class AuthorizationService {
 
     private final UserRepository userRepository;
+    private final ResourceAuthorizationHandler resourceAuthorizationHandler;
 
     public boolean validate(Long resourceId, Long userId, Class<?> resourceType) {
         User user = userRepository.findById(userId)
                 .orElseThrow(() -> new CustomUserException(USER_NOT_FOUND, "user with the given id was not found"));
+
+        return resourceAuthorizationHandler.authorizeResourceAccess(resourceId, user, resourceType);
     }
 }

From 8f08a2c0623d31c152162714e1026bb50a7671b6 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:39:52 +0900
Subject: [PATCH 025/122] =?UTF-8?q?[REFACTOR]=20Principal=20=EB=8C=80?=
 =?UTF-8?q?=EC=8B=A0=20@AuthenticationPrincipal=20=EC=82=AC=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/FeedController.java  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index 5abffe187..625c8d495 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -10,6 +10,7 @@
 import java.security.Principal;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -66,7 +67,7 @@ public ResponseEntity<Void> updateFeed(Principal principal,
     }
 
     @DeleteMapping("/{feedId}")
-    public ResponseEntity<Void> deleteFeed(Principal principal,
+    public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal Long userId,
                                            @PathVariable("feedId") Long feedId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.deleteFeed(user, feedId);

From 3cf9a462dd84722f3ce07c98347f7ddac980e3f9 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:41:32 +0900
Subject: [PATCH 026/122] =?UTF-8?q?[FEAT]=20=EA=B6=8C=ED=95=9C=20=EA=B2=80?=
 =?UTF-8?q?=EC=A6=9D=EC=9D=84=20=EC=9C=84=ED=95=9C=20@PreAuthorize=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/FeedController.java   | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index 625c8d495..ba0501586 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -10,6 +10,7 @@
 import java.security.Principal;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -67,6 +68,7 @@ public ResponseEntity<Void> updateFeed(Principal principal,
     }
 
     @DeleteMapping("/{feedId}")
+    @PreAuthorize("@authorizationService.validate(#feedId, #userId, T(org.websoso.WSSServer.domain.Feed))")
     public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal Long userId,
                                            @PathVariable("feedId") Long feedId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));

From 165e66d6bbf22d94f74b48bb26e3d55d516c32cb Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:42:02 +0900
Subject: [PATCH 027/122] =?UTF-8?q?[REMOVE]=20=EC=82=AC=EC=9A=A9=ED=95=98?=
 =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EB=8A=94=20=EC=BD=94=EB=93=9C=20=EC=A0=9C?=
 =?UTF-8?q?=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/FeedController.java  | 1 -
 src/main/java/org/websoso/WSSServer/service/FeedService.java   | 3 ---
 2 files changed, 4 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index ba0501586..053cd9f38 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -71,7 +71,6 @@ public ResponseEntity<Void> updateFeed(Principal principal,
     @PreAuthorize("@authorizationService.validate(#feedId, #userId, T(org.websoso.WSSServer.domain.Feed))")
     public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal Long userId,
                                            @PathVariable("feedId") Long feedId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.deleteFeed(user, feedId);
 
         return ResponseEntity
diff --git a/src/main/java/org/websoso/WSSServer/service/FeedService.java b/src/main/java/org/websoso/WSSServer/service/FeedService.java
index 140570c97..3ecb64c1d 100644
--- a/src/main/java/org/websoso/WSSServer/service/FeedService.java
+++ b/src/main/java/org/websoso/WSSServer/service/FeedService.java
@@ -1,7 +1,6 @@
 package org.websoso.WSSServer.service;
 
 import static java.lang.Boolean.TRUE;
-import static org.websoso.WSSServer.domain.common.Action.DELETE;
 import static org.websoso.WSSServer.domain.common.Action.UPDATE;
 import static org.websoso.WSSServer.domain.common.DiscordWebhookMessageType.REPORT;
 import static org.websoso.WSSServer.exception.error.CustomFeedError.BLOCKED_USER_ACCESS;
@@ -109,8 +108,6 @@ public void updateFeed(User user, Long feedId, FeedUpdateRequest request) {
     }
 
     public void deleteFeed(User user, Long feedId) {
-        Feed feed = getFeedOrException(feedId);
-        feed.validateUserAuthorization(user, DELETE);
         feedRepository.delete(feed);
     }
 

From f66efd49c0b7d406045cac89d39e1b3f9fbbf24b Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:46:43 +0900
Subject: [PATCH 028/122] =?UTF-8?q?[FIX]=20FeedService.deleteFeed=20?=
 =?UTF-8?q?=EB=A9=94=EC=84=9C=EB=93=9C=20=EC=8B=9C=EA=B7=B8=EB=8B=88?=
 =?UTF-8?q?=EC=B2=98=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/FeedController.java  | 3 +--
 src/main/java/org/websoso/WSSServer/service/FeedService.java   | 2 +-
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index 053cd9f38..f12af5335 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -71,8 +71,7 @@ public ResponseEntity<Void> updateFeed(Principal principal,
     @PreAuthorize("@authorizationService.validate(#feedId, #userId, T(org.websoso.WSSServer.domain.Feed))")
     public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal Long userId,
                                            @PathVariable("feedId") Long feedId) {
-        feedService.deleteFeed(user, feedId);
-
+        feedService.deleteFeed(feedId);
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
diff --git a/src/main/java/org/websoso/WSSServer/service/FeedService.java b/src/main/java/org/websoso/WSSServer/service/FeedService.java
index 3ecb64c1d..0d1c86d87 100644
--- a/src/main/java/org/websoso/WSSServer/service/FeedService.java
+++ b/src/main/java/org/websoso/WSSServer/service/FeedService.java
@@ -107,7 +107,7 @@ public void updateFeed(User user, Long feedId, FeedUpdateRequest request) {
         feedCategoryService.updateFeedCategory(feed, request.relevantCategories());
     }
 
-    public void deleteFeed(User user, Long feedId) {
+    public void deleteFeed(Long feedId) {
         feedRepository.delete(feed);
     }
 

From 619e2bf5507a53c7a5c69ebe254ef6ff86f1f309 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 14 Mar 2025 00:47:28 +0900
Subject: [PATCH 029/122] =?UTF-8?q?[FIX]=20feed=20=EC=82=AD=EC=A0=9C=20jpa?=
 =?UTF-8?q?=20=EC=BF=BC=EB=A6=AC=20=EB=A9=94=EC=84=9C=EB=93=9C=20=EB=B3=80?=
 =?UTF-8?q?=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/main/java/org/websoso/WSSServer/service/FeedService.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/service/FeedService.java b/src/main/java/org/websoso/WSSServer/service/FeedService.java
index 0d1c86d87..7adf0e840 100644
--- a/src/main/java/org/websoso/WSSServer/service/FeedService.java
+++ b/src/main/java/org/websoso/WSSServer/service/FeedService.java
@@ -108,7 +108,7 @@ public void updateFeed(User user, Long feedId, FeedUpdateRequest request) {
     }
 
     public void deleteFeed(Long feedId) {
-        feedRepository.delete(feed);
+        feedRepository.deleteById(feedId);
     }
 
     public void likeFeed(User user, Long feedId) {

From ca3fa3876a74f5ca1f4b2c466eb12151340c6002 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 16 Mar 2025 22:58:59 +0900
Subject: [PATCH 030/122] =?UTF-8?q?[FEAT]=20JwtValidationType=20=EC=B6=94?=
 =?UTF-8?q?=EA=B0=80:=20INVALID=5FSIGNATURE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/config/jwt/JwtValidationType.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java
index ffcc462d6..bb06935fa 100644
--- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtValidationType.java
@@ -4,6 +4,7 @@ public enum JwtValidationType {
     VALID_ACCESS,
     VALID_REFRESH,
     INVALID_TOKEN,
+    INVALID_SIGNATURE,
     EXPIRED_ACCESS,
     EXPIRED_REFRESH,
     UNSUPPORTED_TOKEN,

From c760627b58051074183b332e1ded3e1ce85afd57 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 16 Mar 2025 23:00:11 +0900
Subject: [PATCH 031/122] =?UTF-8?q?[FIX]=20JWTUtil.validateJWT=EC=97=90?=
 =?UTF-8?q?=EC=84=9C=20=EC=9E=A1=EC=A7=80=20=EC=95=8A=EB=8D=98=20exception?=
 =?UTF-8?q?=20catch?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

: SignatureException
---
 src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java b/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java
index ffa3c1d9c..095083d11 100644
--- a/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/JWTUtil.java
@@ -7,6 +7,7 @@
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.MalformedJwtException;
 import io.jsonwebtoken.UnsupportedJwtException;
+import io.jsonwebtoken.security.SignatureException;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
 
@@ -29,6 +30,8 @@ public JwtValidationType validateJWT(String token) {
                 return JwtValidationType.VALID_ACCESS;
             }
             return JwtValidationType.VALID_REFRESH;
+        } catch (SignatureException ex) {
+            return JwtValidationType.INVALID_SIGNATURE;
         } catch (MalformedJwtException ex) {
             return JwtValidationType.INVALID_TOKEN;
         } catch (ExpiredJwtException ex) {

From 6b31fe9f2c4d7b2a852ea77358b10a52629bd7d9 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 16 Mar 2025 23:02:11 +0900
Subject: [PATCH 032/122] =?UTF-8?q?[REMOVE]=20=EC=9D=98=EB=AF=B8=20?=
 =?UTF-8?q?=EC=97=86=EB=8A=94=20try-catch=20=EB=B8=94=EB=9F=AD=20=EC=82=AD?=
 =?UTF-8?q?=EC=A0=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../config/jwt/JwtAuthenticationFilter.java   | 28 +++++++------------
 1 file changed, 10 insertions(+), 18 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
index ff484b17f..37cd88a31 100644
--- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
@@ -30,24 +30,16 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
     protected void doFilterInternal(@NonNull HttpServletRequest request,
                                     @NonNull HttpServletResponse response,
                                     @NonNull FilterChain filterChain) throws ServletException, IOException {
-        try {
-            final String token = getJwtFromRequest(request);
-            final JwtValidationType validationResult = jwtUtil.validateJWT(token);
-            if (validationResult == VALID_ACCESS) {
-                Long userId = jwtUtil.getUserIdFromJwt(token);
-                CustomAuthenticationToken customAuthenticationToken = new CustomAuthenticationToken(userId, null, null);
-                customAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
-                SecurityContextHolder.getContext().setAuthentication(customAuthenticationToken);
-            } else if (validationResult == EXPIRED_ACCESS) {
-                handleExpiredAccessToken(request, response);
-                return;
-            }
-        } catch (Exception exception) {
-            try {
-                throw new Exception();
-            } catch (Exception e) {
-                throw new RuntimeException(e);
-            }
+        final String token = getJwtFromRequest(request);
+        final JwtValidationType validationResult = jwtUtil.validateJWT(token);
+        if (validationResult == VALID_ACCESS) {
+            Long userId = jwtUtil.getUserIdFromJwt(token);
+            CustomAuthenticationToken customAuthenticationToken = new CustomAuthenticationToken(userId, null, null);
+            customAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+            SecurityContextHolder.getContext().setAuthentication(customAuthenticationToken);
+        } else if (validationResult == EXPIRED_ACCESS) {
+            handleExpiredAccessToken(request, response);
+            return;
         }
         filterChain.doFilter(request, response);
     }

From 4999b138556c49b7a5f4e09145b30a58e9357686 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 16 Mar 2025 23:04:14 +0900
Subject: [PATCH 033/122] =?UTF-8?q?[FEAT]=20invalid=ED=95=9C=20token?=
 =?UTF-8?q?=EA=B3=BC=20=EB=B9=84=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9=EC=9E=90=20=EA=B5=AC=EB=B6=84=20=EB=A1=9C=EC=A7=81=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

: invalid한 사용자는 response 내려줌
---
 .../config/jwt/JwtAuthenticationFilter.java          | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
index 37cd88a31..a23238fa4 100644
--- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
@@ -1,6 +1,8 @@
 package org.websoso.WSSServer.config.jwt;
 
 import static org.websoso.WSSServer.config.jwt.JwtValidationType.EXPIRED_ACCESS;
+import static org.websoso.WSSServer.config.jwt.JwtValidationType.INVALID_SIGNATURE;
+import static org.websoso.WSSServer.config.jwt.JwtValidationType.INVALID_TOKEN;
 import static org.websoso.WSSServer.config.jwt.JwtValidationType.VALID_ACCESS;
 
 import jakarta.servlet.FilterChain;
@@ -40,6 +42,9 @@ protected void doFilterInternal(@NonNull HttpServletRequest request,
         } else if (validationResult == EXPIRED_ACCESS) {
             handleExpiredAccessToken(request, response);
             return;
+        } else if (validationResult == INVALID_TOKEN || validationResult == INVALID_SIGNATURE) {
+            handleInvalidToken(response);
+            return;
         }
         filterChain.doFilter(request, response);
     }
@@ -59,4 +64,11 @@ private void handleExpiredAccessToken(HttpServletRequest request,
         response.getWriter()
                 .write("{\"code\": \"AUTH-000\", \"message\": \"Access Token Expired. Use Refresh Token to reissue.\"}");
     }
+
+    private void handleInvalidToken(HttpServletResponse response) throws IOException {
+        response.setContentType("application/json");
+        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+        response.getWriter()
+                .write("{\"code\": \"AUTH-001\", \"message\": \"Invalid token.\"}");
+    }
 }

From 1ae92feacd71e88d00012651640fee354019ad81 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 16 Mar 2025 23:07:16 +0900
Subject: [PATCH 034/122] =?UTF-8?q?[FEAT]=20invalid=ED=95=9C=20token?=
 =?UTF-8?q?=EA=B3=BC=20=EB=B9=84=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9=EC=9E=90=20=EA=B5=AC=EB=B6=84=20=EB=A1=9C=EC=A7=81=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

: 비로그인 사용자 분기 처리 추가 by if-else
---
 .../config/jwt/JwtAuthenticationFilter.java   | 29 +++++++++++--------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
index a23238fa4..eaa5550df 100644
--- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
@@ -33,18 +33,23 @@ protected void doFilterInternal(@NonNull HttpServletRequest request,
                                     @NonNull HttpServletResponse response,
                                     @NonNull FilterChain filterChain) throws ServletException, IOException {
         final String token = getJwtFromRequest(request);
-        final JwtValidationType validationResult = jwtUtil.validateJWT(token);
-        if (validationResult == VALID_ACCESS) {
-            Long userId = jwtUtil.getUserIdFromJwt(token);
-            CustomAuthenticationToken customAuthenticationToken = new CustomAuthenticationToken(userId, null, null);
-            customAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
-            SecurityContextHolder.getContext().setAuthentication(customAuthenticationToken);
-        } else if (validationResult == EXPIRED_ACCESS) {
-            handleExpiredAccessToken(request, response);
-            return;
-        } else if (validationResult == INVALID_TOKEN || validationResult == INVALID_SIGNATURE) {
-            handleInvalidToken(response);
-            return;
+
+        if (StringUtils.hasText(token)) {
+            final JwtValidationType validationResult = jwtUtil.validateJWT(token);
+            if (validationResult == VALID_ACCESS) {
+                Long userId = jwtUtil.getUserIdFromJwt(token);
+                CustomAuthenticationToken customAuthenticationToken = new CustomAuthenticationToken(userId, null, null);
+                customAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+                SecurityContextHolder.getContext().setAuthentication(customAuthenticationToken);
+            } else if (validationResult == EXPIRED_ACCESS) {
+                handleExpiredAccessToken(request, response);
+                return;
+            } else if (validationResult == INVALID_TOKEN || validationResult == INVALID_SIGNATURE) {
+                handleInvalidToken(response);
+                return;
+            } else {
+
+            }
         }
         filterChain.doFilter(request, response);
     }

From 31eb1f05056af1e734e5fa1d7cc7d89ebf06cc8c Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 16 Mar 2025 23:43:22 +0900
Subject: [PATCH 035/122] =?UTF-8?q?[FEAT]=20=EB=B9=84=EB=A1=9C=EA=B7=B8?=
 =?UTF-8?q?=EC=9D=B8=20=EC=82=AC=EC=9A=A9=EC=9E=90=20SecurityContextHolder?=
 =?UTF-8?q?=EC=97=90=20ROLE=5FANONYMOUS=EB=A1=9C=20=EC=84=A4=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

: AnonymousAuthenticationToken 이용
---
 .../WSSServer/config/jwt/JwtAuthenticationFilter.java | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
index eaa5550df..5fa8dd7d6 100644
--- a/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
+++ b/src/main/java/org/websoso/WSSServer/config/jwt/JwtAuthenticationFilter.java
@@ -14,6 +14,8 @@
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpHeaders;
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.springframework.stereotype.Component;
@@ -47,9 +49,14 @@ protected void doFilterInternal(@NonNull HttpServletRequest request,
             } else if (validationResult == INVALID_TOKEN || validationResult == INVALID_SIGNATURE) {
                 handleInvalidToken(response);
                 return;
-            } else {
-
             }
+        } else {
+            SecurityContextHolder.getContext().setAuthentication(
+                    new AnonymousAuthenticationToken(
+                            "anonymous",
+                            "anonymousUser",
+                            AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"))
+            );
         }
         filterChain.doFilter(request, response);
     }

From 4c98ec07031e71b30062575afa8c249ae94e7685 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 02:31:11 +0900
Subject: [PATCH 036/122] =?UTF-8?q?[FEAT]=20@AuthenticationPrincipal=20Use?=
 =?UTF-8?q?r=20=EB=B3=80=ED=99=98=EC=9D=84=20=EC=9C=84=ED=95=9C=20CustomUs?=
 =?UTF-8?q?erArgumentResolver=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

: HandlerMethodArgumentResolver의 구현체
---
 .../auth/CustomUserArgumentResolver.java      | 43 +++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/auth/CustomUserArgumentResolver.java

diff --git a/src/main/java/org/websoso/WSSServer/auth/CustomUserArgumentResolver.java b/src/main/java/org/websoso/WSSServer/auth/CustomUserArgumentResolver.java
new file mode 100644
index 000000000..27e9bf22e
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/auth/CustomUserArgumentResolver.java
@@ -0,0 +1,43 @@
+package org.websoso.WSSServer.auth;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.core.MethodParameter;
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.bind.support.WebDataBinderFactory;
+import org.springframework.web.context.request.NativeWebRequest;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.method.support.ModelAndViewContainer;
+import org.websoso.WSSServer.domain.User;
+import org.websoso.WSSServer.service.UserService;
+
+@Component
+@RequiredArgsConstructor
+public class CustomUserArgumentResolver implements HandlerMethodArgumentResolver {
+
+    private final UserService userService;
+
+    @Override
+    public boolean supportsParameter(MethodParameter parameter) {
+        return parameter.getParameterType().equals(User.class) &&
+                parameter.hasParameterAnnotation(AuthenticationPrincipal.class);
+    }
+
+    @Override
+    public Object resolveArgument(MethodParameter parameter,
+                                  ModelAndViewContainer mavContainer,
+                                  NativeWebRequest webRequest,
+                                  WebDataBinderFactory binderFactory) {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+        if (authentication == null || authentication instanceof AnonymousAuthenticationToken) {
+            return null;
+        }
+
+        Long userId = (Long) authentication.getPrincipal();
+        return userService.getUserOrException(userId);
+    }
+}

From 8c8442ece508a616512f8e40986035195e961bb8 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 02:33:13 +0900
Subject: [PATCH 037/122] =?UTF-8?q?[FEAT]=20CustomUserArgumentResolver=20?=
 =?UTF-8?q?=EB=93=B1=EB=A1=9D=EC=9D=84=20=EC=9C=84=ED=95=9C=20WebConfig=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../websoso/WSSServer/config/WebConfig.java   | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/config/WebConfig.java

diff --git a/src/main/java/org/websoso/WSSServer/config/WebConfig.java b/src/main/java/org/websoso/WSSServer/config/WebConfig.java
new file mode 100644
index 000000000..5045fbc0a
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/config/WebConfig.java
@@ -0,0 +1,20 @@
+package org.websoso.WSSServer.config;
+
+import java.util.List;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import org.websoso.WSSServer.auth.CustomUserArgumentResolver;
+
+@Configuration
+@RequiredArgsConstructor
+public class WebConfig implements WebMvcConfigurer {
+
+    private final CustomUserArgumentResolver customUserArgumentResolver;
+
+    @Override
+    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
+        resolvers.add(customUserArgumentResolver);
+    }
+}

From 8352770dc2786cc98da883f5cc3cf707381eea14 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 02:34:06 +0900
Subject: [PATCH 038/122] =?UTF-8?q?[REMOVE]=20AuthorizationService?=
 =?UTF-8?q?=EC=97=90=EC=84=9C=20user=20=EC=A1=B4=EC=9E=AC=20=EA=B2=80?=
 =?UTF-8?q?=EC=A6=9D=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/auth/AuthorizationService.java  | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
index 998ce8d23..9ee014fdf 100644
--- a/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
+++ b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
@@ -1,24 +1,16 @@
 package org.websoso.WSSServer.auth;
 
-import static org.websoso.WSSServer.exception.error.CustomUserError.USER_NOT_FOUND;
-
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 import org.websoso.WSSServer.domain.User;
-import org.websoso.WSSServer.exception.exception.CustomUserException;
-import org.websoso.WSSServer.repository.UserRepository;
 
 @Service
 @RequiredArgsConstructor
 public class AuthorizationService {
 
-    private final UserRepository userRepository;
     private final ResourceAuthorizationHandler resourceAuthorizationHandler;
 
     public boolean validate(Long resourceId, Long userId, Class<?> resourceType) {
-        User user = userRepository.findById(userId)
-                .orElseThrow(() -> new CustomUserException(USER_NOT_FOUND, "user with the given id was not found"));
-
         return resourceAuthorizationHandler.authorizeResourceAccess(resourceId, user, resourceType);
     }
 }

From 18eb3abc77fe0448187e0eb7bbca76825205d525 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 02:34:38 +0900
Subject: [PATCH 039/122] =?UTF-8?q?[FIX]=20AuthorizationService.validate?=
 =?UTF-8?q?=20=EB=A9=94=EC=84=9C=EB=93=9C=20=EC=8B=9C=EA=B7=B8=EB=8B=88?=
 =?UTF-8?q?=EC=B2=98=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Long userId -> User user
---
 .../java/org/websoso/WSSServer/auth/AuthorizationService.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
index 9ee014fdf..82a7cf024 100644
--- a/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
+++ b/src/main/java/org/websoso/WSSServer/auth/AuthorizationService.java
@@ -10,7 +10,7 @@ public class AuthorizationService {
 
     private final ResourceAuthorizationHandler resourceAuthorizationHandler;
 
-    public boolean validate(Long resourceId, Long userId, Class<?> resourceType) {
+    public boolean validate(Long resourceId, User user, Class<?> resourceType) {
         return resourceAuthorizationHandler.authorizeResourceAccess(resourceId, user, resourceType);
     }
 }

From 3cfce58554bf2bcc7e689469619430b12a41c948 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 02:42:51 +0900
Subject: [PATCH 040/122] =?UTF-8?q?[REFACTOR]=20Principal=20=EB=8C=80?=
 =?UTF-8?q?=EC=8B=A0=20@AuthenticationPrincipal=20User=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/FeedController.java  | 35 +++++++++----------
 1 file changed, 17 insertions(+), 18 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index f12af5335..4619876a3 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -7,7 +7,6 @@
 import static org.websoso.WSSServer.domain.common.ReportedType.SPOILER;
 
 import jakarta.validation.Valid;
-import java.security.Principal;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
@@ -45,7 +44,7 @@ public class FeedController {
     private final PopularFeedService popularFeedService;
 
     @PostMapping
-    public ResponseEntity<Void> createFeed(Principal principal,
+    public ResponseEntity<Void> createFeed(@AuthenticationPrincipal User user,
                                            @Valid @RequestBody FeedCreateRequest request) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.createFeed(user, request);
@@ -56,7 +55,7 @@ public ResponseEntity<Void> createFeed(Principal principal,
     }
 
     @PutMapping("/{feedId}")
-    public ResponseEntity<Void> updateFeed(Principal principal,
+    public ResponseEntity<Void> updateFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId,
                                            @Valid @RequestBody FeedUpdateRequest request) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
@@ -69,7 +68,7 @@ public ResponseEntity<Void> updateFeed(Principal principal,
 
     @DeleteMapping("/{feedId}")
     @PreAuthorize("@authorizationService.validate(#feedId, #userId, T(org.websoso.WSSServer.domain.Feed))")
-    public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal Long userId,
+    public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId) {
         feedService.deleteFeed(feedId);
         return ResponseEntity
@@ -78,7 +77,7 @@ public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal Long userId,
     }
 
     @PostMapping("/{feedId}/likes")
-    public ResponseEntity<Void> likeFeed(Principal principal,
+    public ResponseEntity<Void> likeFeed(@AuthenticationPrincipal User user,
                                          @PathVariable("feedId") Long feedId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.likeFeed(user, feedId);
@@ -89,7 +88,7 @@ public ResponseEntity<Void> likeFeed(Principal principal,
     }
 
     @DeleteMapping("/{feedId}/likes")
-    public ResponseEntity<Void> unLikeFeed(Principal principal,
+    public ResponseEntity<Void> unLikeFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.unLikeFeed(user, feedId);
@@ -100,7 +99,7 @@ public ResponseEntity<Void> unLikeFeed(Principal principal,
     }
 
     @GetMapping("/{feedId}")
-    public ResponseEntity<FeedGetResponse> getFeed(Principal principal,
+    public ResponseEntity<FeedGetResponse> getFeed(@AuthenticationPrincipal User user,
                                                    @PathVariable("feedId") Long feedId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
 
@@ -110,7 +109,7 @@ public ResponseEntity<FeedGetResponse> getFeed(Principal principal,
     }
 
     @GetMapping("/popular")
-    public ResponseEntity<PopularFeedsGetResponse> getPopularFeeds(Principal principal) {
+    public ResponseEntity<PopularFeedsGetResponse> getPopularFeeds(@AuthenticationPrincipal User user) {
         User user = principal == null ?
                 null :
                 userService.getUserOrException(Long.valueOf(principal.getName()));
@@ -120,7 +119,7 @@ public ResponseEntity<PopularFeedsGetResponse> getPopularFeeds(Principal princip
     }
 
     @GetMapping
-    public ResponseEntity<FeedsGetResponse> getFeeds(Principal principal,
+    public ResponseEntity<FeedsGetResponse> getFeeds(@AuthenticationPrincipal User user,
                                                      @RequestParam(value = "category", required = false) String category,
                                                      @RequestParam("lastFeedId") Long lastFeedId,
                                                      @RequestParam("size") int size) {
@@ -132,7 +131,7 @@ public ResponseEntity<FeedsGetResponse> getFeeds(Principal principal,
     }
 
     @GetMapping("/interest")
-    public ResponseEntity<InterestFeedsGetResponse> getInterestFeeds(Principal principal) {
+    public ResponseEntity<InterestFeedsGetResponse> getInterestFeeds(@AuthenticationPrincipal User user) {
         User user = principal == null
                 ? null
                 : userService.getUserOrException(Long.valueOf(principal.getName()));
@@ -142,7 +141,7 @@ public ResponseEntity<InterestFeedsGetResponse> getInterestFeeds(Principal princ
     }
 
     @PostMapping("/{feedId}/comments")
-    public ResponseEntity<Void> createComment(Principal principal,
+    public ResponseEntity<Void> createComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @Valid @RequestBody CommentCreateRequest request) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
@@ -154,7 +153,7 @@ public ResponseEntity<Void> createComment(Principal principal,
     }
 
     @PutMapping("/{feedId}/comments/{commentId}")
-    public ResponseEntity<Void> updateComment(Principal principal,
+    public ResponseEntity<Void> updateComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @PathVariable("commentId") Long commentId,
                                               @Valid @RequestBody CommentUpdateRequest request) {
@@ -167,7 +166,7 @@ public ResponseEntity<Void> updateComment(Principal principal,
     }
 
     @DeleteMapping("/{feedId}/comments/{commentId}")
-    public ResponseEntity<Void> deleteComment(Principal principal,
+    public ResponseEntity<Void> deleteComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @PathVariable("commentId") Long commentId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
@@ -179,7 +178,7 @@ public ResponseEntity<Void> deleteComment(Principal principal,
     }
 
     @GetMapping("/{feedId}/comments")
-    public ResponseEntity<CommentsGetResponse> getComments(Principal principal,
+    public ResponseEntity<CommentsGetResponse> getComments(@AuthenticationPrincipal User user,
                                                            @PathVariable("feedId") Long feedId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
 
@@ -189,7 +188,7 @@ public ResponseEntity<CommentsGetResponse> getComments(Principal principal,
     }
 
     @PostMapping("/{feedId}/spoiler")
-    public ResponseEntity<Void> reportFeedSpoiler(Principal principal,
+    public ResponseEntity<Void> reportFeedSpoiler(@AuthenticationPrincipal User user,
                                                   @PathVariable("feedId") Long feedId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.reportFeed(user, feedId, SPOILER);
@@ -200,7 +199,7 @@ public ResponseEntity<Void> reportFeedSpoiler(Principal principal,
     }
 
     @PostMapping("/{feedId}/impertinence")
-    public ResponseEntity<Void> reportedFeedImpertinence(Principal principal,
+    public ResponseEntity<Void> reportedFeedImpertinence(@AuthenticationPrincipal User user,
                                                          @PathVariable("feedId") Long feedId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.reportFeed(user, feedId, IMPERTINENCE);
@@ -211,7 +210,7 @@ public ResponseEntity<Void> reportedFeedImpertinence(Principal principal,
     }
 
     @PostMapping("/{feedId}/comments/{commentId}/spoiler")
-    public ResponseEntity<Void> reportCommentSpoiler(Principal principal,
+    public ResponseEntity<Void> reportCommentSpoiler(@AuthenticationPrincipal User user,
                                                      @PathVariable("feedId") Long feedId,
                                                      @PathVariable("commentId") Long commentId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
@@ -223,7 +222,7 @@ public ResponseEntity<Void> reportCommentSpoiler(Principal principal,
     }
 
     @PostMapping("/{feedId}/comments/{commentId}/impertinence")
-    public ResponseEntity<Void> reportCommentImpertinence(Principal principal,
+    public ResponseEntity<Void> reportCommentImpertinence(@AuthenticationPrincipal User user,
                                                           @PathVariable("feedId") Long feedId,
                                                           @PathVariable("commentId") Long commentId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));

From 32c9b7a945bf441ac8a0d10ddde1ec510b429087 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 02:44:26 +0900
Subject: [PATCH 041/122] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?=
 =?UTF-8?q?=ED=95=9C=20principal.getName()=20=ED=9B=84=20User=20=EC=A1=B0?=
 =?UTF-8?q?=ED=9A=8C=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/FeedController.java  | 34 -------------------
 1 file changed, 34 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index 4619876a3..c958c2359 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -46,9 +46,7 @@ public class FeedController {
     @PostMapping
     public ResponseEntity<Void> createFeed(@AuthenticationPrincipal User user,
                                            @Valid @RequestBody FeedCreateRequest request) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.createFeed(user, request);
-
         return ResponseEntity
                 .status(CREATED)
                 .build();
@@ -58,9 +56,7 @@ public ResponseEntity<Void> createFeed(@AuthenticationPrincipal User user,
     public ResponseEntity<Void> updateFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId,
                                            @Valid @RequestBody FeedUpdateRequest request) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.updateFeed(user, feedId, request);
-
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
@@ -79,9 +75,7 @@ public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal User user,
     @PostMapping("/{feedId}/likes")
     public ResponseEntity<Void> likeFeed(@AuthenticationPrincipal User user,
                                          @PathVariable("feedId") Long feedId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.likeFeed(user, feedId);
-
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
@@ -90,9 +84,7 @@ public ResponseEntity<Void> likeFeed(@AuthenticationPrincipal User user,
     @DeleteMapping("/{feedId}/likes")
     public ResponseEntity<Void> unLikeFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.unLikeFeed(user, feedId);
-
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
@@ -101,8 +93,6 @@ public ResponseEntity<Void> unLikeFeed(@AuthenticationPrincipal User user,
     @GetMapping("/{feedId}")
     public ResponseEntity<FeedGetResponse> getFeed(@AuthenticationPrincipal User user,
                                                    @PathVariable("feedId") Long feedId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
-
         return ResponseEntity
                 .status(OK)
                 .body(feedService.getFeedById(user, feedId));
@@ -110,9 +100,6 @@ public ResponseEntity<FeedGetResponse> getFeed(@AuthenticationPrincipal User use
 
     @GetMapping("/popular")
     public ResponseEntity<PopularFeedsGetResponse> getPopularFeeds(@AuthenticationPrincipal User user) {
-        User user = principal == null ?
-                null :
-                userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(popularFeedService.getPopularFeeds(user));
@@ -123,8 +110,6 @@ public ResponseEntity<FeedsGetResponse> getFeeds(@AuthenticationPrincipal User u
                                                      @RequestParam(value = "category", required = false) String category,
                                                      @RequestParam("lastFeedId") Long lastFeedId,
                                                      @RequestParam("size") int size) {
-        User user = principal == null ? null : userService.getUserOrException(Long.valueOf(principal.getName()));
-
         return ResponseEntity
                 .status(OK)
                 .body(feedService.getFeeds(user, category, lastFeedId, size));
@@ -132,9 +117,6 @@ public ResponseEntity<FeedsGetResponse> getFeeds(@AuthenticationPrincipal User u
 
     @GetMapping("/interest")
     public ResponseEntity<InterestFeedsGetResponse> getInterestFeeds(@AuthenticationPrincipal User user) {
-        User user = principal == null
-                ? null
-                : userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(feedService.getInterestFeeds(user));
@@ -144,9 +126,7 @@ public ResponseEntity<InterestFeedsGetResponse> getInterestFeeds(@Authentication
     public ResponseEntity<Void> createComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @Valid @RequestBody CommentCreateRequest request) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.createComment(user, feedId, request);
-
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
@@ -157,9 +137,7 @@ public ResponseEntity<Void> updateComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @PathVariable("commentId") Long commentId,
                                               @Valid @RequestBody CommentUpdateRequest request) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.updateComment(user, feedId, commentId, request);
-
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
@@ -169,9 +147,7 @@ public ResponseEntity<Void> updateComment(@AuthenticationPrincipal User user,
     public ResponseEntity<Void> deleteComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @PathVariable("commentId") Long commentId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.deleteComment(user, feedId, commentId);
-
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
@@ -180,8 +156,6 @@ public ResponseEntity<Void> deleteComment(@AuthenticationPrincipal User user,
     @GetMapping("/{feedId}/comments")
     public ResponseEntity<CommentsGetResponse> getComments(@AuthenticationPrincipal User user,
                                                            @PathVariable("feedId") Long feedId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
-
         return ResponseEntity
                 .status(OK)
                 .body(feedService.getComments(user, feedId));
@@ -190,9 +164,7 @@ public ResponseEntity<CommentsGetResponse> getComments(@AuthenticationPrincipal
     @PostMapping("/{feedId}/spoiler")
     public ResponseEntity<Void> reportFeedSpoiler(@AuthenticationPrincipal User user,
                                                   @PathVariable("feedId") Long feedId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.reportFeed(user, feedId, SPOILER);
-
         return ResponseEntity
                 .status(CREATED)
                 .build();
@@ -201,9 +173,7 @@ public ResponseEntity<Void> reportFeedSpoiler(@AuthenticationPrincipal User user
     @PostMapping("/{feedId}/impertinence")
     public ResponseEntity<Void> reportedFeedImpertinence(@AuthenticationPrincipal User user,
                                                          @PathVariable("feedId") Long feedId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.reportFeed(user, feedId, IMPERTINENCE);
-
         return ResponseEntity
                 .status(CREATED)
                 .build();
@@ -213,9 +183,7 @@ public ResponseEntity<Void> reportedFeedImpertinence(@AuthenticationPrincipal Us
     public ResponseEntity<Void> reportCommentSpoiler(@AuthenticationPrincipal User user,
                                                      @PathVariable("feedId") Long feedId,
                                                      @PathVariable("commentId") Long commentId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.reportComment(user, feedId, commentId, SPOILER);
-
         return ResponseEntity
                 .status(CREATED)
                 .build();
@@ -225,9 +193,7 @@ public ResponseEntity<Void> reportCommentSpoiler(@AuthenticationPrincipal User u
     public ResponseEntity<Void> reportCommentImpertinence(@AuthenticationPrincipal User user,
                                                           @PathVariable("feedId") Long feedId,
                                                           @PathVariable("commentId") Long commentId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         feedService.reportComment(user, feedId, commentId, IMPERTINENCE);
-
         return ResponseEntity
                 .status(CREATED)
                 .build();

From d964616bc2d9969bb416adc9fdd8372ad0b30f62 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 02:45:16 +0900
Subject: [PATCH 042/122] =?UTF-8?q?[FIX]=20=EB=B3=80=EA=B2=BD=EB=90=9C=20A?=
 =?UTF-8?q?uthorizationService.validate=20=EC=8B=9C=EA=B7=B8=EB=8B=88?=
 =?UTF-8?q?=EC=B2=98=EC=97=90=20=EB=A7=9E=EC=B6=94=EC=96=B4=20=ED=8C=8C?=
 =?UTF-8?q?=EB=9D=BC=EB=AF=B8=ED=84=B0=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/FeedController.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index c958c2359..e4d1632e3 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -63,7 +63,7 @@ public ResponseEntity<Void> updateFeed(@AuthenticationPrincipal User user,
     }
 
     @DeleteMapping("/{feedId}")
-    @PreAuthorize("@authorizationService.validate(#feedId, #userId, T(org.websoso.WSSServer.domain.Feed))")
+    @PreAuthorize("@authorizationService.validate(#feedId, #user, T(org.websoso.WSSServer.domain.Feed))")
     public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId) {
         feedService.deleteFeed(feedId);

From e4199478063ceeddc77d1ab18819ebe7c4dd27cd Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 02:45:44 +0900
Subject: [PATCH 043/122] =?UTF-8?q?[REMOVE]=20=EC=A3=BC=EC=9E=85=ED=95=98?=
 =?UTF-8?q?=EC=97=AC=20=EC=82=AC=EC=9A=A9=ED=95=98=EC=A7=80=20=EC=95=8A?=
 =?UTF-8?q?=EB=8A=94=20UserService=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/FeedController.java   | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index e4d1632e3..dceab355a 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -32,7 +32,6 @@
 import org.websoso.WSSServer.dto.popularFeed.PopularFeedsGetResponse;
 import org.websoso.WSSServer.service.FeedService;
 import org.websoso.WSSServer.service.PopularFeedService;
-import org.websoso.WSSServer.service.UserService;
 
 @RequestMapping("/feeds")
 @RestController
@@ -40,7 +39,6 @@
 public class FeedController {
 
     private final FeedService feedService;
-    private final UserService userService;
     private final PopularFeedService popularFeedService;
 
     @PostMapping

From 822c5602547c6e8bb3a90a5fb093803c50c421e4 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 02:51:13 +0900
Subject: [PATCH 044/122] =?UTF-8?q?[STYLE]=20=EB=A9=94=EC=84=9C=EB=93=9C?=
 =?UTF-8?q?=20=EC=88=9C=EC=84=9C=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/FeedController.java  | 52 +++++++++----------
 1 file changed, 26 insertions(+), 26 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index dceab355a..f87064725 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -50,6 +50,24 @@ public ResponseEntity<Void> createFeed(@AuthenticationPrincipal User user,
                 .build();
     }
 
+    @GetMapping("/{feedId}")
+    public ResponseEntity<FeedGetResponse> getFeed(@AuthenticationPrincipal User user,
+                                                   @PathVariable("feedId") Long feedId) {
+        return ResponseEntity
+                .status(OK)
+                .body(feedService.getFeedById(user, feedId));
+    }
+
+    @GetMapping
+    public ResponseEntity<FeedsGetResponse> getFeeds(@AuthenticationPrincipal User user,
+                                                     @RequestParam(value = "category", required = false) String category,
+                                                     @RequestParam("lastFeedId") Long lastFeedId,
+                                                     @RequestParam("size") int size) {
+        return ResponseEntity
+                .status(OK)
+                .body(feedService.getFeeds(user, category, lastFeedId, size));
+    }
+
     @PutMapping("/{feedId}")
     public ResponseEntity<Void> updateFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId,
@@ -88,14 +106,6 @@ public ResponseEntity<Void> unLikeFeed(@AuthenticationPrincipal User user,
                 .build();
     }
 
-    @GetMapping("/{feedId}")
-    public ResponseEntity<FeedGetResponse> getFeed(@AuthenticationPrincipal User user,
-                                                   @PathVariable("feedId") Long feedId) {
-        return ResponseEntity
-                .status(OK)
-                .body(feedService.getFeedById(user, feedId));
-    }
-
     @GetMapping("/popular")
     public ResponseEntity<PopularFeedsGetResponse> getPopularFeeds(@AuthenticationPrincipal User user) {
         return ResponseEntity
@@ -103,16 +113,6 @@ public ResponseEntity<PopularFeedsGetResponse> getPopularFeeds(@AuthenticationPr
                 .body(popularFeedService.getPopularFeeds(user));
     }
 
-    @GetMapping
-    public ResponseEntity<FeedsGetResponse> getFeeds(@AuthenticationPrincipal User user,
-                                                     @RequestParam(value = "category", required = false) String category,
-                                                     @RequestParam("lastFeedId") Long lastFeedId,
-                                                     @RequestParam("size") int size) {
-        return ResponseEntity
-                .status(OK)
-                .body(feedService.getFeeds(user, category, lastFeedId, size));
-    }
-
     @GetMapping("/interest")
     public ResponseEntity<InterestFeedsGetResponse> getInterestFeeds(@AuthenticationPrincipal User user) {
         return ResponseEntity
@@ -130,6 +130,14 @@ public ResponseEntity<Void> createComment(@AuthenticationPrincipal User user,
                 .build();
     }
 
+    @GetMapping("/{feedId}/comments")
+    public ResponseEntity<CommentsGetResponse> getComments(@AuthenticationPrincipal User user,
+                                                           @PathVariable("feedId") Long feedId) {
+        return ResponseEntity
+                .status(OK)
+                .body(feedService.getComments(user, feedId));
+    }
+
     @PutMapping("/{feedId}/comments/{commentId}")
     public ResponseEntity<Void> updateComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
@@ -151,14 +159,6 @@ public ResponseEntity<Void> deleteComment(@AuthenticationPrincipal User user,
                 .build();
     }
 
-    @GetMapping("/{feedId}/comments")
-    public ResponseEntity<CommentsGetResponse> getComments(@AuthenticationPrincipal User user,
-                                                           @PathVariable("feedId") Long feedId) {
-        return ResponseEntity
-                .status(OK)
-                .body(feedService.getComments(user, feedId));
-    }
-
     @PostMapping("/{feedId}/spoiler")
     public ResponseEntity<Void> reportFeedSpoiler(@AuthenticationPrincipal User user,
                                                   @PathVariable("feedId") Long feedId) {

From 296f81ed0c1b4d5d3cd3db4cf6006b75a82efc76 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 03:06:39 +0900
Subject: [PATCH 045/122] =?UTF-8?q?[FEAT]=20=EC=9D=B8=EC=A6=9D=EB=90=9C=20?=
 =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9E=90=EC=9D=BC=20=EB=95=8C=EB=A7=8C=20?=
 =?UTF-8?q?=EC=B2=98=EB=A6=AC=ED=95=98=EB=8A=94=20=EC=9A=94=EC=B2=AD?=
 =?UTF-8?q?=EC=97=90=20@PreAuthorize=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/FeedController.java     | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index f87064725..c54933bc4 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -42,6 +42,7 @@ public class FeedController {
     private final PopularFeedService popularFeedService;
 
     @PostMapping
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> createFeed(@AuthenticationPrincipal User user,
                                            @Valid @RequestBody FeedCreateRequest request) {
         feedService.createFeed(user, request);
@@ -51,6 +52,7 @@ public ResponseEntity<Void> createFeed(@AuthenticationPrincipal User user,
     }
 
     @GetMapping("/{feedId}")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<FeedGetResponse> getFeed(@AuthenticationPrincipal User user,
                                                    @PathVariable("feedId") Long feedId) {
         return ResponseEntity
@@ -69,6 +71,7 @@ public ResponseEntity<FeedsGetResponse> getFeeds(@AuthenticationPrincipal User u
     }
 
     @PutMapping("/{feedId}")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> updateFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId,
                                            @Valid @RequestBody FeedUpdateRequest request) {
@@ -79,7 +82,7 @@ public ResponseEntity<Void> updateFeed(@AuthenticationPrincipal User user,
     }
 
     @DeleteMapping("/{feedId}")
-    @PreAuthorize("@authorizationService.validate(#feedId, #user, T(org.websoso.WSSServer.domain.Feed))")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId) {
         feedService.deleteFeed(feedId);
@@ -89,6 +92,7 @@ public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal User user,
     }
 
     @PostMapping("/{feedId}/likes")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> likeFeed(@AuthenticationPrincipal User user,
                                          @PathVariable("feedId") Long feedId) {
         feedService.likeFeed(user, feedId);
@@ -98,6 +102,7 @@ public ResponseEntity<Void> likeFeed(@AuthenticationPrincipal User user,
     }
 
     @DeleteMapping("/{feedId}/likes")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> unLikeFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId) {
         feedService.unLikeFeed(user, feedId);
@@ -114,6 +119,7 @@ public ResponseEntity<PopularFeedsGetResponse> getPopularFeeds(@AuthenticationPr
     }
 
     @GetMapping("/interest")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<InterestFeedsGetResponse> getInterestFeeds(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
@@ -121,6 +127,7 @@ public ResponseEntity<InterestFeedsGetResponse> getInterestFeeds(@Authentication
     }
 
     @PostMapping("/{feedId}/comments")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> createComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @Valid @RequestBody CommentCreateRequest request) {
@@ -131,6 +138,7 @@ public ResponseEntity<Void> createComment(@AuthenticationPrincipal User user,
     }
 
     @GetMapping("/{feedId}/comments")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<CommentsGetResponse> getComments(@AuthenticationPrincipal User user,
                                                            @PathVariable("feedId") Long feedId) {
         return ResponseEntity
@@ -139,6 +147,7 @@ public ResponseEntity<CommentsGetResponse> getComments(@AuthenticationPrincipal
     }
 
     @PutMapping("/{feedId}/comments/{commentId}")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> updateComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @PathVariable("commentId") Long commentId,
@@ -150,6 +159,7 @@ public ResponseEntity<Void> updateComment(@AuthenticationPrincipal User user,
     }
 
     @DeleteMapping("/{feedId}/comments/{commentId}")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> deleteComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @PathVariable("commentId") Long commentId) {
@@ -160,6 +170,7 @@ public ResponseEntity<Void> deleteComment(@AuthenticationPrincipal User user,
     }
 
     @PostMapping("/{feedId}/spoiler")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> reportFeedSpoiler(@AuthenticationPrincipal User user,
                                                   @PathVariable("feedId") Long feedId) {
         feedService.reportFeed(user, feedId, SPOILER);
@@ -169,6 +180,7 @@ public ResponseEntity<Void> reportFeedSpoiler(@AuthenticationPrincipal User user
     }
 
     @PostMapping("/{feedId}/impertinence")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> reportedFeedImpertinence(@AuthenticationPrincipal User user,
                                                          @PathVariable("feedId") Long feedId) {
         feedService.reportFeed(user, feedId, IMPERTINENCE);
@@ -178,6 +190,7 @@ public ResponseEntity<Void> reportedFeedImpertinence(@AuthenticationPrincipal Us
     }
 
     @PostMapping("/{feedId}/comments/{commentId}/spoiler")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> reportCommentSpoiler(@AuthenticationPrincipal User user,
                                                      @PathVariable("feedId") Long feedId,
                                                      @PathVariable("commentId") Long commentId) {
@@ -188,6 +201,7 @@ public ResponseEntity<Void> reportCommentSpoiler(@AuthenticationPrincipal User u
     }
 
     @PostMapping("/{feedId}/comments/{commentId}/impertinence")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> reportCommentImpertinence(@AuthenticationPrincipal User user,
                                                           @PathVariable("feedId") Long feedId,
                                                           @PathVariable("commentId") Long commentId) {

From 50f8355881576eefe7eb3cffab903c0f73d370b6 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 03:07:45 +0900
Subject: [PATCH 046/122] =?UTF-8?q?[FEAT]=20=EB=A6=AC=EC=86=8C=EC=8A=A4=20?=
 =?UTF-8?q?=EC=A1=B0=EC=9E=91=20=EA=B6=8C=ED=95=9C=20=ED=99=95=EC=9D=B8?=
 =?UTF-8?q?=EC=9D=84=20=EC=9C=84=ED=95=B4=20@PreAuthorize=EC=97=90=20valid?=
 =?UTF-8?q?ate=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../websoso/WSSServer/controller/FeedController.java   | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index c54933bc4..ab1ab39db 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -71,7 +71,7 @@ public ResponseEntity<FeedsGetResponse> getFeeds(@AuthenticationPrincipal User u
     }
 
     @PutMapping("/{feedId}")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @authorizationService.validate(#feedId, #user, T(org.websoso.WSSServer.domain.Feed))")
     public ResponseEntity<Void> updateFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId,
                                            @Valid @RequestBody FeedUpdateRequest request) {
@@ -82,7 +82,7 @@ public ResponseEntity<Void> updateFeed(@AuthenticationPrincipal User user,
     }
 
     @DeleteMapping("/{feedId}")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @authorizationService.validate(#feedId, #user, T(org.websoso.WSSServer.domain.Feed))")
     public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId) {
         feedService.deleteFeed(feedId);
@@ -102,7 +102,7 @@ public ResponseEntity<Void> likeFeed(@AuthenticationPrincipal User user,
     }
 
     @DeleteMapping("/{feedId}/likes")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @authorizationService.validate(#feedId, #user, T(org.websoso.WSSServer.domain.Feed))")
     public ResponseEntity<Void> unLikeFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId) {
         feedService.unLikeFeed(user, feedId);
@@ -147,7 +147,7 @@ public ResponseEntity<CommentsGetResponse> getComments(@AuthenticationPrincipal
     }
 
     @PutMapping("/{feedId}/comments/{commentId}")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @authorizationService.validate(#feedId, #user, T(org.websoso.WSSServer.domain.Feed))")
     public ResponseEntity<Void> updateComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @PathVariable("commentId") Long commentId,
@@ -159,7 +159,7 @@ public ResponseEntity<Void> updateComment(@AuthenticationPrincipal User user,
     }
 
     @DeleteMapping("/{feedId}/comments/{commentId}")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @authorizationService.validate(#feedId, #user, T(org.websoso.WSSServer.domain.Feed))")
     public ResponseEntity<Void> deleteComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @PathVariable("commentId") Long commentId) {

From 60bc5c29b98959b81852bace11bcd2ec28127520 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 03:21:17 +0900
Subject: [PATCH 047/122] =?UTF-8?q?[REFACTOR]=20Feed=20=EA=B0=9D=EC=B2=B4?=
 =?UTF-8?q?=20=EC=83=9D=EC=84=B1=20-=20=EC=A0=95=EC=A0=81=20=ED=8C=A9?=
 =?UTF-8?q?=ED=86=A0=EB=A6=AC=20=EB=A9=94=EC=84=9C=EB=93=9C=EB=A1=9C=20?=
 =?UTF-8?q?=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

@Builder 제거, private 생성자로 변경: @Builder 사용 시 추적 어려움, 불필요한 생성자 호출 X, 코드 일관성 유지
---
 src/main/java/org/websoso/WSSServer/domain/Feed.java | 12 ++++++------
 .../org/websoso/WSSServer/service/FeedService.java   |  7 +------
 2 files changed, 7 insertions(+), 12 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/domain/Feed.java b/src/main/java/org/websoso/WSSServer/domain/Feed.java
index 2d5355264..9365a23c9 100644
--- a/src/main/java/org/websoso/WSSServer/domain/Feed.java
+++ b/src/main/java/org/websoso/WSSServer/domain/Feed.java
@@ -18,7 +18,6 @@
 import java.util.List;
 import java.util.Objects;
 import lombok.AccessLevel;
-import lombok.Builder;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
 import org.hibernate.annotations.DynamicInsert;
@@ -73,14 +72,15 @@ public class Feed {
     @OneToOne(mappedBy = "feed", cascade = ALL, fetch = FetchType.LAZY, orphanRemoval = true)
     private PopularFeed popularFeed;
 
-    @Builder
-    public Feed(String feedContent, Boolean isSpoiler, Long novelId, User user) {
+    private Feed(String feedContent, Long novelId, Boolean isSpoiler, User user) {
         this.feedContent = feedContent;
-        this.isSpoiler = isSpoiler;
         this.novelId = novelId;
+        this.isSpoiler = isSpoiler;
         this.user = user;
-        this.createdDate = LocalDateTime.now();
-        this.modifiedDate = this.createdDate;
+    }
+
+    public static Feed create(String feedContent, Long novelId, Boolean isSpoiler, User user) {
+        return new Feed(feedContent, novelId, isSpoiler, user);
     }
 
     public void updateFeed(String feedContent, Boolean isSpoiler, Long novelId) {
diff --git a/src/main/java/org/websoso/WSSServer/service/FeedService.java b/src/main/java/org/websoso/WSSServer/service/FeedService.java
index 7adf0e840..ffbd360a3 100644
--- a/src/main/java/org/websoso/WSSServer/service/FeedService.java
+++ b/src/main/java/org/websoso/WSSServer/service/FeedService.java
@@ -86,12 +86,7 @@ public void createFeed(User user, FeedCreateRequest request) {
         if (request.novelId() != null) {
             novelService.getNovelOrException(request.novelId());
         }
-        Feed feed = Feed.builder()
-                .feedContent(request.feedContent())
-                .isSpoiler(request.isSpoiler())
-                .novelId(request.novelId())
-                .user(user)
-                .build();
+        Feed feed = Feed.create(request.feedContent(), request.novelId(), request.isSpoiler(), user);
         feedRepository.save(feed);
         feedCategoryService.createFeedCategory(feed, request.relevantCategories());
     }

From 6f512beaf78cdd192cda965d002ccd078070ebde Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 17 Mar 2025 03:32:44 +0900
Subject: [PATCH 048/122] =?UTF-8?q?[REFACTOR]=20Novel=20=EC=A1=B4=EC=9E=AC?=
 =?UTF-8?q?=20=EC=97=AC=EB=B6=80=20=EA=B2=80=EC=A6=9D=20=EB=A1=9C=EC=A7=81?=
 =?UTF-8?q?=20Optional=EB=A1=9C=20=EA=B0=9C=EC=84=A0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

: 가독성 향상
---
 .../java/org/websoso/WSSServer/service/FeedService.java     | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/service/FeedService.java b/src/main/java/org/websoso/WSSServer/service/FeedService.java
index ffbd360a3..984dc117b 100644
--- a/src/main/java/org/websoso/WSSServer/service/FeedService.java
+++ b/src/main/java/org/websoso/WSSServer/service/FeedService.java
@@ -14,6 +14,7 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
+import java.util.Optional;
 import java.util.Set;
 import java.util.stream.Collectors;
 import lombok.RequiredArgsConstructor;
@@ -83,9 +84,8 @@ public class FeedService {
     private final NotificationRepository notificationRepository;
 
     public void createFeed(User user, FeedCreateRequest request) {
-        if (request.novelId() != null) {
-            novelService.getNovelOrException(request.novelId());
-        }
+        Optional.ofNullable(request.novelId())
+                .ifPresent(novelService::getNovelOrException);
         Feed feed = Feed.create(request.feedContent(), request.novelId(), request.isSpoiler(), user);
         feedRepository.save(feed);
         feedCategoryService.createFeedCategory(feed, request.relevantCategories());

From 1cecebaf6100d06743fa77807c4f4ae85b9117bf Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:02:58 +0900
Subject: [PATCH 049/122] =?UTF-8?q?[REFACTOR]=20Principal=20=EB=8C=80?=
 =?UTF-8?q?=EC=8B=A0=20@AuthenticationPrincipal=20User=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/controller/AuthController.java    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/AuthController.java b/src/main/java/org/websoso/WSSServer/controller/AuthController.java
index c63833b61..c85aad792 100644
--- a/src/main/java/org/websoso/WSSServer/controller/AuthController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/AuthController.java
@@ -4,9 +4,9 @@
 import static org.springframework.http.HttpStatus.OK;
 
 import jakarta.validation.Valid;
-import java.security.Principal;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestHeader;
@@ -55,7 +55,7 @@ public ResponseEntity<AuthResponse> loginByApple(@Valid @RequestBody AppleLoginR
     }
 
     @PostMapping("/auth/logout")
-    public ResponseEntity<Void> logout(Principal principal,
+    public ResponseEntity<Void> logout(@AuthenticationPrincipal User user,
                                        @Valid @RequestBody LogoutRequest request) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         String refreshToken = request.refreshToken();
@@ -67,7 +67,7 @@ public ResponseEntity<Void> logout(Principal principal,
     }
 
     @PostMapping("/auth/withdraw")
-    public ResponseEntity<Void> withdrawUser(Principal principal,
+    public ResponseEntity<Void> withdrawUser(@AuthenticationPrincipal User user,
                                              @Valid @RequestBody WithdrawalRequest withdrawalRequest) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.withdrawUser(user, withdrawalRequest);

From 22fff0748900ae0fcb563867f6783856c6ee99ff Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:03:51 +0900
Subject: [PATCH 050/122] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?=
 =?UTF-8?q?=ED=95=9C=20principal.getName()=20=ED=9B=84=20User=20=EC=A1=B0?=
 =?UTF-8?q?=ED=9A=8C=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/AuthController.java   | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/AuthController.java b/src/main/java/org/websoso/WSSServer/controller/AuthController.java
index c85aad792..5a1227f3a 100644
--- a/src/main/java/org/websoso/WSSServer/controller/AuthController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/AuthController.java
@@ -57,7 +57,6 @@ public ResponseEntity<AuthResponse> loginByApple(@Valid @RequestBody AppleLoginR
     @PostMapping("/auth/logout")
     public ResponseEntity<Void> logout(@AuthenticationPrincipal User user,
                                        @Valid @RequestBody LogoutRequest request) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         String refreshToken = request.refreshToken();
         String deviceIdentifier = request.deviceIdentifier();
         userService.logout(user, refreshToken, deviceIdentifier);
@@ -69,7 +68,6 @@ public ResponseEntity<Void> logout(@AuthenticationPrincipal User user,
     @PostMapping("/auth/withdraw")
     public ResponseEntity<Void> withdrawUser(@AuthenticationPrincipal User user,
                                              @Valid @RequestBody WithdrawalRequest withdrawalRequest) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.withdrawUser(user, withdrawalRequest);
         return ResponseEntity
                 .status(NO_CONTENT)

From e9bcbf653cc91ea12d7dfc1cff02b203601c491f Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:05:57 +0900
Subject: [PATCH 051/122] =?UTF-8?q?[FEAT]=20=EC=9D=B8=EC=A6=9D=EB=90=9C=20?=
 =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9E=90=EC=9D=BC=20=EB=95=8C=EB=A7=8C=20?=
 =?UTF-8?q?=EC=B2=98=EB=A6=AC=ED=95=98=EB=8A=94=20=EC=9A=94=EC=B2=AD?=
 =?UTF-8?q?=EC=97=90=20@PreAuthorize=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/AuthController.java  | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/controller/AuthController.java b/src/main/java/org/websoso/WSSServer/controller/AuthController.java
index 5a1227f3a..b5af7cd66 100644
--- a/src/main/java/org/websoso/WSSServer/controller/AuthController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/AuthController.java
@@ -6,6 +6,7 @@
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -55,6 +56,7 @@ public ResponseEntity<AuthResponse> loginByApple(@Valid @RequestBody AppleLoginR
     }
 
     @PostMapping("/auth/logout")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> logout(@AuthenticationPrincipal User user,
                                        @Valid @RequestBody LogoutRequest request) {
         String refreshToken = request.refreshToken();
@@ -66,6 +68,7 @@ public ResponseEntity<Void> logout(@AuthenticationPrincipal User user,
     }
 
     @PostMapping("/auth/withdraw")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> withdrawUser(@AuthenticationPrincipal User user,
                                              @Valid @RequestBody WithdrawalRequest withdrawalRequest) {
         userService.withdrawUser(user, withdrawalRequest);

From 554716640b3225624736bd9a8a863b5eae1c977b Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:06:31 +0900
Subject: [PATCH 052/122] =?UTF-8?q?[REFACTOR]=20Principal=20=EB=8C=80?=
 =?UTF-8?q?=EC=8B=A0=20@AuthenticationPrincipal=20User=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/controller/AvatarController.java    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/AvatarController.java b/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
index 9154c11af..e54dd87dc 100644
--- a/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
@@ -2,9 +2,9 @@
 
 import static org.springframework.http.HttpStatus.OK;
 
-import java.security.Principal;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -23,7 +23,7 @@ public class AvatarController {
 
 
     @GetMapping
-    public ResponseEntity<AvatarsGetResponse> getAvatarList(Principal principal) {
+    public ResponseEntity<AvatarsGetResponse> getAvatarList(@AuthenticationPrincipal User user) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)

From 0e8a1a42b052c39dd1e49f5ce9d27d002f357bd2 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:07:25 +0900
Subject: [PATCH 053/122] =?UTF-8?q?[FEAT]=20=EC=9D=B8=EC=A6=9D=EB=90=9C=20?=
 =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9E=90=EC=9D=BC=20=EB=95=8C=EB=A7=8C=20?=
 =?UTF-8?q?=EC=B2=98=EB=A6=AC=ED=95=98=EB=8A=94=20=EC=9A=94=EC=B2=AD?=
 =?UTF-8?q?=EC=97=90=20@PreAuthorize=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/AvatarController.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/controller/AvatarController.java b/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
index e54dd87dc..ffb76daaf 100644
--- a/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
@@ -4,6 +4,7 @@
 
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -23,6 +24,7 @@ public class AvatarController {
 
 
     @GetMapping
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<AvatarsGetResponse> getAvatarList(@AuthenticationPrincipal User user) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity

From a22000cb9df92f45f705214666ca08da954a03a7 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:07:33 +0900
Subject: [PATCH 054/122] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?=
 =?UTF-8?q?=ED=95=9C=20principal.getName()=20=ED=9B=84=20User=20=EC=A1=B0?=
 =?UTF-8?q?=ED=9A=8C=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/AvatarController.java  | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/AvatarController.java b/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
index ffb76daaf..ddc483a1d 100644
--- a/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
@@ -26,7 +26,6 @@ public class AvatarController {
     @GetMapping
     @PreAuthorize("isAuthenticated()")
     public ResponseEntity<AvatarsGetResponse> getAvatarList(@AuthenticationPrincipal User user) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(avatarService.getAvatarList(user));

From 09179b03a1984646a65c967229a598827b68d221 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:07:54 +0900
Subject: [PATCH 055/122] =?UTF-8?q?[REMOVE]=20=EC=A3=BC=EC=9E=85=ED=95=98?=
 =?UTF-8?q?=EC=97=AC=20=EC=82=AC=EC=9A=A9=ED=95=98=EC=A7=80=20=EC=95=8A?=
 =?UTF-8?q?=EB=8A=94=20UserService=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/controller/AvatarController.java     | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/AvatarController.java b/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
index ddc483a1d..20e224b02 100644
--- a/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/AvatarController.java
@@ -12,7 +12,6 @@
 import org.websoso.WSSServer.domain.User;
 import org.websoso.WSSServer.dto.avatar.AvatarsGetResponse;
 import org.websoso.WSSServer.service.AvatarService;
-import org.websoso.WSSServer.service.UserService;
 
 @RequestMapping("/avatars")
 @RestController
@@ -20,8 +19,6 @@
 public class AvatarController {
 
     private final AvatarService avatarService;
-    private final UserService userService;
-
 
     @GetMapping
     @PreAuthorize("isAuthenticated()")

From 874df1732f43e96141ac986439490154a81cae05 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:09:15 +0900
Subject: [PATCH 056/122] =?UTF-8?q?[REFACTOR]=20Principal=20=EB=8C=80?=
 =?UTF-8?q?=EC=8B=A0=20@AuthenticationPrincipal=20User=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/controller/BlockController.java | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/BlockController.java b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
index 602a354c8..0ddbe28ca 100644
--- a/src/main/java/org/websoso/WSSServer/controller/BlockController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
@@ -4,9 +4,9 @@
 import static org.springframework.http.HttpStatus.NO_CONTENT;
 import static org.springframework.http.HttpStatus.OK;
 
-import java.security.Principal;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -30,7 +30,7 @@ public class BlockController {
     private final BlockService blockService;
 
     @PostMapping
-    public ResponseEntity<Void> block(Principal principal,
+    public ResponseEntity<Void> block(@AuthenticationPrincipal User user,
                                       @RequestParam("userId") @UserIdConstraint Long blockedId) {
         User blocker = userService.getUserOrException(Long.valueOf(principal.getName()));
         blockService.block(blocker, blockedId);
@@ -40,7 +40,7 @@ public ResponseEntity<Void> block(Principal principal,
     }
 
     @GetMapping
-    public ResponseEntity<BlocksGetResponse> getBlockList(Principal principal) {
+    public ResponseEntity<BlocksGetResponse> getBlockList(@AuthenticationPrincipal User user) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
@@ -48,7 +48,7 @@ public ResponseEntity<BlocksGetResponse> getBlockList(Principal principal) {
     }
 
     @DeleteMapping("/{blockId}")
-    public ResponseEntity<Void> deleteBlock(Principal principal,
+    public ResponseEntity<Void> deleteBlock(@AuthenticationPrincipal User user,
                                             @PathVariable("blockId") @BlockIdConstraint Long blockId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         blockService.deleteBlock(user, blockId);

From b73c4b740ca3b87a14c20172c9f10eea4a8ecb27 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:10:06 +0900
Subject: [PATCH 057/122] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?=
 =?UTF-8?q?=ED=95=9C=20principal.getName()=20=ED=9B=84=20User=20=EC=A1=B0?=
 =?UTF-8?q?=ED=9A=8C=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/BlockController.java | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/BlockController.java b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
index 0ddbe28ca..a6d069eab 100644
--- a/src/main/java/org/websoso/WSSServer/controller/BlockController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
@@ -32,7 +32,6 @@ public class BlockController {
     @PostMapping
     public ResponseEntity<Void> block(@AuthenticationPrincipal User user,
                                       @RequestParam("userId") @UserIdConstraint Long blockedId) {
-        User blocker = userService.getUserOrException(Long.valueOf(principal.getName()));
         blockService.block(blocker, blockedId);
         return ResponseEntity
                 .status(CREATED)
@@ -41,7 +40,6 @@ public ResponseEntity<Void> block(@AuthenticationPrincipal User user,
 
     @GetMapping
     public ResponseEntity<BlocksGetResponse> getBlockList(@AuthenticationPrincipal User user) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(blockService.getBlockList(user));
@@ -50,7 +48,6 @@ public ResponseEntity<BlocksGetResponse> getBlockList(@AuthenticationPrincipal U
     @DeleteMapping("/{blockId}")
     public ResponseEntity<Void> deleteBlock(@AuthenticationPrincipal User user,
                                             @PathVariable("blockId") @BlockIdConstraint Long blockId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         blockService.deleteBlock(user, blockId);
         return ResponseEntity
                 .status(NO_CONTENT)

From 9c6c4b037edc303609b371a70fd8dbc5db29df07 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:10:29 +0900
Subject: [PATCH 058/122] =?UTF-8?q?[REFACTOR]=20=ED=8C=8C=EB=9D=BC?=
 =?UTF-8?q?=EB=AF=B8=ED=84=B0=20rename?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/BlockController.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/BlockController.java b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
index a6d069eab..8ddb5c91c 100644
--- a/src/main/java/org/websoso/WSSServer/controller/BlockController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
@@ -30,7 +30,7 @@ public class BlockController {
     private final BlockService blockService;
 
     @PostMapping
-    public ResponseEntity<Void> block(@AuthenticationPrincipal User user,
+    public ResponseEntity<Void> block(@AuthenticationPrincipal User blocker,
                                       @RequestParam("userId") @UserIdConstraint Long blockedId) {
         blockService.block(blocker, blockedId);
         return ResponseEntity

From 4821dba1df7a990d1dec5c67649130a37370f53f Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:10:57 +0900
Subject: [PATCH 059/122] =?UTF-8?q?[REMOVE]=20=EC=A3=BC=EC=9E=85=ED=95=98?=
 =?UTF-8?q?=EC=97=AC=20=EC=82=AC=EC=9A=A9=ED=95=98=EC=A7=80=20=EC=95=8A?=
 =?UTF-8?q?=EB=8A=94=20UserService=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/BlockController.java  | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/BlockController.java b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
index 8ddb5c91c..3d4406797 100644
--- a/src/main/java/org/websoso/WSSServer/controller/BlockController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
@@ -17,7 +17,6 @@
 import org.websoso.WSSServer.domain.User;
 import org.websoso.WSSServer.dto.block.BlocksGetResponse;
 import org.websoso.WSSServer.service.BlockService;
-import org.websoso.WSSServer.service.UserService;
 import org.websoso.WSSServer.validation.BlockIdConstraint;
 import org.websoso.WSSServer.validation.UserIdConstraint;
 
@@ -26,7 +25,6 @@
 @RequiredArgsConstructor
 public class BlockController {
 
-    private final UserService userService;
     private final BlockService blockService;
 
     @PostMapping

From bff8bce6535467cc909cdcee0d74a9a288c7253c Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:15:33 +0900
Subject: [PATCH 060/122] =?UTF-8?q?[FEAT]=20=EC=9D=B8=EC=A6=9D=EB=90=9C=20?=
 =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9E=90=EC=9D=BC=20=EB=95=8C=EB=A7=8C=20?=
 =?UTF-8?q?=EC=B2=98=EB=A6=AC=ED=95=98=EB=8A=94=20=EC=9A=94=EC=B2=AD?=
 =?UTF-8?q?=EC=97=90=20@PreAuthorize=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/controller/BlockController.java     | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/controller/BlockController.java b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
index 3d4406797..dc8e37a84 100644
--- a/src/main/java/org/websoso/WSSServer/controller/BlockController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
@@ -6,6 +6,7 @@
 
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -28,6 +29,7 @@ public class BlockController {
     private final BlockService blockService;
 
     @PostMapping
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> block(@AuthenticationPrincipal User blocker,
                                       @RequestParam("userId") @UserIdConstraint Long blockedId) {
         blockService.block(blocker, blockedId);
@@ -37,6 +39,7 @@ public ResponseEntity<Void> block(@AuthenticationPrincipal User blocker,
     }
 
     @GetMapping
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<BlocksGetResponse> getBlockList(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
@@ -44,6 +47,7 @@ public ResponseEntity<BlocksGetResponse> getBlockList(@AuthenticationPrincipal U
     }
 
     @DeleteMapping("/{blockId}")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> deleteBlock(@AuthenticationPrincipal User user,
                                             @PathVariable("blockId") @BlockIdConstraint Long blockId) {
         blockService.deleteBlock(user, blockId);

From aaa92848caa5f4c13d3cd77d561d53e4a33bc457 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:23:48 +0900
Subject: [PATCH 061/122] =?UTF-8?q?[FEAT]=20BlockAuthorizationValidator=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../BlockAuthorizationValidator.java          | 44 +++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java
new file mode 100644
index 000000000..474855ce0
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java
@@ -0,0 +1,44 @@
+package org.websoso.WSSServer.auth.validator;
+
+import static org.websoso.WSSServer.exception.error.CustomBlockError.BLOCK_NOT_FOUND;
+import static org.websoso.WSSServer.exception.error.CustomBlockError.INVALID_AUTHORIZED_BLOCK;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+import org.websoso.WSSServer.domain.Block;
+import org.websoso.WSSServer.domain.User;
+import org.websoso.WSSServer.exception.exception.CustomBlockException;
+import org.websoso.WSSServer.repository.BlockRepository;
+
+@Component
+@RequiredArgsConstructor
+public class BlockAuthorizationValidator implements ResourceAuthorizationValidator {
+
+    private final BlockRepository blockRepository;
+
+    @Override
+    public boolean hasPermission(Long blockId, User user) {
+        Block block = getBlockOrException(blockId);
+
+        if (!isBlockOwner(block, user)) {
+            throw new CustomBlockException(INVALID_AUTHORIZED_BLOCK,
+                    "block with the given blockId is not from user with the given userId");
+        }
+        return true;
+    }
+
+    private Block getBlockOrException(Long blockId) {
+        return blockRepository.findById(blockId)
+                .orElseThrow(
+                        () -> new CustomBlockException(BLOCK_NOT_FOUND, "block with the given blockId was not found"));
+    }
+
+    private boolean isBlockOwner(Block block, User user) {
+        return block.getBlockedId().equals(user.getUserId());
+    }
+
+    @Override
+    public Class<?> getResourceType() {
+        return Block.class;
+    }
+}

From b53d9a9ca118bc847600b392568138fee915efd7 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:24:25 +0900
Subject: [PATCH 062/122] =?UTF-8?q?[FEAT]=20=EB=A6=AC=EC=86=8C=EC=8A=A4=20?=
 =?UTF-8?q?=EC=A1=B0=EC=9E=91=20=EA=B6=8C=ED=95=9C=20=ED=99=95=EC=9D=B8?=
 =?UTF-8?q?=EC=9D=84=20=EC=9C=84=ED=95=B4=20@PreAuthorize=EC=97=90=20valid?=
 =?UTF-8?q?ate=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/BlockController.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/BlockController.java b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
index dc8e37a84..d9640d05e 100644
--- a/src/main/java/org/websoso/WSSServer/controller/BlockController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
@@ -47,7 +47,7 @@ public ResponseEntity<BlocksGetResponse> getBlockList(@AuthenticationPrincipal U
     }
 
     @DeleteMapping("/{blockId}")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @authorizationService.validate(#blockId, #user, T(org.websoso.WSSServer.domain.Block))")
     public ResponseEntity<Void> deleteBlock(@AuthenticationPrincipal User user,
                                             @PathVariable("blockId") @BlockIdConstraint Long blockId) {
         blockService.deleteBlock(user, blockId);

From d0378e330248bcd48e4f2722709afff4c2d1c60d Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:25:56 +0900
Subject: [PATCH 063/122] =?UTF-8?q?[REMOVE]=20BlockService=EC=97=90?=
 =?UTF-8?q?=EC=84=9C=20=EA=B6=8C=ED=95=9C=20=EA=B2=80=EC=A6=9D=20=EB=A1=9C?=
 =?UTF-8?q?=EC=A7=81=20=EC=82=AD=EC=A0=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

BlockAuthorizationValidator에서 처리하기 때문
---
 .../java/org/websoso/WSSServer/service/BlockService.java  | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/service/BlockService.java b/src/main/java/org/websoso/WSSServer/service/BlockService.java
index b4dfbe216..11851a139 100644
--- a/src/main/java/org/websoso/WSSServer/service/BlockService.java
+++ b/src/main/java/org/websoso/WSSServer/service/BlockService.java
@@ -2,9 +2,7 @@
 
 import static org.websoso.WSSServer.domain.common.Role.ADMIN;
 import static org.websoso.WSSServer.exception.error.CustomBlockError.ALREADY_BLOCKED;
-import static org.websoso.WSSServer.exception.error.CustomBlockError.BLOCK_NOT_FOUND;
 import static org.websoso.WSSServer.exception.error.CustomBlockError.CANNOT_ADMIN_BLOCK;
-import static org.websoso.WSSServer.exception.error.CustomBlockError.INVALID_AUTHORIZED_BLOCK;
 import static org.websoso.WSSServer.exception.error.CustomBlockError.SELF_BLOCKED;
 
 import java.util.List;
@@ -60,12 +58,6 @@ public BlocksGetResponse getBlockList(User user) {
 
     @Transactional
     public void deleteBlock(User user, Long blockId) {
-        Block block = blockRepository.findById(blockId).orElseThrow(() ->
-                new CustomBlockException(BLOCK_NOT_FOUND, "block with the given blockId was not found"));
-        if (!block.getBlockingId().equals(user.getUserId())) {
-            throw new CustomBlockException(INVALID_AUTHORIZED_BLOCK,
-                    "block with the given blockId is not from user with the given userId");
-        }
         blockRepository.delete(block);
     }
 

From d7591dfb807102d98a2f8aea68dae9bf55ec6b68 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:27:05 +0900
Subject: [PATCH 064/122] =?UTF-8?q?[FIX]=20BlockService.deleteBlock=20?=
 =?UTF-8?q?=EB=A9=94=EC=84=9C=EB=93=9C=20=EC=8B=9C=EA=B7=B8=EB=8B=88?=
 =?UTF-8?q?=EC=B2=98=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/controller/BlockController.java     | 2 +-
 src/main/java/org/websoso/WSSServer/service/BlockService.java | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/BlockController.java b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
index d9640d05e..dc5876784 100644
--- a/src/main/java/org/websoso/WSSServer/controller/BlockController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/BlockController.java
@@ -50,7 +50,7 @@ public ResponseEntity<BlocksGetResponse> getBlockList(@AuthenticationPrincipal U
     @PreAuthorize("isAuthenticated() and @authorizationService.validate(#blockId, #user, T(org.websoso.WSSServer.domain.Block))")
     public ResponseEntity<Void> deleteBlock(@AuthenticationPrincipal User user,
                                             @PathVariable("blockId") @BlockIdConstraint Long blockId) {
-        blockService.deleteBlock(user, blockId);
+        blockService.deleteBlock(blockId);
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
diff --git a/src/main/java/org/websoso/WSSServer/service/BlockService.java b/src/main/java/org/websoso/WSSServer/service/BlockService.java
index 11851a139..dc5eee5d1 100644
--- a/src/main/java/org/websoso/WSSServer/service/BlockService.java
+++ b/src/main/java/org/websoso/WSSServer/service/BlockService.java
@@ -57,8 +57,8 @@ public BlocksGetResponse getBlockList(User user) {
     }
 
     @Transactional
-    public void deleteBlock(User user, Long blockId) {
-        blockRepository.delete(block);
+    public void deleteBlock(Long blockId) {
+        blockRepository.deleteById(blockId);
     }
 
     public boolean isBlocked(Long blockingId, Long blockedId) {

From 46d3ae44a416d160f615e8b0e2e276f7fe98e6ea Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 18 Mar 2025 00:28:13 +0900
Subject: [PATCH 065/122] =?UTF-8?q?[STYLE]=20=EC=BB=A8=EB=B2=A4=EC=85=98?=
 =?UTF-8?q?=EC=97=90=20=EB=A7=9E=EA=B2=8C=20@Transactional=20=EC=96=B4?=
 =?UTF-8?q?=EB=85=B8=ED=85=8C=EC=9D=B4=EC=85=98=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/service/BlockService.java    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/service/BlockService.java b/src/main/java/org/websoso/WSSServer/service/BlockService.java
index dc5eee5d1..9413ab05d 100644
--- a/src/main/java/org/websoso/WSSServer/service/BlockService.java
+++ b/src/main/java/org/websoso/WSSServer/service/BlockService.java
@@ -19,14 +19,13 @@
 
 @Service
 @RequiredArgsConstructor
-@Transactional(readOnly = true)
+@Transactional
 public class BlockService {
 
     private final UserService userService;
     private final AvatarService avatarService;
     private final BlockRepository blockRepository;
 
-    @Transactional
     public void block(User blocker, Long blockedId) {
         User blockedUser = userService.getUserOrException(blockedId);
         if (blockedUser.getRole() == ADMIN) {
@@ -45,6 +44,7 @@ public void block(User blocker, Long blockedId) {
         blockRepository.save(Block.create(blockingId, blockedId));
     }
 
+    @Transactional(readOnly = true)
     public BlocksGetResponse getBlockList(User user) {
         List<Block> blocks = blockRepository.findByBlockingId(user.getUserId());
         List<BlockGetResponse> blockGetResponses = blocks.stream()
@@ -56,11 +56,11 @@ public BlocksGetResponse getBlockList(User user) {
         return new BlocksGetResponse(blockGetResponses);
     }
 
-    @Transactional
     public void deleteBlock(Long blockId) {
         blockRepository.deleteById(blockId);
     }
 
+    @Transactional(readOnly = true)
     public boolean isBlocked(Long blockingId, Long blockedId) {
         return blockRepository.existsByBlockingIdAndBlockedId(blockingId, blockedId);
     }

From d881f7bd692bd4ba3a742b59ed3e8e37a0326b48 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 23 Mar 2025 16:07:42 +0900
Subject: [PATCH 066/122] =?UTF-8?q?[REMOVE]=20=EA=B3=B5=EC=A7=80=20?=
 =?UTF-8?q?=EA=B5=AC=20=EC=97=94=ED=8B=B0=ED=8B=B0=20Notice=20=EA=B4=80?=
 =?UTF-8?q?=EB=A0=A8=20=ED=81=B4=EB=9E=98=EC=8A=A4=20=EB=B0=8F=20=EC=BD=94?=
 =?UTF-8?q?=EB=93=9C=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../controller/NoticeController.java          | 61 -------------------
 .../org/websoso/WSSServer/domain/Notice.java  | 47 --------------
 .../dto/notice/NoticeEditRequest.java         | 20 ------
 .../dto/notice/NoticeGetResponse.java         | 24 --------
 .../dto/notice/NoticePostRequest.java         | 20 ------
 .../dto/notice/NoticesGetResponse.java        | 17 ------
 .../exception/error/CustomNoticeError.java    | 21 -------
 .../exception/CustomNoticeException.java      | 13 ----
 .../repository/NoticeRepository.java          |  9 ---
 .../WSSServer/service/NoticeService.java      | 59 ------------------
 10 files changed, 291 deletions(-)
 delete mode 100644 src/main/java/org/websoso/WSSServer/controller/NoticeController.java
 delete mode 100644 src/main/java/org/websoso/WSSServer/domain/Notice.java
 delete mode 100644 src/main/java/org/websoso/WSSServer/dto/notice/NoticeEditRequest.java
 delete mode 100644 src/main/java/org/websoso/WSSServer/dto/notice/NoticeGetResponse.java
 delete mode 100644 src/main/java/org/websoso/WSSServer/dto/notice/NoticePostRequest.java
 delete mode 100644 src/main/java/org/websoso/WSSServer/dto/notice/NoticesGetResponse.java
 delete mode 100644 src/main/java/org/websoso/WSSServer/exception/error/CustomNoticeError.java
 delete mode 100644 src/main/java/org/websoso/WSSServer/exception/exception/CustomNoticeException.java
 delete mode 100644 src/main/java/org/websoso/WSSServer/repository/NoticeRepository.java
 delete mode 100644 src/main/java/org/websoso/WSSServer/service/NoticeService.java

diff --git a/src/main/java/org/websoso/WSSServer/controller/NoticeController.java b/src/main/java/org/websoso/WSSServer/controller/NoticeController.java
deleted file mode 100644
index 411f22b36..000000000
--- a/src/main/java/org/websoso/WSSServer/controller/NoticeController.java
+++ /dev/null
@@ -1,61 +0,0 @@
-package org.websoso.WSSServer.controller;
-
-import static org.springframework.http.HttpStatus.CREATED;
-import static org.springframework.http.HttpStatus.NO_CONTENT;
-
-import jakarta.validation.Valid;
-import java.security.Principal;
-import lombok.RequiredArgsConstructor;
-import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-import org.websoso.WSSServer.domain.User;
-import org.websoso.WSSServer.dto.notice.NoticeEditRequest;
-import org.websoso.WSSServer.dto.notice.NoticePostRequest;
-import org.websoso.WSSServer.service.NoticeService;
-import org.websoso.WSSServer.service.UserService;
-
-@RestController
-@RequestMapping("/notices")
-@RequiredArgsConstructor
-public class NoticeController {
-
-    private final NoticeService noticeService;
-    private final UserService userService;
-
-    @PostMapping
-    public ResponseEntity<Void> createNotice(Principal principal,
-                                             @Valid @RequestBody NoticePostRequest noticePostRequest) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
-        noticeService.createNotice(user, noticePostRequest);
-        return ResponseEntity
-                .status(CREATED)
-                .build();
-    }
-
-    @PutMapping("/{noticeId}")
-    public ResponseEntity<Void> editNotice(Principal principal,
-                                           @PathVariable("noticeId") Long noticeId,
-                                           @Valid @RequestBody NoticeEditRequest noticeEditRequest) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
-        noticeService.editNotice(user, noticeId, noticeEditRequest);
-        return ResponseEntity
-                .status(NO_CONTENT)
-                .build();
-    }
-
-    @DeleteMapping("/{noticeId}")
-    public ResponseEntity<Void> deleteNotice(Principal principal,
-                                             @PathVariable("noticeId") Long noticeId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
-        noticeService.deleteNotice(user, noticeId);
-        return ResponseEntity
-                .status(NO_CONTENT)
-                .build();
-    }
-}
diff --git a/src/main/java/org/websoso/WSSServer/domain/Notice.java b/src/main/java/org/websoso/WSSServer/domain/Notice.java
deleted file mode 100644
index 6109c41fd..000000000
--- a/src/main/java/org/websoso/WSSServer/domain/Notice.java
+++ /dev/null
@@ -1,47 +0,0 @@
-package org.websoso.WSSServer.domain;
-
-import static jakarta.persistence.GenerationType.IDENTITY;
-
-import jakarta.persistence.Column;
-import jakarta.persistence.Entity;
-import jakarta.persistence.GeneratedValue;
-import jakarta.persistence.Id;
-import lombok.AccessLevel;
-import lombok.Builder;
-import lombok.Getter;
-import lombok.NoArgsConstructor;
-import org.websoso.WSSServer.domain.common.BaseEntity;
-
-@Entity
-@Getter
-@NoArgsConstructor(access = AccessLevel.PROTECTED)
-public class Notice extends BaseEntity {
-
-    @Id
-    @GeneratedValue(strategy = IDENTITY)
-    @Column(nullable = false)
-    private Long noticeId;
-
-    @Column(columnDefinition = "varchar(200)", nullable = false)
-    private String noticeTitle;
-
-    @Column(columnDefinition = "varchar(2000)", nullable = false)
-    private String noticeContent;
-
-    @Column
-    private Long userId;
-
-    @Builder
-    private Notice(String noticeTitle, String noticeContent, Long userId) {
-        this.noticeTitle = noticeTitle;
-        this.noticeContent = noticeContent;
-        this.userId = userId;
-    }
-
-    public void updateNotice(String noticeTitle, String noticeContent, Long userId) {
-        this.noticeTitle = noticeTitle;
-        this.noticeContent = noticeContent;
-        this.userId = userId;
-    }
-
-}
diff --git a/src/main/java/org/websoso/WSSServer/dto/notice/NoticeEditRequest.java b/src/main/java/org/websoso/WSSServer/dto/notice/NoticeEditRequest.java
deleted file mode 100644
index fdd33d36f..000000000
--- a/src/main/java/org/websoso/WSSServer/dto/notice/NoticeEditRequest.java
+++ /dev/null
@@ -1,20 +0,0 @@
-package org.websoso.WSSServer.dto.notice;
-
-import jakarta.validation.constraints.NotBlank;
-import jakarta.validation.constraints.Size;
-import org.websoso.WSSServer.validation.ZeroAllowedUserIdConstraint;
-
-public record NoticeEditRequest(
-
-        @NotBlank(message = "공지 제목은 비어 있거나, 공백일 수 없습니다.")
-        @Size(max = 200, message = "공지 제목은 200자를 초과할 수 없습니다.")
-        String noticeTitle,
-
-        @NotBlank(message = "공지 내용은 비어 있거나, 공백일 수 없습니다.")
-        @Size(max = 2000, message = "공지 내용은 2000자를 초과할 수 없습니다.")
-        String noticeContent,
-
-        @ZeroAllowedUserIdConstraint
-        Long userId
-) {
-}
diff --git a/src/main/java/org/websoso/WSSServer/dto/notice/NoticeGetResponse.java b/src/main/java/org/websoso/WSSServer/dto/notice/NoticeGetResponse.java
deleted file mode 100644
index 551f1144b..000000000
--- a/src/main/java/org/websoso/WSSServer/dto/notice/NoticeGetResponse.java
+++ /dev/null
@@ -1,24 +0,0 @@
-package org.websoso.WSSServer.dto.notice;
-
-import java.time.LocalDateTime;
-import java.time.format.DateTimeFormatter;
-import org.websoso.WSSServer.domain.Notice;
-
-public record NoticeGetResponse(
-        String noticeTitle,
-        String noticeContent,
-        String createdDate
-) {
-
-    public static NoticeGetResponse from(Notice notice) {
-        return new NoticeGetResponse(
-                notice.getNoticeTitle(),
-                notice.getNoticeContent(),
-                formatDateString(notice.getCreatedDate())
-        );
-    }
-
-    private static String formatDateString(LocalDateTime dateTime) {
-        return dateTime.format(DateTimeFormatter.ofPattern("yyyy.MM.dd"));
-    }
-}
diff --git a/src/main/java/org/websoso/WSSServer/dto/notice/NoticePostRequest.java b/src/main/java/org/websoso/WSSServer/dto/notice/NoticePostRequest.java
deleted file mode 100644
index 0e26947aa..000000000
--- a/src/main/java/org/websoso/WSSServer/dto/notice/NoticePostRequest.java
+++ /dev/null
@@ -1,20 +0,0 @@
-package org.websoso.WSSServer.dto.notice;
-
-import jakarta.validation.constraints.NotBlank;
-import jakarta.validation.constraints.Size;
-import org.websoso.WSSServer.validation.ZeroAllowedUserIdConstraint;
-
-public record NoticePostRequest(
-
-        @NotBlank(message = "공지 제목은 비어 있거나, 공백일 수 없습니다.")
-        @Size(max = 200, message = "공지 제목은 200자를 초과할 수 없습니다.")
-        String noticeTitle,
-
-        @NotBlank(message = "공지 내용은 비어 있거나, 공백일 수 없습니다.")
-        @Size(max = 2000, message = "공지 내용은 2000자를 초과할 수 없습니다.")
-        String noticeContent,
-
-        @ZeroAllowedUserIdConstraint
-        Long userId
-) {
-}
diff --git a/src/main/java/org/websoso/WSSServer/dto/notice/NoticesGetResponse.java b/src/main/java/org/websoso/WSSServer/dto/notice/NoticesGetResponse.java
deleted file mode 100644
index 27f60769a..000000000
--- a/src/main/java/org/websoso/WSSServer/dto/notice/NoticesGetResponse.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package org.websoso.WSSServer.dto.notice;
-
-import java.util.List;
-import java.util.stream.Collectors;
-import org.websoso.WSSServer.domain.Notice;
-
-public record NoticesGetResponse(
-        List<NoticeGetResponse> notices
-) {
-
-    public static NoticesGetResponse of(List<Notice> notices) {
-        List<NoticeGetResponse> noticeList = notices.stream()
-                .map(NoticeGetResponse::from)
-                .collect(Collectors.toList());
-        return new NoticesGetResponse(noticeList);
-    }
-}
diff --git a/src/main/java/org/websoso/WSSServer/exception/error/CustomNoticeError.java b/src/main/java/org/websoso/WSSServer/exception/error/CustomNoticeError.java
deleted file mode 100644
index 70e5fda29..000000000
--- a/src/main/java/org/websoso/WSSServer/exception/error/CustomNoticeError.java
+++ /dev/null
@@ -1,21 +0,0 @@
-package org.websoso.WSSServer.exception.error;
-
-import static org.springframework.http.HttpStatus.FORBIDDEN;
-import static org.springframework.http.HttpStatus.NOT_FOUND;
-
-import lombok.AllArgsConstructor;
-import lombok.Getter;
-import org.springframework.http.HttpStatus;
-import org.websoso.WSSServer.exception.common.ICustomError;
-
-@AllArgsConstructor
-@Getter
-public enum CustomNoticeError implements ICustomError {
-
-    NOTICE_FORBIDDEN("NOTICE-001", "관리자가 아닌 계정은 공지사항을 작성 혹은 수정 혹은 삭제할 수 없습니다.", FORBIDDEN),
-    NOTICE_NOT_FOUND("NOTICE-002", "해당 ID를 가진 공지사항을 찾을 수 없습니다.", NOT_FOUND);
-
-    private final String code;
-    private final String description;
-    private final HttpStatus statusCode;
-}
diff --git a/src/main/java/org/websoso/WSSServer/exception/exception/CustomNoticeException.java b/src/main/java/org/websoso/WSSServer/exception/exception/CustomNoticeException.java
deleted file mode 100644
index 920c6da9a..000000000
--- a/src/main/java/org/websoso/WSSServer/exception/exception/CustomNoticeException.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package org.websoso.WSSServer.exception.exception;
-
-import lombok.Getter;
-import org.websoso.WSSServer.exception.common.AbstractCustomException;
-import org.websoso.WSSServer.exception.error.CustomNoticeError;
-
-@Getter
-public class CustomNoticeException extends AbstractCustomException {
-
-    public CustomNoticeException(CustomNoticeError customNoticeError, String message) {
-        super(customNoticeError, message);
-    }
-}
diff --git a/src/main/java/org/websoso/WSSServer/repository/NoticeRepository.java b/src/main/java/org/websoso/WSSServer/repository/NoticeRepository.java
deleted file mode 100644
index bfe3c17de..000000000
--- a/src/main/java/org/websoso/WSSServer/repository/NoticeRepository.java
+++ /dev/null
@@ -1,9 +0,0 @@
-package org.websoso.WSSServer.repository;
-
-import org.springframework.data.jpa.repository.JpaRepository;
-import org.springframework.stereotype.Repository;
-import org.websoso.WSSServer.domain.Notice;
-
-@Repository
-public interface NoticeRepository extends JpaRepository<Notice, Long> {
-}
diff --git a/src/main/java/org/websoso/WSSServer/service/NoticeService.java b/src/main/java/org/websoso/WSSServer/service/NoticeService.java
deleted file mode 100644
index d4ad8569d..000000000
--- a/src/main/java/org/websoso/WSSServer/service/NoticeService.java
+++ /dev/null
@@ -1,59 +0,0 @@
-package org.websoso.WSSServer.service;
-
-import static org.websoso.WSSServer.domain.common.Role.ADMIN;
-import static org.websoso.WSSServer.exception.error.CustomNoticeError.NOTICE_FORBIDDEN;
-import static org.websoso.WSSServer.exception.error.CustomNoticeError.NOTICE_NOT_FOUND;
-
-import lombok.RequiredArgsConstructor;
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-import org.websoso.WSSServer.domain.Notice;
-import org.websoso.WSSServer.domain.User;
-import org.websoso.WSSServer.domain.common.Role;
-import org.websoso.WSSServer.dto.notice.NoticeEditRequest;
-import org.websoso.WSSServer.dto.notice.NoticePostRequest;
-import org.websoso.WSSServer.exception.exception.CustomNoticeException;
-import org.websoso.WSSServer.repository.NoticeRepository;
-
-@Service
-@RequiredArgsConstructor
-@Transactional
-public class NoticeService {
-
-    private final NoticeRepository noticeRepository;
-    private static final Role ADMIN_ROLE = ADMIN;
-
-    public void createNotice(User user, NoticePostRequest noticePostRequest) {
-        validateAuthorization(user);
-        noticeRepository.save(Notice.builder()
-                .noticeTitle(noticePostRequest.noticeTitle())
-                .noticeContent(noticePostRequest.noticeContent())
-                .userId(noticePostRequest.userId())
-                .build());
-    }
-
-    public void editNotice(User user, Long noticeId, NoticeEditRequest noticeEditRequest) {
-        validateAuthorization(user);
-        Notice notice = getNoticeOrException(noticeId);
-        notice.updateNotice(noticeEditRequest.noticeTitle(), noticeEditRequest.noticeContent(),
-                noticeEditRequest.userId());
-    }
-
-    private static void validateAuthorization(User user) {
-        if (user.getRole() != ADMIN_ROLE) {
-            throw new CustomNoticeException(NOTICE_FORBIDDEN,
-                    "user who tried to create or modify or delete the notice is not ADMIN");
-        }
-    }
-
-    public void deleteNotice(User user, Long noticeId) {
-        validateAuthorization(user);
-        Notice notice = getNoticeOrException(noticeId);
-        noticeRepository.delete(notice);
-    }
-
-    private Notice getNoticeOrException(Long noticeId) {
-        return noticeRepository.findById(noticeId).orElseThrow(() ->
-                new CustomNoticeException(NOTICE_NOT_FOUND, "notice with given noticeId was not found"));
-    }
-}

From a5a281c0491d19c2c51e30f888685439611042af Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 23 Mar 2025 16:09:38 +0900
Subject: [PATCH 067/122] =?UTF-8?q?[REFACTOR]=20Principal=20=EB=8C=80?=
 =?UTF-8?q?=EC=8B=A0=20@AuthenticationPrincipal=20User=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../controller/NotificationController.java          | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
index b35c78ceb..34ce0777a 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
@@ -4,9 +4,9 @@
 import static org.springframework.http.HttpStatus.OK;
 
 import jakarta.validation.Valid;
-import java.security.Principal;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -31,7 +31,7 @@ public class NotificationController {
     private final UserService userService;
 
     @GetMapping
-    public ResponseEntity<NotificationsGetResponse> getNotifications(Principal principal,
+    public ResponseEntity<NotificationsGetResponse> getNotifications(@AuthenticationPrincipal User user,
                                                                      @RequestParam("lastNotificationId") Long lastNotificationId,
                                                                      @RequestParam("size") int size) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
@@ -41,7 +41,8 @@ public ResponseEntity<NotificationsGetResponse> getNotifications(Principal princ
     }
 
     @GetMapping("/unread")
-    public ResponseEntity<NotificationsReadStatusGetResponse> checkNotificationsReadStatus(Principal principal) {
+    public ResponseEntity<NotificationsReadStatusGetResponse> checkNotificationsReadStatus(
+            @AuthenticationPrincipal User user) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
@@ -49,7 +50,7 @@ public ResponseEntity<NotificationsReadStatusGetResponse> checkNotificationsRead
     }
 
     @GetMapping("/{notificationId}")
-    public ResponseEntity<NotificationGetResponse> getNotification(Principal principal,
+    public ResponseEntity<NotificationGetResponse> getNotification(@AuthenticationPrincipal User user,
                                                                    @PathVariable("notificationId") Long notificationId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
 
@@ -59,7 +60,7 @@ public ResponseEntity<NotificationGetResponse> getNotification(Principal princip
     }
 
     @PostMapping("/{notificationId}/read")
-    public ResponseEntity<Void> createNotificationAsRead(Principal principal,
+    public ResponseEntity<Void> createNotificationAsRead(@AuthenticationPrincipal User user,
                                                          @PathVariable("notificationId") Long notificationId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         notificationService.createNotificationAsRead(user, notificationId);
@@ -69,7 +70,7 @@ public ResponseEntity<Void> createNotificationAsRead(Principal principal,
     }
 
     @PostMapping
-    public ResponseEntity<Void> createNoticeNotification(Principal principal,
+    public ResponseEntity<Void> createNoticeNotification(@AuthenticationPrincipal User user,
                                                          @Valid @RequestBody NotificationCreateRequest notificationCreateRequest) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         notificationService.createNoticeNotification(user, notificationCreateRequest);

From 317e110d998d84589c6f82eaaf40806b53e51d13 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 23 Mar 2025 16:10:12 +0900
Subject: [PATCH 068/122] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?=
 =?UTF-8?q?=ED=95=9C=20principal.getName()=20=ED=9B=84=20User=20=EC=A1=B0?=
 =?UTF-8?q?=ED=9A=8C=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/NotificationController.java        | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
index 34ce0777a..ef851323c 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
@@ -34,7 +34,6 @@ public class NotificationController {
     public ResponseEntity<NotificationsGetResponse> getNotifications(@AuthenticationPrincipal User user,
                                                                      @RequestParam("lastNotificationId") Long lastNotificationId,
                                                                      @RequestParam("size") int size) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(notificationService.getNotifications(lastNotificationId, size, user));
@@ -43,7 +42,6 @@ public ResponseEntity<NotificationsGetResponse> getNotifications(@Authentication
     @GetMapping("/unread")
     public ResponseEntity<NotificationsReadStatusGetResponse> checkNotificationsReadStatus(
             @AuthenticationPrincipal User user) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(notificationService.checkNotificationsReadStatus(user));
@@ -52,8 +50,6 @@ public ResponseEntity<NotificationsReadStatusGetResponse> checkNotificationsRead
     @GetMapping("/{notificationId}")
     public ResponseEntity<NotificationGetResponse> getNotification(@AuthenticationPrincipal User user,
                                                                    @PathVariable("notificationId") Long notificationId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
-
         return ResponseEntity
                 .status(OK)
                 .body(notificationService.getNotification(user, notificationId));
@@ -62,7 +58,6 @@ public ResponseEntity<NotificationGetResponse> getNotification(@AuthenticationPr
     @PostMapping("/{notificationId}/read")
     public ResponseEntity<Void> createNotificationAsRead(@AuthenticationPrincipal User user,
                                                          @PathVariable("notificationId") Long notificationId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         notificationService.createNotificationAsRead(user, notificationId);
         return ResponseEntity
                 .status(CREATED)
@@ -72,7 +67,6 @@ public ResponseEntity<Void> createNotificationAsRead(@AuthenticationPrincipal Us
     @PostMapping
     public ResponseEntity<Void> createNoticeNotification(@AuthenticationPrincipal User user,
                                                          @Valid @RequestBody NotificationCreateRequest notificationCreateRequest) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         notificationService.createNoticeNotification(user, notificationCreateRequest);
         return ResponseEntity
                 .status(CREATED)

From 04323ec5b7ce187abe50458304350529447c2ec4 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 23 Mar 2025 16:16:40 +0900
Subject: [PATCH 069/122] =?UTF-8?q?[REMOVE]=20=EC=A3=BC=EC=9E=85=ED=95=98?=
 =?UTF-8?q?=EC=97=AC=20=EC=82=AC=EC=9A=A9=ED=95=98=EC=A7=80=20=EC=95=8A?=
 =?UTF-8?q?=EB=8A=94=20UserService=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../websoso/WSSServer/controller/NotificationController.java    | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
index ef851323c..96f26bf66 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
@@ -20,7 +20,6 @@
 import org.websoso.WSSServer.dto.notification.NotificationsGetResponse;
 import org.websoso.WSSServer.dto.notification.NotificationsReadStatusGetResponse;
 import org.websoso.WSSServer.service.NotificationService;
-import org.websoso.WSSServer.service.UserService;
 
 @RestController
 @RequestMapping("/notifications")
@@ -28,7 +27,6 @@
 public class NotificationController {
 
     private final NotificationService notificationService;
-    private final UserService userService;
 
     @GetMapping
     public ResponseEntity<NotificationsGetResponse> getNotifications(@AuthenticationPrincipal User user,

From 5f61d7d089edb03cd7760311b16f2cc574f606e0 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 23 Mar 2025 16:19:46 +0900
Subject: [PATCH 070/122] =?UTF-8?q?[STYLE]=20=EB=A9=94=EC=84=9C=EB=93=9C?=
 =?UTF-8?q?=20=EC=88=9C=EC=84=9C=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../controller/NotificationController.java    | 34 +++++++++----------
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
index 96f26bf66..9261cf2d3 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
@@ -28,6 +28,15 @@ public class NotificationController {
 
     private final NotificationService notificationService;
 
+    @PostMapping
+    public ResponseEntity<Void> createNoticeNotification(@AuthenticationPrincipal User user,
+                                                         @Valid @RequestBody NotificationCreateRequest notificationCreateRequest) {
+        notificationService.createNoticeNotification(user, notificationCreateRequest);
+        return ResponseEntity
+                .status(CREATED)
+                .build();
+    }
+
     @GetMapping
     public ResponseEntity<NotificationsGetResponse> getNotifications(@AuthenticationPrincipal User user,
                                                                      @RequestParam("lastNotificationId") Long lastNotificationId,
@@ -37,14 +46,6 @@ public ResponseEntity<NotificationsGetResponse> getNotifications(@Authentication
                 .body(notificationService.getNotifications(lastNotificationId, size, user));
     }
 
-    @GetMapping("/unread")
-    public ResponseEntity<NotificationsReadStatusGetResponse> checkNotificationsReadStatus(
-            @AuthenticationPrincipal User user) {
-        return ResponseEntity
-                .status(OK)
-                .body(notificationService.checkNotificationsReadStatus(user));
-    }
-
     @GetMapping("/{notificationId}")
     public ResponseEntity<NotificationGetResponse> getNotification(@AuthenticationPrincipal User user,
                                                                    @PathVariable("notificationId") Long notificationId) {
@@ -53,6 +54,14 @@ public ResponseEntity<NotificationGetResponse> getNotification(@AuthenticationPr
                 .body(notificationService.getNotification(user, notificationId));
     }
 
+    @GetMapping("/unread")
+    public ResponseEntity<NotificationsReadStatusGetResponse> checkNotificationsReadStatus(
+            @AuthenticationPrincipal User user) {
+        return ResponseEntity
+                .status(OK)
+                .body(notificationService.checkNotificationsReadStatus(user));
+    }
+
     @PostMapping("/{notificationId}/read")
     public ResponseEntity<Void> createNotificationAsRead(@AuthenticationPrincipal User user,
                                                          @PathVariable("notificationId") Long notificationId) {
@@ -61,13 +70,4 @@ public ResponseEntity<Void> createNotificationAsRead(@AuthenticationPrincipal Us
                 .status(CREATED)
                 .build();
     }
-
-    @PostMapping
-    public ResponseEntity<Void> createNoticeNotification(@AuthenticationPrincipal User user,
-                                                         @Valid @RequestBody NotificationCreateRequest notificationCreateRequest) {
-        notificationService.createNoticeNotification(user, notificationCreateRequest);
-        return ResponseEntity
-                .status(CREATED)
-                .build();
-    }
 }

From 3d65ece7792ca81034bc1e5053882492aa68d045 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 23 Mar 2025 16:41:18 +0900
Subject: [PATCH 071/122] =?UTF-8?q?[FEAT]=20=EC=9D=B8=EC=A6=9D=EB=90=9C=20?=
 =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9E=90=EC=9D=BC=20=EB=95=8C=EB=A7=8C=20?=
 =?UTF-8?q?=EC=B2=98=EB=A6=AC=ED=95=98=EB=8A=94=20=EC=9A=94=EC=B2=AD?=
 =?UTF-8?q?=EC=97=90=20@PreAuthorize=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/NotificationController.java        | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
index 9261cf2d3..f76058480 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
@@ -6,6 +6,7 @@
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -29,6 +30,7 @@ public class NotificationController {
     private final NotificationService notificationService;
 
     @PostMapping
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> createNoticeNotification(@AuthenticationPrincipal User user,
                                                          @Valid @RequestBody NotificationCreateRequest notificationCreateRequest) {
         notificationService.createNoticeNotification(user, notificationCreateRequest);
@@ -38,6 +40,7 @@ public ResponseEntity<Void> createNoticeNotification(@AuthenticationPrincipal Us
     }
 
     @GetMapping
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<NotificationsGetResponse> getNotifications(@AuthenticationPrincipal User user,
                                                                      @RequestParam("lastNotificationId") Long lastNotificationId,
                                                                      @RequestParam("size") int size) {
@@ -47,6 +50,7 @@ public ResponseEntity<NotificationsGetResponse> getNotifications(@Authentication
     }
 
     @GetMapping("/{notificationId}")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<NotificationGetResponse> getNotification(@AuthenticationPrincipal User user,
                                                                    @PathVariable("notificationId") Long notificationId) {
         return ResponseEntity
@@ -55,6 +59,7 @@ public ResponseEntity<NotificationGetResponse> getNotification(@AuthenticationPr
     }
 
     @GetMapping("/unread")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<NotificationsReadStatusGetResponse> checkNotificationsReadStatus(
             @AuthenticationPrincipal User user) {
         return ResponseEntity
@@ -63,6 +68,7 @@ public ResponseEntity<NotificationsReadStatusGetResponse> checkNotificationsRead
     }
 
     @PostMapping("/{notificationId}/read")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> createNotificationAsRead(@AuthenticationPrincipal User user,
                                                          @PathVariable("notificationId") Long notificationId) {
         notificationService.createNotificationAsRead(user, notificationId);

From c2dadb9b6b51562edb57055708bca899b9dbb161 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 24 Mar 2025 21:38:56 +0900
Subject: [PATCH 072/122] =?UTF-8?q?[FEAT]=20=EC=95=8C=EB=A6=BC=20=ED=83=80?=
 =?UTF-8?q?=EC=9E=85=EC=9D=B4=20NOTICE=20=EA=B7=B8=EB=A3=B9=EC=97=90=20?=
 =?UTF-8?q?=EC=86=8D=ED=95=98=EB=8A=94=EC=A7=80=20=EA=B2=80=EC=A6=9D?=
 =?UTF-8?q?=ED=95=98=EB=8A=94=20=EC=BB=A4=EC=8A=A4=ED=85=80=20Validator=20?=
 =?UTF-8?q?=EB=B0=8F=20annotation=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../NotificationTypeConstraint.java           | 23 +++++++++++++++
 .../validation/NotificationTypeValidator.java | 29 +++++++++++++++++++
 2 files changed, 52 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/validation/NotificationTypeConstraint.java
 create mode 100644 src/main/java/org/websoso/WSSServer/validation/NotificationTypeValidator.java

diff --git a/src/main/java/org/websoso/WSSServer/validation/NotificationTypeConstraint.java b/src/main/java/org/websoso/WSSServer/validation/NotificationTypeConstraint.java
new file mode 100644
index 000000000..e35891351
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/validation/NotificationTypeConstraint.java
@@ -0,0 +1,23 @@
+package org.websoso.WSSServer.validation;
+
+import static java.lang.annotation.ElementType.FIELD;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+import jakarta.validation.Constraint;
+import jakarta.validation.Payload;
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+@Documented
+@Constraint(validatedBy = NotificationTypeValidator.class)
+@Target({FIELD})
+@Retention(RUNTIME)
+public @interface NotificationTypeConstraint {
+
+    String message() default "invalid notificationType";
+
+    Class<?>[] groups() default {};
+
+    Class<? extends Payload>[] payload() default {};
+}
diff --git a/src/main/java/org/websoso/WSSServer/validation/NotificationTypeValidator.java b/src/main/java/org/websoso/WSSServer/validation/NotificationTypeValidator.java
new file mode 100644
index 000000000..de6a32a3f
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/validation/NotificationTypeValidator.java
@@ -0,0 +1,29 @@
+package org.websoso.WSSServer.validation;
+
+import static org.websoso.WSSServer.domain.common.NotificationTypeGroup.NOTICE;
+import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_NOT_NOTICE_TYPE;
+
+import jakarta.validation.ConstraintValidator;
+import jakarta.validation.ConstraintValidatorContext;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+import org.websoso.WSSServer.domain.common.NotificationTypeGroup;
+import org.websoso.WSSServer.exception.exception.CustomNotificationException;
+
+@Component
+@RequiredArgsConstructor
+public class NotificationTypeValidator implements ConstraintValidator<NotificationTypeConstraint, String> {
+
+    @Override
+    public void initialize(NotificationTypeConstraint notificationTypeName) {
+    }
+
+    @Override
+    public boolean isValid(String notificationTypeName, ConstraintValidatorContext constraintValidatorContext) {
+        if (!NotificationTypeGroup.isTypeInGroup(notificationTypeName, NOTICE)) {
+            throw new CustomNotificationException(NOTIFICATION_NOT_NOTICE_TYPE,
+                    "given notification type does not belong to the NOTICE category");
+        }
+        return true;
+    }
+}

From a04225e569db16737ad991fccfcc6fd839b86c89 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 24 Mar 2025 21:41:04 +0900
Subject: [PATCH 073/122] =?UTF-8?q?[FEAT]=20NotificationAuthorizationValid?=
 =?UTF-8?q?ator=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/dto/notification/NotificationCreateRequest.java   | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/dto/notification/NotificationCreateRequest.java b/src/main/java/org/websoso/WSSServer/dto/notification/NotificationCreateRequest.java
index 19bad9d32..4369a3bac 100644
--- a/src/main/java/org/websoso/WSSServer/dto/notification/NotificationCreateRequest.java
+++ b/src/main/java/org/websoso/WSSServer/dto/notification/NotificationCreateRequest.java
@@ -3,6 +3,7 @@
 import jakarta.validation.constraints.NotBlank;
 import jakarta.validation.constraints.NotNull;
 import jakarta.validation.constraints.Size;
+import org.websoso.WSSServer.validation.NotificationTypeConstraint;
 import org.websoso.WSSServer.validation.ZeroAllowedUserIdConstraint;
 
 public record NotificationCreateRequest(
@@ -24,6 +25,7 @@ public record NotificationCreateRequest(
         Long userId,
 
         @NotBlank(message = "알림 타입 이름은 필수입니다.")
+        @NotificationTypeConstraint
         String notificationTypeName
 ) {
 }

From 6618d4cf0715d1fa53ced2f9115d114a406ceefa Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 24 Mar 2025 21:41:14 +0900
Subject: [PATCH 074/122] =?UTF-8?q?[REFACTOR]=20NotificationCreateRequest?=
 =?UTF-8?q?=EC=97=90=EC=84=9C=20custom=20annotation=EC=9C=BC=EB=A1=9C=20?=
 =?UTF-8?q?=EA=B2=80=EC=A6=9D=ED=95=98=EB=8F=84=EB=A1=9D=20=EB=B3=80?=
 =?UTF-8?q?=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../NotificationAuthorizationValidator.java   | 48 +++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/auth/validator/NotificationAuthorizationValidator.java

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/NotificationAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/NotificationAuthorizationValidator.java
new file mode 100644
index 000000000..6e1f12f3c
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/NotificationAuthorizationValidator.java
@@ -0,0 +1,48 @@
+package org.websoso.WSSServer.auth.validator;
+
+import static org.websoso.WSSServer.domain.common.Role.ADMIN;
+import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_ADMIN_ONLY;
+import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_NOT_FOUND;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+import org.websoso.WSSServer.domain.Notification;
+import org.websoso.WSSServer.domain.User;
+import org.websoso.WSSServer.exception.exception.CustomNotificationException;
+import org.websoso.WSSServer.repository.NotificationRepository;
+
+@Component
+@RequiredArgsConstructor
+public class NotificationAuthorizationValidator implements ResourceAuthorizationValidator {
+
+    private final NotificationRepository notificationRepository;
+
+    @Override
+    public boolean hasPermission(Long resourceId, User user) {
+        if (resourceId == null) {
+            return isAdmin(user);
+        }
+
+        Notification notification = getNotificationOrException(resourceId);
+        return isAdmin(user);
+    }
+
+    private Notification getNotificationOrException(Long notificationId) {
+        return notificationRepository.findById(notificationId)
+                .orElseThrow(() -> new CustomNotificationException(NOTIFICATION_NOT_FOUND,
+                        "notification with the given id is not found"));
+    }
+
+    private boolean isAdmin(User user) {
+        if (user.getRole() != ADMIN) {
+            throw new CustomNotificationException(NOTIFICATION_ADMIN_ONLY,
+                    "User who tried to create, modify, or delete the notice is not an ADMIN.");
+        }
+        return true;
+    }
+
+    @Override
+    public Class<?> getResourceType() {
+        return Notification.class;
+    }
+}

From d32eb9ec7e10adc839f9183cd644083799980322 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 24 Mar 2025 21:41:56 +0900
Subject: [PATCH 075/122] =?UTF-8?q?[COMMENT]=20=EC=82=AC=EC=9A=A9=EB=90=98?=
 =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EB=8A=94=20=EB=A1=9C=EC=A7=81=EC=97=90=20?=
 =?UTF-8?q?=EC=A3=BC=EC=84=9D=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

추후 사용 예정
---
 .../auth/validator/NotificationAuthorizationValidator.java       | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/NotificationAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/NotificationAuthorizationValidator.java
index 6e1f12f3c..e21383e68 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/NotificationAuthorizationValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/NotificationAuthorizationValidator.java
@@ -23,6 +23,7 @@ public boolean hasPermission(Long resourceId, User user) {
             return isAdmin(user);
         }
 
+        // 수정이나 삭제에서 리소스 존재 여부 검증을 위함
         Notification notification = getNotificationOrException(resourceId);
         return isAdmin(user);
     }

From b4a5ca5b90ad1c400511d03f179bdea53059c137 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 24 Mar 2025 21:42:30 +0900
Subject: [PATCH 076/122] =?UTF-8?q?[FEAT]=20=EB=A6=AC=EC=86=8C=EC=8A=A4=20?=
 =?UTF-8?q?=EC=A1=B0=EC=9E=91=20=EA=B6=8C=ED=95=9C=20=ED=99=95=EC=9D=B8?=
 =?UTF-8?q?=EC=9D=84=20=EC=9C=84=ED=95=B4=20@PreAuthorize=EC=97=90=20valid?=
 =?UTF-8?q?ate=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

notification 생성은 ADMIN만 가능
---
 .../websoso/WSSServer/controller/NotificationController.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
index f76058480..c2f31a61b 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NotificationController.java
@@ -30,7 +30,7 @@ public class NotificationController {
     private final NotificationService notificationService;
 
     @PostMapping
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @authorizationService.validate(null, #user, T(org.websoso.WSSServer.domain.Notification))")
     public ResponseEntity<Void> createNoticeNotification(@AuthenticationPrincipal User user,
                                                          @Valid @RequestBody NotificationCreateRequest notificationCreateRequest) {
         notificationService.createNoticeNotification(user, notificationCreateRequest);

From f37c499e2581806a4bfc7b97b5e8c38ac9bacca2 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 24 Mar 2025 22:07:28 +0900
Subject: [PATCH 077/122] =?UTF-8?q?[REFACTOR]=20Principal=20=EB=8C=80?=
 =?UTF-8?q?=EC=8B=A0=20@AuthenticationPrincipal=20User=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/NovelController.java      | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NovelController.java b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
index 7e078ac41..88a60686e 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
@@ -3,10 +3,10 @@
 import static org.springframework.http.HttpStatus.NO_CONTENT;
 import static org.springframework.http.HttpStatus.OK;
 
-import java.security.Principal;
 import java.util.List;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -36,7 +36,7 @@ public class NovelController {
     private final FeedService feedService;
 
     @GetMapping("/{novelId}")
-    public ResponseEntity<NovelGetResponseBasic> getNovelInfoBasic(Principal principal,
+    public ResponseEntity<NovelGetResponseBasic> getNovelInfoBasic(@AuthenticationPrincipal User user,
                                                                    @PathVariable Long novelId) {
         User user = principal == null
                 ? null
@@ -55,7 +55,7 @@ public ResponseEntity<NovelGetResponseInfoTab> getNovelInfoInfoTab(@PathVariable
     }
 
     @GetMapping("/{novelId}/feeds")
-    public ResponseEntity<NovelGetResponseFeedTab> getFeedsByNovel(Principal principal,
+    public ResponseEntity<NovelGetResponseFeedTab> getFeedsByNovel(@AuthenticationPrincipal User user,
                                                                    @PathVariable Long novelId,
                                                                    @RequestParam("lastFeedId") Long lastFeedId,
                                                                    @RequestParam("size") int size) {
@@ -91,7 +91,7 @@ public ResponseEntity<FilteredNovelsGetResponse> getFilteredNovels(
     }
 
     @PostMapping("/{novelId}/is-interest")
-    public ResponseEntity<Void> registerAsInterest(Principal principal,
+    public ResponseEntity<Void> registerAsInterest(@AuthenticationPrincipal User user,
                                                    @PathVariable("novelId") Long novelId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         novelService.registerAsInterest(user, novelId);
@@ -102,7 +102,7 @@ public ResponseEntity<Void> registerAsInterest(Principal principal,
     }
 
     @DeleteMapping("/{novelId}/is-interest")
-    public ResponseEntity<Void> unregisterAsInterest(Principal principal,
+    public ResponseEntity<Void> unregisterAsInterest(@AuthenticationPrincipal User user,
                                                      @PathVariable("novelId") Long novelId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         novelService.unregisterAsInterest(user, novelId);
@@ -113,7 +113,7 @@ public ResponseEntity<Void> unregisterAsInterest(Principal principal,
     }
 
     @GetMapping("/popular")
-    public ResponseEntity<PopularNovelsGetResponse> getTodayPopularNovels(Principal principal) {
+    public ResponseEntity<PopularNovelsGetResponse> getTodayPopularNovels(@AuthenticationPrincipal User user) {
         //TODO 차단 관계에 있는 유저의 피드글 처리
         return ResponseEntity
                 .status(OK)
@@ -121,7 +121,7 @@ public ResponseEntity<PopularNovelsGetResponse> getTodayPopularNovels(Principal
     }
 
     @GetMapping("/taste")
-    public ResponseEntity<TasteNovelsGetResponse> getTasteNovels(Principal principal) {
+    public ResponseEntity<TasteNovelsGetResponse> getTasteNovels(@AuthenticationPrincipal User user) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)

From 0fc8fface243070f879a715c9ffcd00afc6c1959 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 24 Mar 2025 22:09:03 +0900
Subject: [PATCH 078/122] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?=
 =?UTF-8?q?=ED=95=9C=20principal.getName()=20=ED=9B=84=20User=20=EC=A1=B0?=
 =?UTF-8?q?=ED=9A=8C=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/NovelController.java       | 13 -------------
 1 file changed, 13 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NovelController.java b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
index 88a60686e..0e4f8ca05 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
@@ -38,10 +38,6 @@ public class NovelController {
     @GetMapping("/{novelId}")
     public ResponseEntity<NovelGetResponseBasic> getNovelInfoBasic(@AuthenticationPrincipal User user,
                                                                    @PathVariable Long novelId) {
-        User user = principal == null
-                ? null
-                : userService.getUserOrException(Long.valueOf(principal.getName()));
-
         return ResponseEntity
                 .status(OK)
                 .body(novelService.getNovelInfoBasic(user, novelId));
@@ -59,10 +55,6 @@ public ResponseEntity<NovelGetResponseFeedTab> getFeedsByNovel(@AuthenticationPr
                                                                    @PathVariable Long novelId,
                                                                    @RequestParam("lastFeedId") Long lastFeedId,
                                                                    @RequestParam("size") int size) {
-        User user = principal == null
-                ? null
-                : userService.getUserOrException(Long.valueOf(principal.getName()));
-
         return ResponseEntity
                 .status(OK)
                 .body(feedService.getFeedsByNovel(user, novelId, lastFeedId, size));
@@ -93,9 +85,7 @@ public ResponseEntity<FilteredNovelsGetResponse> getFilteredNovels(
     @PostMapping("/{novelId}/is-interest")
     public ResponseEntity<Void> registerAsInterest(@AuthenticationPrincipal User user,
                                                    @PathVariable("novelId") Long novelId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         novelService.registerAsInterest(user, novelId);
-
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
@@ -104,9 +94,7 @@ public ResponseEntity<Void> registerAsInterest(@AuthenticationPrincipal User use
     @DeleteMapping("/{novelId}/is-interest")
     public ResponseEntity<Void> unregisterAsInterest(@AuthenticationPrincipal User user,
                                                      @PathVariable("novelId") Long novelId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         novelService.unregisterAsInterest(user, novelId);
-
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
@@ -122,7 +110,6 @@ public ResponseEntity<PopularNovelsGetResponse> getTodayPopularNovels(@Authentic
 
     @GetMapping("/taste")
     public ResponseEntity<TasteNovelsGetResponse> getTasteNovels(@AuthenticationPrincipal User user) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(novelService.getTasteNovels(user));

From ebcaab80f87381a4f01d2e188cd6e2241947850e Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 24 Mar 2025 22:09:18 +0900
Subject: [PATCH 079/122] =?UTF-8?q?[REMOVE]=20=EC=A3=BC=EC=9E=85=ED=95=98?=
 =?UTF-8?q?=EC=97=AC=20=EC=82=AC=EC=9A=A9=ED=95=98=EC=A7=80=20=EC=95=8A?=
 =?UTF-8?q?=EB=8A=94=20UserService=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/NovelController.java  | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NovelController.java b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
index 0e4f8ca05..24af9e1f3 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
@@ -24,7 +24,6 @@
 import org.websoso.WSSServer.dto.userNovel.TasteNovelsGetResponse;
 import org.websoso.WSSServer.service.FeedService;
 import org.websoso.WSSServer.service.NovelService;
-import org.websoso.WSSServer.service.UserService;
 
 @RestController
 @RequestMapping("/novels")
@@ -32,7 +31,6 @@
 public class NovelController {
 
     private final NovelService novelService;
-    private final UserService userService;
     private final FeedService feedService;
 
     @GetMapping("/{novelId}")

From 57a5345fbda2dd5db9d3f29bfbb44347784cf1ea Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 24 Mar 2025 22:12:06 +0900
Subject: [PATCH 080/122] =?UTF-8?q?[REFACTOR]=20=EB=A9=94=EC=84=9C?=
 =?UTF-8?q?=EB=93=9C=20=EC=88=9C=EC=84=9C=20=EC=A1=B0=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/NovelController.java | 74 +++++++++----------
 1 file changed, 37 insertions(+), 37 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NovelController.java b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
index 24af9e1f3..196a3bc01 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
@@ -33,6 +33,43 @@ public class NovelController {
     private final NovelService novelService;
     private final FeedService feedService;
 
+    @GetMapping
+    public ResponseEntity<SearchedNovelsGetResponse> searchNovels(@RequestParam(required = false) String query,
+                                                                  @RequestParam int page,
+                                                                  @RequestParam int size) {
+        return ResponseEntity
+                .status(OK)
+                .body(novelService.searchNovels(query, page, size));
+    }
+
+    @GetMapping("/filtered")
+    public ResponseEntity<FilteredNovelsGetResponse> getFilteredNovels(
+            @RequestParam(required = false) List<String> genres,
+            @RequestParam(required = false) Boolean isCompleted,
+            @RequestParam(required = false) Float novelRating,
+            @RequestParam(required = false) List<Integer> keywordIds,
+            @RequestParam int page,
+            @RequestParam int size) {
+        return ResponseEntity
+                .status(OK)
+                .body(novelService.getFilteredNovels(genres, isCompleted, novelRating, keywordIds, page, size));
+    }
+
+    @GetMapping("/popular")
+    public ResponseEntity<PopularNovelsGetResponse> getTodayPopularNovels(@AuthenticationPrincipal User user) {
+        //TODO 차단 관계에 있는 유저의 피드글 처리
+        return ResponseEntity
+                .status(OK)
+                .body(novelService.getTodayPopularNovels());
+    }
+
+    @GetMapping("/taste")
+    public ResponseEntity<TasteNovelsGetResponse> getTasteNovels(@AuthenticationPrincipal User user) {
+        return ResponseEntity
+                .status(OK)
+                .body(novelService.getTasteNovels(user));
+    }
+
     @GetMapping("/{novelId}")
     public ResponseEntity<NovelGetResponseBasic> getNovelInfoBasic(@AuthenticationPrincipal User user,
                                                                    @PathVariable Long novelId) {
@@ -58,28 +95,6 @@ public ResponseEntity<NovelGetResponseFeedTab> getFeedsByNovel(@AuthenticationPr
                 .body(feedService.getFeedsByNovel(user, novelId, lastFeedId, size));
     }
 
-    @GetMapping
-    public ResponseEntity<SearchedNovelsGetResponse> searchNovels(@RequestParam(required = false) String query,
-                                                                  @RequestParam int page,
-                                                                  @RequestParam int size) {
-        return ResponseEntity
-                .status(OK)
-                .body(novelService.searchNovels(query, page, size));
-    }
-
-    @GetMapping("/filtered")
-    public ResponseEntity<FilteredNovelsGetResponse> getFilteredNovels(
-            @RequestParam(required = false) List<String> genres,
-            @RequestParam(required = false) Boolean isCompleted,
-            @RequestParam(required = false) Float novelRating,
-            @RequestParam(required = false) List<Integer> keywordIds,
-            @RequestParam int page,
-            @RequestParam int size) {
-        return ResponseEntity
-                .status(OK)
-                .body(novelService.getFilteredNovels(genres, isCompleted, novelRating, keywordIds, page, size));
-    }
-
     @PostMapping("/{novelId}/is-interest")
     public ResponseEntity<Void> registerAsInterest(@AuthenticationPrincipal User user,
                                                    @PathVariable("novelId") Long novelId) {
@@ -97,19 +112,4 @@ public ResponseEntity<Void> unregisterAsInterest(@AuthenticationPrincipal User u
                 .status(NO_CONTENT)
                 .build();
     }
-
-    @GetMapping("/popular")
-    public ResponseEntity<PopularNovelsGetResponse> getTodayPopularNovels(@AuthenticationPrincipal User user) {
-        //TODO 차단 관계에 있는 유저의 피드글 처리
-        return ResponseEntity
-                .status(OK)
-                .body(novelService.getTodayPopularNovels());
-    }
-
-    @GetMapping("/taste")
-    public ResponseEntity<TasteNovelsGetResponse> getTasteNovels(@AuthenticationPrincipal User user) {
-        return ResponseEntity
-                .status(OK)
-                .body(novelService.getTasteNovels(user));
-    }
 }

From 1995a54e357a63965a5e458db4de3f1920ba1902 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Mon, 24 Mar 2025 22:20:37 +0900
Subject: [PATCH 081/122] =?UTF-8?q?[FEAT]=20=EC=9D=B8=EC=A6=9D=EB=90=9C=20?=
 =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9E=90=EC=9D=BC=20=EB=95=8C=EB=A7=8C=20?=
 =?UTF-8?q?=EC=B2=98=EB=A6=AC=ED=95=98=EB=8A=94=20=EC=9A=94=EC=B2=AD?=
 =?UTF-8?q?=EC=97=90=20@PreAuthorize=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/controller/NovelController.java    | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NovelController.java b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
index 196a3bc01..fe0a27149 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
@@ -6,6 +6,7 @@
 import java.util.List;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -43,6 +44,7 @@ public ResponseEntity<SearchedNovelsGetResponse> searchNovels(@RequestParam(requ
     }
 
     @GetMapping("/filtered")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<FilteredNovelsGetResponse> getFilteredNovels(
             @RequestParam(required = false) List<String> genres,
             @RequestParam(required = false) Boolean isCompleted,
@@ -64,6 +66,7 @@ public ResponseEntity<PopularNovelsGetResponse> getTodayPopularNovels(@Authentic
     }
 
     @GetMapping("/taste")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<TasteNovelsGetResponse> getTasteNovels(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
@@ -96,6 +99,7 @@ public ResponseEntity<NovelGetResponseFeedTab> getFeedsByNovel(@AuthenticationPr
     }
 
     @PostMapping("/{novelId}/is-interest")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> registerAsInterest(@AuthenticationPrincipal User user,
                                                    @PathVariable("novelId") Long novelId) {
         novelService.registerAsInterest(user, novelId);
@@ -105,6 +109,7 @@ public ResponseEntity<Void> registerAsInterest(@AuthenticationPrincipal User use
     }
 
     @DeleteMapping("/{novelId}/is-interest")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> unregisterAsInterest(@AuthenticationPrincipal User user,
                                                      @PathVariable("novelId") Long novelId) {
         novelService.unregisterAsInterest(user, novelId);

From 465e7d66350f1e43c7011fb808dac50dbd5310bb Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 25 Mar 2025 00:01:58 +0900
Subject: [PATCH 082/122] =?UTF-8?q?[FEAT]=20NovelAuthorizationValidator=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../NovelAuthorizationValidator.java          | 33 +++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/auth/validator/NovelAuthorizationValidator.java

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/NovelAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/NovelAuthorizationValidator.java
new file mode 100644
index 000000000..0882b01a9
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/NovelAuthorizationValidator.java
@@ -0,0 +1,33 @@
+package org.websoso.WSSServer.auth.validator;
+
+import static org.websoso.WSSServer.exception.error.CustomNovelError.NOVEL_NOT_FOUND;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+import org.websoso.WSSServer.domain.Novel;
+import org.websoso.WSSServer.domain.User;
+import org.websoso.WSSServer.exception.exception.CustomNovelException;
+import org.websoso.WSSServer.repository.NovelRepository;
+
+@Component
+@RequiredArgsConstructor
+public class NovelAuthorizationValidator implements ResourceAuthorizationValidator {
+
+    private final NovelRepository novelRepository;
+
+    @Override
+    public boolean hasPermission(Long resourceId, User user) {
+        Novel novel = getNovelOrException(resourceId);
+        return true;
+    }
+
+    private Novel getNovelOrException(Long novelId) {
+        return novelRepository.findById(novelId)
+                .orElseThrow(() -> new CustomNovelException(NOVEL_NOT_FOUND, "novel with the given id is not found"));
+    }
+
+    @Override
+    public Class<?> getResourceType() {
+        return Novel.class;
+    }
+}

From c2bb83b2278d679a17340242755692da3ab27642 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 25 Mar 2025 00:02:02 +0900
Subject: [PATCH 083/122] =?UTF-8?q?[FEAT]=20UserNovelAuthorizationValidato?=
 =?UTF-8?q?r=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../UserNovelAuthorizationValidator.java      | 45 +++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/auth/validator/UserNovelAuthorizationValidator.java

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/UserNovelAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/UserNovelAuthorizationValidator.java
new file mode 100644
index 000000000..46145cc8b
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/UserNovelAuthorizationValidator.java
@@ -0,0 +1,45 @@
+package org.websoso.WSSServer.auth.validator;
+
+import static org.websoso.WSSServer.exception.error.CustomNovelError.NOVEL_NOT_FOUND;
+import static org.websoso.WSSServer.exception.error.CustomUserNovelError.USER_NOVEL_NOT_FOUND;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+import org.websoso.WSSServer.domain.Novel;
+import org.websoso.WSSServer.domain.User;
+import org.websoso.WSSServer.domain.UserNovel;
+import org.websoso.WSSServer.exception.exception.CustomNovelException;
+import org.websoso.WSSServer.exception.exception.CustomUserNovelException;
+import org.websoso.WSSServer.repository.NovelRepository;
+import org.websoso.WSSServer.repository.UserNovelRepository;
+
+@Component
+@RequiredArgsConstructor
+public class UserNovelAuthorizationValidator implements ResourceAuthorizationValidator {
+
+    private final NovelRepository novelRepository;
+    private final UserNovelRepository userNovelRepository;
+
+    @Override
+    public boolean hasPermission(Long resourceId, User user) {
+        Novel novel = getNovelOrException(resourceId);
+        UserNovel userNovel = getUserNovelOrException(user, novel);
+        return true;
+    }
+
+    private Novel getNovelOrException(Long novelId) {
+        return novelRepository.findById(novelId)
+                .orElseThrow(() -> new CustomNovelException(NOVEL_NOT_FOUND, "novel with the given id is not found"));
+    }
+
+    private UserNovel getUserNovelOrException(User user, Novel novel) {
+        return userNovelRepository.findByNovelAndUser(novel, user)
+                .orElseThrow(() -> new CustomUserNovelException(USER_NOVEL_NOT_FOUND,
+                        "user novel with the given user and novel is not found"));
+    }
+
+    @Override
+    public Class<?> getResourceType() {
+        return UserNovel.class;
+    }
+}

From 88299b408510838e35e5bd66a457146ba34f4186 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 25 Mar 2025 00:02:27 +0900
Subject: [PATCH 084/122] =?UTF-8?q?[FEAT]=20=EB=A6=AC=EC=86=8C=EC=8A=A4=20?=
 =?UTF-8?q?=EC=A1=B0=EC=9E=91=20=EA=B6=8C=ED=95=9C=20=ED=99=95=EC=9D=B8?=
 =?UTF-8?q?=EC=9D=84=20=EC=9C=84=ED=95=B4=20@PreAuthorize=EC=97=90=20valid?=
 =?UTF-8?q?ate=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/controller/NovelController.java     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/NovelController.java b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
index fe0a27149..d341ad310 100644
--- a/src/main/java/org/websoso/WSSServer/controller/NovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/NovelController.java
@@ -99,7 +99,7 @@ public ResponseEntity<NovelGetResponseFeedTab> getFeedsByNovel(@AuthenticationPr
     }
 
     @PostMapping("/{novelId}/is-interest")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @authorizationService.validate(#novelId, #user, T(org.websoso.WSSServer.domain.Novel))")
     public ResponseEntity<Void> registerAsInterest(@AuthenticationPrincipal User user,
                                                    @PathVariable("novelId") Long novelId) {
         novelService.registerAsInterest(user, novelId);
@@ -109,7 +109,7 @@ public ResponseEntity<Void> registerAsInterest(@AuthenticationPrincipal User use
     }
 
     @DeleteMapping("/{novelId}/is-interest")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @authorizationService.validate(#novelId, #user, T(org.websoso.WSSServer.domain.UserNovel))")
     public ResponseEntity<Void> unregisterAsInterest(@AuthenticationPrincipal User user,
                                                      @PathVariable("novelId") Long novelId) {
         novelService.unregisterAsInterest(user, novelId);

From a52b0a777f52d6ce81fc4766ddbb73c4dc75e4dd Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 25 Mar 2025 00:03:03 +0900
Subject: [PATCH 085/122] =?UTF-8?q?[REFACTOR]=20Principal=20=EB=8C=80?=
 =?UTF-8?q?=EC=8B=A0=20@AuthenticationPrincipal=20User=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/UserController.java  | 40 +++++++++----------
 1 file changed, 20 insertions(+), 20 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserController.java b/src/main/java/org/websoso/WSSServer/controller/UserController.java
index 103a72cba..965fc5a21 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserController.java
@@ -5,9 +5,9 @@
 import static org.springframework.http.HttpStatus.OK;
 
 import jakarta.validation.Valid;
-import java.security.Principal;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PatchMapping;
@@ -56,7 +56,7 @@ public class UserController {
     private final FeedService feedService;
 
     @GetMapping("/nickname/check")
-    public ResponseEntity<NicknameValidation> checkNicknameAvailability(Principal principal,
+    public ResponseEntity<NicknameValidation> checkNicknameAvailability(@AuthenticationPrincipal User user,
                                                                         @RequestParam("nickname")
                                                                         @NicknameConstraint String nickname) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
@@ -66,7 +66,7 @@ public ResponseEntity<NicknameValidation> checkNicknameAvailability(Principal pr
     }
 
     @GetMapping("/info")
-    public ResponseEntity<UserInfoGetResponse> getUserInfo(Principal principal) {
+    public ResponseEntity<UserInfoGetResponse> getUserInfo(@AuthenticationPrincipal User user) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
@@ -74,7 +74,7 @@ public ResponseEntity<UserInfoGetResponse> getUserInfo(Principal principal) {
     }
 
     @GetMapping("/profile-status")
-    public ResponseEntity<ProfileStatusResponse> getProfileStatus(Principal principal) {
+    public ResponseEntity<ProfileStatusResponse> getProfileStatus(@AuthenticationPrincipal User user) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
@@ -82,7 +82,7 @@ public ResponseEntity<ProfileStatusResponse> getProfileStatus(Principal principa
     }
 
     @PatchMapping("/profile-status")
-    public ResponseEntity<Void> editProfileStatus(Principal principal,
+    public ResponseEntity<Void> editProfileStatus(@AuthenticationPrincipal User user,
                                                   @Valid @RequestBody EditProfileStatusRequest editProfileStatusRequest) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.editProfileStatus(user, editProfileStatusRequest);
@@ -100,7 +100,7 @@ public ResponseEntity<LoginResponse> login(@RequestBody String userId) {
     }
 
     @GetMapping("/my-profile")
-    public ResponseEntity<MyProfileResponse> getMyProfileInfo(Principal principal) {
+    public ResponseEntity<MyProfileResponse> getMyProfileInfo(@AuthenticationPrincipal User user) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
@@ -108,7 +108,7 @@ public ResponseEntity<MyProfileResponse> getMyProfileInfo(Principal principal) {
     }
 
     @PatchMapping("/my-profile")
-    public ResponseEntity<Void> updateMyProfileInfo(Principal principal,
+    public ResponseEntity<Void> updateMyProfileInfo(@AuthenticationPrincipal User user,
                                                     @RequestBody @Valid UpdateMyProfileRequest updateMyProfileRequest) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.updateMyProfileInfo(user, updateMyProfileRequest);
@@ -118,7 +118,7 @@ public ResponseEntity<Void> updateMyProfileInfo(Principal principal,
     }
 
     @GetMapping("/profile/{userId}")
-    public ResponseEntity<ProfileGetResponse> getProfileInfo(Principal principal,
+    public ResponseEntity<ProfileGetResponse> getProfileInfo(@AuthenticationPrincipal User user,
                                                              @PathVariable("userId") Long userId) {
         User user = principal == null
                 ? null
@@ -129,7 +129,7 @@ public ResponseEntity<ProfileGetResponse> getProfileInfo(Principal principal,
     }
 
     @PostMapping("/profile")
-    public ResponseEntity<Void> registerUserInfo(Principal principal,
+    public ResponseEntity<Void> registerUserInfo(@AuthenticationPrincipal User user,
                                                  @Valid @RequestBody RegisterUserInfoRequest registerUserInfoRequest) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.registerUserInfo(user, registerUserInfoRequest);
@@ -146,7 +146,7 @@ public ResponseEntity<UserNovelCountGetResponse> getUserNovelStatistics(@PathVar
     }
 
     @GetMapping("/{userId}/novels")
-    public ResponseEntity<UserNovelAndNovelsGetResponse> getUserNovelsAndNovels(Principal principal,
+    public ResponseEntity<UserNovelAndNovelsGetResponse> getUserNovelsAndNovels(@AuthenticationPrincipal User user,
                                                                                 @PathVariable("userId") Long userId,
                                                                                 @RequestParam("readStatus") String readStatus,
                                                                                 @RequestParam("lastUserNovelId") Long lastUserNovelId,
@@ -162,7 +162,7 @@ public ResponseEntity<UserNovelAndNovelsGetResponse> getUserNovelsAndNovels(Prin
     }
 
     @GetMapping("/{userId}/feeds")
-    public ResponseEntity<UserFeedsGetResponse> getUserFeeds(Principal principal,
+    public ResponseEntity<UserFeedsGetResponse> getUserFeeds(@AuthenticationPrincipal User user,
                                                              @PathVariable("userId") Long userId,
                                                              @RequestParam("lastFeedId") Long lastFeedId,
                                                              @RequestParam("size") int size) {
@@ -175,7 +175,7 @@ public ResponseEntity<UserFeedsGetResponse> getUserFeeds(Principal principal,
     }
 
     @GetMapping("/{userId}/preferences/genres")
-    public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(Principal principal,
+    public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(@AuthenticationPrincipal User user,
                                                                                    @PathVariable("userId") Long ownerId) {
         User visitor = principal == null
                 ? null
@@ -187,7 +187,7 @@ public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(P
 
     @GetMapping("/{userId}/preferences/attractive-points")
     public ResponseEntity<UserTasteAttractivePointPreferencesAndKeywordsGetResponse>
-    getUserAttractivePointsAndKeywords(Principal principal,
+    getUserAttractivePointsAndKeywords(@AuthenticationPrincipal User user,
                                        @PathVariable("userId") Long ownerId) {
         User visitor = principal == null
                 ? null
@@ -198,7 +198,7 @@ public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(P
     }
 
     @PutMapping("/info")
-    public ResponseEntity<Void> editMyInfo(Principal principal,
+    public ResponseEntity<Void> editMyInfo(@AuthenticationPrincipal User user,
                                            @Valid @RequestBody EditMyInfoRequest editMyInfoRequest) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.editMyInfo(user, editMyInfoRequest);
@@ -208,7 +208,7 @@ public ResponseEntity<Void> editMyInfo(Principal principal,
     }
 
     @GetMapping("/me")
-    public ResponseEntity<UserIdAndNicknameResponse> getUserIdAndNicknameAndGender(Principal principal) {
+    public ResponseEntity<UserIdAndNicknameResponse> getUserIdAndNicknameAndGender(@AuthenticationPrincipal User user) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
@@ -216,7 +216,7 @@ public ResponseEntity<UserIdAndNicknameResponse> getUserIdAndNicknameAndGender(P
     }
 
     @PostMapping("/fcm-token")
-    public ResponseEntity<Void> registerFCMToken(Principal principal,
+    public ResponseEntity<Void> registerFCMToken(@AuthenticationPrincipal User user,
                                                  @Valid @RequestBody FCMTokenRequest fcmTokenRequest) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return userService.registerFCMToken(user, fcmTokenRequest)
@@ -225,7 +225,7 @@ public ResponseEntity<Void> registerFCMToken(Principal principal,
     }
 
     @GetMapping("/push-settings")
-    public ResponseEntity<PushSettingGetResponse> getPushSettingValue(Principal principal) {
+    public ResponseEntity<PushSettingGetResponse> getPushSettingValue(@AuthenticationPrincipal User user) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
@@ -233,7 +233,7 @@ public ResponseEntity<PushSettingGetResponse> getPushSettingValue(Principal prin
     }
 
     @PostMapping("/push-settings")
-    public ResponseEntity<Void> registerPushSetting(Principal principal,
+    public ResponseEntity<Void> registerPushSetting(@AuthenticationPrincipal User user,
                                                     @Valid @RequestBody PushSettingRequest pushSettingRequest) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.registerPushSetting(user, pushSettingRequest.isPushEnabled());
@@ -243,7 +243,7 @@ public ResponseEntity<Void> registerPushSetting(Principal principal,
     }
 
     @GetMapping("/terms-settings")
-    public ResponseEntity<TermsSettingGetResponse> getTermsSettingValue(Principal principal) {
+    public ResponseEntity<TermsSettingGetResponse> getTermsSettingValue(@AuthenticationPrincipal User user) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
@@ -251,7 +251,7 @@ public ResponseEntity<TermsSettingGetResponse> getTermsSettingValue(Principal pr
     }
 
     @PatchMapping("/terms-settings")
-    public ResponseEntity<Void> updateTermsSetting(Principal principal,
+    public ResponseEntity<Void> updateTermsSetting(@AuthenticationPrincipal User user,
                                                    @Valid @RequestBody TermsSettingRequest termsSettingRequest) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.updateTermsSetting(user, termsSettingRequest.serviceAgreed(), termsSettingRequest.privacyAgreed(),

From c149db3f9f9dc8e9db3973b63713e79d8514265c Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 25 Mar 2025 00:05:01 +0900
Subject: [PATCH 086/122] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?=
 =?UTF-8?q?=ED=95=9C=20principal.getName()=20=ED=9B=84=20User=20=EC=A1=B0?=
 =?UTF-8?q?=ED=9A=8C=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/UserController.java  | 29 -------------------
 1 file changed, 29 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserController.java b/src/main/java/org/websoso/WSSServer/controller/UserController.java
index 965fc5a21..a3edc76f1 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserController.java
@@ -59,7 +59,6 @@ public class UserController {
     public ResponseEntity<NicknameValidation> checkNicknameAvailability(@AuthenticationPrincipal User user,
                                                                         @RequestParam("nickname")
                                                                         @NicknameConstraint String nickname) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(userService.isNicknameAvailable(user, nickname));
@@ -67,7 +66,6 @@ public ResponseEntity<NicknameValidation> checkNicknameAvailability(@Authenticat
 
     @GetMapping("/info")
     public ResponseEntity<UserInfoGetResponse> getUserInfo(@AuthenticationPrincipal User user) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(userService.getUserInfo(user));
@@ -75,7 +73,6 @@ public ResponseEntity<UserInfoGetResponse> getUserInfo(@AuthenticationPrincipal
 
     @GetMapping("/profile-status")
     public ResponseEntity<ProfileStatusResponse> getProfileStatus(@AuthenticationPrincipal User user) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(userService.getProfileStatus(user));
@@ -84,7 +81,6 @@ public ResponseEntity<ProfileStatusResponse> getProfileStatus(@AuthenticationPri
     @PatchMapping("/profile-status")
     public ResponseEntity<Void> editProfileStatus(@AuthenticationPrincipal User user,
                                                   @Valid @RequestBody EditProfileStatusRequest editProfileStatusRequest) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.editProfileStatus(user, editProfileStatusRequest);
         return ResponseEntity
                 .status(NO_CONTENT)
@@ -101,7 +97,6 @@ public ResponseEntity<LoginResponse> login(@RequestBody String userId) {
 
     @GetMapping("/my-profile")
     public ResponseEntity<MyProfileResponse> getMyProfileInfo(@AuthenticationPrincipal User user) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(userService.getMyProfileInfo(user));
@@ -110,7 +105,6 @@ public ResponseEntity<MyProfileResponse> getMyProfileInfo(@AuthenticationPrincip
     @PatchMapping("/my-profile")
     public ResponseEntity<Void> updateMyProfileInfo(@AuthenticationPrincipal User user,
                                                     @RequestBody @Valid UpdateMyProfileRequest updateMyProfileRequest) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.updateMyProfileInfo(user, updateMyProfileRequest);
         return ResponseEntity
                 .status(NO_CONTENT)
@@ -120,9 +114,6 @@ public ResponseEntity<Void> updateMyProfileInfo(@AuthenticationPrincipal User us
     @GetMapping("/profile/{userId}")
     public ResponseEntity<ProfileGetResponse> getProfileInfo(@AuthenticationPrincipal User user,
                                                              @PathVariable("userId") Long userId) {
-        User user = principal == null
-                ? null
-                : userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(userService.getProfileInfo(user, userId));
@@ -131,7 +122,6 @@ public ResponseEntity<ProfileGetResponse> getProfileInfo(@AuthenticationPrincipa
     @PostMapping("/profile")
     public ResponseEntity<Void> registerUserInfo(@AuthenticationPrincipal User user,
                                                  @Valid @RequestBody RegisterUserInfoRequest registerUserInfoRequest) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.registerUserInfo(user, registerUserInfoRequest);
         return ResponseEntity
                 .status(CREATED)
@@ -152,9 +142,6 @@ public ResponseEntity<UserNovelAndNovelsGetResponse> getUserNovelsAndNovels(@Aut
                                                                                 @RequestParam("lastUserNovelId") Long lastUserNovelId,
                                                                                 @RequestParam("size") int size,
                                                                                 @RequestParam("sortType") String sortType) {
-        User visitor = principal == null
-                ? null
-                : userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(userNovelService.getUserNovelsAndNovels(
@@ -166,9 +153,6 @@ public ResponseEntity<UserFeedsGetResponse> getUserFeeds(@AuthenticationPrincipa
                                                              @PathVariable("userId") Long userId,
                                                              @RequestParam("lastFeedId") Long lastFeedId,
                                                              @RequestParam("size") int size) {
-        User visitor = principal == null
-                ? null
-                : userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(feedService.getUserFeeds(visitor, userId, lastFeedId, size));
@@ -177,9 +161,6 @@ public ResponseEntity<UserFeedsGetResponse> getUserFeeds(@AuthenticationPrincipa
     @GetMapping("/{userId}/preferences/genres")
     public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(@AuthenticationPrincipal User user,
                                                                                    @PathVariable("userId") Long ownerId) {
-        User visitor = principal == null
-                ? null
-                : userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(userNovelService.getUserGenrePreferences(visitor, ownerId));
@@ -189,9 +170,6 @@ public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(@
     public ResponseEntity<UserTasteAttractivePointPreferencesAndKeywordsGetResponse>
     getUserAttractivePointsAndKeywords(@AuthenticationPrincipal User user,
                                        @PathVariable("userId") Long ownerId) {
-        User visitor = principal == null
-                ? null
-                : userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(userNovelService.getUserAttractivePointsAndKeywords(visitor, ownerId));
@@ -200,7 +178,6 @@ public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(@
     @PutMapping("/info")
     public ResponseEntity<Void> editMyInfo(@AuthenticationPrincipal User user,
                                            @Valid @RequestBody EditMyInfoRequest editMyInfoRequest) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.editMyInfo(user, editMyInfoRequest);
         return ResponseEntity
                 .status(NO_CONTENT)
@@ -209,7 +186,6 @@ public ResponseEntity<Void> editMyInfo(@AuthenticationPrincipal User user,
 
     @GetMapping("/me")
     public ResponseEntity<UserIdAndNicknameResponse> getUserIdAndNicknameAndGender(@AuthenticationPrincipal User user) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(userService.getUserIdAndNicknameAndGender(user));
@@ -218,7 +194,6 @@ public ResponseEntity<UserIdAndNicknameResponse> getUserIdAndNicknameAndGender(@
     @PostMapping("/fcm-token")
     public ResponseEntity<Void> registerFCMToken(@AuthenticationPrincipal User user,
                                                  @Valid @RequestBody FCMTokenRequest fcmTokenRequest) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return userService.registerFCMToken(user, fcmTokenRequest)
                 ? ResponseEntity.status(CREATED).build()
                 : ResponseEntity.status(NO_CONTENT).build();
@@ -226,7 +201,6 @@ public ResponseEntity<Void> registerFCMToken(@AuthenticationPrincipal User user,
 
     @GetMapping("/push-settings")
     public ResponseEntity<PushSettingGetResponse> getPushSettingValue(@AuthenticationPrincipal User user) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(userService.getPushSettingValue(user));
@@ -235,7 +209,6 @@ public ResponseEntity<PushSettingGetResponse> getPushSettingValue(@Authenticatio
     @PostMapping("/push-settings")
     public ResponseEntity<Void> registerPushSetting(@AuthenticationPrincipal User user,
                                                     @Valid @RequestBody PushSettingRequest pushSettingRequest) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.registerPushSetting(user, pushSettingRequest.isPushEnabled());
         return ResponseEntity
                 .status(NO_CONTENT)
@@ -244,7 +217,6 @@ public ResponseEntity<Void> registerPushSetting(@AuthenticationPrincipal User us
 
     @GetMapping("/terms-settings")
     public ResponseEntity<TermsSettingGetResponse> getTermsSettingValue(@AuthenticationPrincipal User user) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         return ResponseEntity
                 .status(OK)
                 .body(userService.getTermsSettingValue(user));
@@ -253,7 +225,6 @@ public ResponseEntity<TermsSettingGetResponse> getTermsSettingValue(@Authenticat
     @PatchMapping("/terms-settings")
     public ResponseEntity<Void> updateTermsSetting(@AuthenticationPrincipal User user,
                                                    @Valid @RequestBody TermsSettingRequest termsSettingRequest) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userService.updateTermsSetting(user, termsSettingRequest.serviceAgreed(), termsSettingRequest.privacyAgreed(),
                 termsSettingRequest.marketingAgreed());
         return ResponseEntity

From b654fe15f7bb61735e7626aceb8aed7570d1e60a Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 25 Mar 2025 00:10:21 +0900
Subject: [PATCH 087/122] =?UTF-8?q?[STYLE]=20=EC=BD=94=EB=93=9C=20?=
 =?UTF-8?q?=ED=8F=AC=EB=A7=B7=ED=8C=85?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/UserController.java  | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserController.java b/src/main/java/org/websoso/WSSServer/controller/UserController.java
index a3edc76f1..bc0228a5f 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserController.java
@@ -57,8 +57,7 @@ public class UserController {
 
     @GetMapping("/nickname/check")
     public ResponseEntity<NicknameValidation> checkNicknameAvailability(@AuthenticationPrincipal User user,
-                                                                        @RequestParam("nickname")
-                                                                        @NicknameConstraint String nickname) {
+                                                                        @RequestParam("nickname") @NicknameConstraint String nickname) {
         return ResponseEntity
                 .status(OK)
                 .body(userService.isNicknameAvailable(user, nickname));

From 24832055f65516269db0cb5989e759958c93eec4 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 25 Mar 2025 00:22:32 +0900
Subject: [PATCH 088/122] =?UTF-8?q?[REFACTOR]=20=EB=A9=94=EC=84=9C?=
 =?UTF-8?q?=EB=93=9C=20=EC=88=9C=EC=84=9C=20=EC=A1=B0=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/UserController.java  | 108 +++++++++---------
 1 file changed, 54 insertions(+), 54 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserController.java b/src/main/java/org/websoso/WSSServer/controller/UserController.java
index bc0228a5f..223fce752 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserController.java
@@ -55,43 +55,45 @@ public class UserController {
     private final UserNovelService userNovelService;
     private final FeedService feedService;
 
-    @GetMapping("/nickname/check")
-    public ResponseEntity<NicknameValidation> checkNicknameAvailability(@AuthenticationPrincipal User user,
-                                                                        @RequestParam("nickname") @NicknameConstraint String nickname) {
+    @PostMapping("/login")
+    public ResponseEntity<LoginResponse> login(@RequestBody String userId) {
+        LoginResponse response = userService.login(Long.valueOf(userId));
         return ResponseEntity
                 .status(OK)
-                .body(userService.isNicknameAvailable(user, nickname));
+                .body(response);
     }
 
-    @GetMapping("/info")
-    public ResponseEntity<UserInfoGetResponse> getUserInfo(@AuthenticationPrincipal User user) {
-        return ResponseEntity
-                .status(OK)
-                .body(userService.getUserInfo(user));
+    @PostMapping("/fcm-token")
+    public ResponseEntity<Void> registerFCMToken(@AuthenticationPrincipal User user,
+                                                 @Valid @RequestBody FCMTokenRequest fcmTokenRequest) {
+        return userService.registerFCMToken(user, fcmTokenRequest)
+                ? ResponseEntity.status(CREATED).build()
+                : ResponseEntity.status(NO_CONTENT).build();
     }
 
-    @GetMapping("/profile-status")
-    public ResponseEntity<ProfileStatusResponse> getProfileStatus(@AuthenticationPrincipal User user) {
+    @GetMapping("/nickname/check")
+    public ResponseEntity<NicknameValidation> checkNicknameAvailability(@AuthenticationPrincipal User user,
+                                                                        @RequestParam("nickname") @NicknameConstraint String nickname) {
         return ResponseEntity
                 .status(OK)
-                .body(userService.getProfileStatus(user));
+                .body(userService.isNicknameAvailable(user, nickname));
     }
 
-    @PatchMapping("/profile-status")
-    public ResponseEntity<Void> editProfileStatus(@AuthenticationPrincipal User user,
-                                                  @Valid @RequestBody EditProfileStatusRequest editProfileStatusRequest) {
-        userService.editProfileStatus(user, editProfileStatusRequest);
+    @PostMapping("/profile")
+    public ResponseEntity<Void> registerUserInfo(@AuthenticationPrincipal User user,
+                                                 @Valid @RequestBody RegisterUserInfoRequest registerUserInfoRequest) {
+        userService.registerUserInfo(user, registerUserInfoRequest);
         return ResponseEntity
-                .status(NO_CONTENT)
+                .status(CREATED)
                 .build();
     }
 
-    @PostMapping("/login")
-    public ResponseEntity<LoginResponse> login(@RequestBody String userId) {
-        LoginResponse response = userService.login(Long.valueOf(userId));
+    @GetMapping("/profile/{userId}")
+    public ResponseEntity<ProfileGetResponse> getProfileInfo(@AuthenticationPrincipal User user,
+                                                             @PathVariable("userId") Long userId) {
         return ResponseEntity
                 .status(OK)
-                .body(response);
+                .body(userService.getProfileInfo(user, userId));
     }
 
     @GetMapping("/my-profile")
@@ -110,28 +112,27 @@ public ResponseEntity<Void> updateMyProfileInfo(@AuthenticationPrincipal User us
                 .build();
     }
 
-    @GetMapping("/profile/{userId}")
-    public ResponseEntity<ProfileGetResponse> getProfileInfo(@AuthenticationPrincipal User user,
-                                                             @PathVariable("userId") Long userId) {
+    @GetMapping("/profile-status")
+    public ResponseEntity<ProfileStatusResponse> getProfileStatus(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
-                .body(userService.getProfileInfo(user, userId));
+                .body(userService.getProfileStatus(user));
     }
 
-    @PostMapping("/profile")
-    public ResponseEntity<Void> registerUserInfo(@AuthenticationPrincipal User user,
-                                                 @Valid @RequestBody RegisterUserInfoRequest registerUserInfoRequest) {
-        userService.registerUserInfo(user, registerUserInfoRequest);
+    @PatchMapping("/profile-status")
+    public ResponseEntity<Void> editProfileStatus(@AuthenticationPrincipal User user,
+                                                  @Valid @RequestBody EditProfileStatusRequest editProfileStatusRequest) {
+        userService.editProfileStatus(user, editProfileStatusRequest);
         return ResponseEntity
-                .status(CREATED)
+                .status(NO_CONTENT)
                 .build();
     }
 
-    @GetMapping("/{userId}/user-novel-stats")
-    public ResponseEntity<UserNovelCountGetResponse> getUserNovelStatistics(@PathVariable("userId") Long userId) {
+    @GetMapping("/me")
+    public ResponseEntity<UserIdAndNicknameResponse> getUserIdAndNicknameAndGender(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
-                .body(userNovelService.getUserNovelStatistics(userId));
+                .body(userService.getUserIdAndNicknameAndGender(user));
     }
 
     @GetMapping("/{userId}/novels")
@@ -174,35 +175,27 @@ public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(@
                 .body(userNovelService.getUserAttractivePointsAndKeywords(visitor, ownerId));
     }
 
-    @PutMapping("/info")
-    public ResponseEntity<Void> editMyInfo(@AuthenticationPrincipal User user,
-                                           @Valid @RequestBody EditMyInfoRequest editMyInfoRequest) {
-        userService.editMyInfo(user, editMyInfoRequest);
+    @GetMapping("/{userId}/user-novel-stats")
+    public ResponseEntity<UserNovelCountGetResponse> getUserNovelStatistics(@PathVariable("userId") Long userId) {
         return ResponseEntity
-                .status(NO_CONTENT)
-                .build();
+                .status(OK)
+                .body(userNovelService.getUserNovelStatistics(userId));
     }
 
-    @GetMapping("/me")
-    public ResponseEntity<UserIdAndNicknameResponse> getUserIdAndNicknameAndGender(@AuthenticationPrincipal User user) {
+    @GetMapping("/info")
+    public ResponseEntity<UserInfoGetResponse> getUserInfo(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
-                .body(userService.getUserIdAndNicknameAndGender(user));
-    }
-
-    @PostMapping("/fcm-token")
-    public ResponseEntity<Void> registerFCMToken(@AuthenticationPrincipal User user,
-                                                 @Valid @RequestBody FCMTokenRequest fcmTokenRequest) {
-        return userService.registerFCMToken(user, fcmTokenRequest)
-                ? ResponseEntity.status(CREATED).build()
-                : ResponseEntity.status(NO_CONTENT).build();
+                .body(userService.getUserInfo(user));
     }
 
-    @GetMapping("/push-settings")
-    public ResponseEntity<PushSettingGetResponse> getPushSettingValue(@AuthenticationPrincipal User user) {
+    @PutMapping("/info")
+    public ResponseEntity<Void> editMyInfo(@AuthenticationPrincipal User user,
+                                           @Valid @RequestBody EditMyInfoRequest editMyInfoRequest) {
+        userService.editMyInfo(user, editMyInfoRequest);
         return ResponseEntity
-                .status(OK)
-                .body(userService.getPushSettingValue(user));
+                .status(NO_CONTENT)
+                .build();
     }
 
     @PostMapping("/push-settings")
@@ -214,6 +207,13 @@ public ResponseEntity<Void> registerPushSetting(@AuthenticationPrincipal User us
                 .build();
     }
 
+    @GetMapping("/push-settings")
+    public ResponseEntity<PushSettingGetResponse> getPushSettingValue(@AuthenticationPrincipal User user) {
+        return ResponseEntity
+                .status(OK)
+                .body(userService.getPushSettingValue(user));
+    }
+
     @GetMapping("/terms-settings")
     public ResponseEntity<TermsSettingGetResponse> getTermsSettingValue(@AuthenticationPrincipal User user) {
         return ResponseEntity

From c91be4a5b38be31a9fb71ade5c1f15e01e7b128f Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 27 Mar 2025 01:29:35 +0900
Subject: [PATCH 089/122] =?UTF-8?q?[FEAT]=20=EC=9D=B8=EC=A6=9D=EB=90=9C=20?=
 =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9E=90=EC=9D=BC=20=EB=95=8C=EB=A7=8C=20?=
 =?UTF-8?q?=EC=B2=98=EB=A6=AC=ED=95=98=EB=8A=94=20=EC=9A=94=EC=B2=AD?=
 =?UTF-8?q?=EC=97=90=20@PreAuthorize=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/UserController.java     | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserController.java b/src/main/java/org/websoso/WSSServer/controller/UserController.java
index 223fce752..5a456e29a 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserController.java
@@ -7,6 +7,7 @@
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -64,6 +65,7 @@ public ResponseEntity<LoginResponse> login(@RequestBody String userId) {
     }
 
     @PostMapping("/fcm-token")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> registerFCMToken(@AuthenticationPrincipal User user,
                                                  @Valid @RequestBody FCMTokenRequest fcmTokenRequest) {
         return userService.registerFCMToken(user, fcmTokenRequest)
@@ -72,6 +74,7 @@ public ResponseEntity<Void> registerFCMToken(@AuthenticationPrincipal User user,
     }
 
     @GetMapping("/nickname/check")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<NicknameValidation> checkNicknameAvailability(@AuthenticationPrincipal User user,
                                                                         @RequestParam("nickname") @NicknameConstraint String nickname) {
         return ResponseEntity
@@ -80,6 +83,7 @@ public ResponseEntity<NicknameValidation> checkNicknameAvailability(@Authenticat
     }
 
     @PostMapping("/profile")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> registerUserInfo(@AuthenticationPrincipal User user,
                                                  @Valid @RequestBody RegisterUserInfoRequest registerUserInfoRequest) {
         userService.registerUserInfo(user, registerUserInfoRequest);
@@ -97,6 +101,7 @@ public ResponseEntity<ProfileGetResponse> getProfileInfo(@AuthenticationPrincipa
     }
 
     @GetMapping("/my-profile")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<MyProfileResponse> getMyProfileInfo(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
@@ -104,6 +109,7 @@ public ResponseEntity<MyProfileResponse> getMyProfileInfo(@AuthenticationPrincip
     }
 
     @PatchMapping("/my-profile")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> updateMyProfileInfo(@AuthenticationPrincipal User user,
                                                     @RequestBody @Valid UpdateMyProfileRequest updateMyProfileRequest) {
         userService.updateMyProfileInfo(user, updateMyProfileRequest);
@@ -113,6 +119,7 @@ public ResponseEntity<Void> updateMyProfileInfo(@AuthenticationPrincipal User us
     }
 
     @GetMapping("/profile-status")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<ProfileStatusResponse> getProfileStatus(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
@@ -120,6 +127,7 @@ public ResponseEntity<ProfileStatusResponse> getProfileStatus(@AuthenticationPri
     }
 
     @PatchMapping("/profile-status")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> editProfileStatus(@AuthenticationPrincipal User user,
                                                   @Valid @RequestBody EditProfileStatusRequest editProfileStatusRequest) {
         userService.editProfileStatus(user, editProfileStatusRequest);
@@ -129,6 +137,7 @@ public ResponseEntity<Void> editProfileStatus(@AuthenticationPrincipal User user
     }
 
     @GetMapping("/me")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<UserIdAndNicknameResponse> getUserIdAndNicknameAndGender(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
@@ -176,6 +185,7 @@ public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(@
     }
 
     @GetMapping("/{userId}/user-novel-stats")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<UserNovelCountGetResponse> getUserNovelStatistics(@PathVariable("userId") Long userId) {
         return ResponseEntity
                 .status(OK)
@@ -183,6 +193,7 @@ public ResponseEntity<UserNovelCountGetResponse> getUserNovelStatistics(@PathVar
     }
 
     @GetMapping("/info")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<UserInfoGetResponse> getUserInfo(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
@@ -190,6 +201,7 @@ public ResponseEntity<UserInfoGetResponse> getUserInfo(@AuthenticationPrincipal
     }
 
     @PutMapping("/info")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> editMyInfo(@AuthenticationPrincipal User user,
                                            @Valid @RequestBody EditMyInfoRequest editMyInfoRequest) {
         userService.editMyInfo(user, editMyInfoRequest);
@@ -199,6 +211,7 @@ public ResponseEntity<Void> editMyInfo(@AuthenticationPrincipal User user,
     }
 
     @PostMapping("/push-settings")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> registerPushSetting(@AuthenticationPrincipal User user,
                                                     @Valid @RequestBody PushSettingRequest pushSettingRequest) {
         userService.registerPushSetting(user, pushSettingRequest.isPushEnabled());
@@ -208,6 +221,7 @@ public ResponseEntity<Void> registerPushSetting(@AuthenticationPrincipal User us
     }
 
     @GetMapping("/push-settings")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<PushSettingGetResponse> getPushSettingValue(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
@@ -215,6 +229,7 @@ public ResponseEntity<PushSettingGetResponse> getPushSettingValue(@Authenticatio
     }
 
     @GetMapping("/terms-settings")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<TermsSettingGetResponse> getTermsSettingValue(@AuthenticationPrincipal User user) {
         return ResponseEntity
                 .status(OK)
@@ -222,6 +237,7 @@ public ResponseEntity<TermsSettingGetResponse> getTermsSettingValue(@Authenticat
     }
 
     @PatchMapping("/terms-settings")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> updateTermsSetting(@AuthenticationPrincipal User user,
                                                    @Valid @RequestBody TermsSettingRequest termsSettingRequest) {
         userService.updateTermsSetting(user, termsSettingRequest.serviceAgreed(), termsSettingRequest.privacyAgreed(),

From 99e3fdb1ea2439e60e973918c004b23a04196678 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 27 Mar 2025 01:30:38 +0900
Subject: [PATCH 090/122] =?UTF-8?q?[RENAME]=20=ED=8C=8C=EB=9D=BC=EB=AF=B8?=
 =?UTF-8?q?=ED=84=B0=20=EC=9D=B4=EB=A6=84=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../websoso/WSSServer/controller/UserController.java  | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserController.java b/src/main/java/org/websoso/WSSServer/controller/UserController.java
index 5a456e29a..d10e85719 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserController.java
@@ -145,7 +145,7 @@ public ResponseEntity<UserIdAndNicknameResponse> getUserIdAndNicknameAndGender(@
     }
 
     @GetMapping("/{userId}/novels")
-    public ResponseEntity<UserNovelAndNovelsGetResponse> getUserNovelsAndNovels(@AuthenticationPrincipal User user,
+    public ResponseEntity<UserNovelAndNovelsGetResponse> getUserNovelsAndNovels(@AuthenticationPrincipal User visitor,
                                                                                 @PathVariable("userId") Long userId,
                                                                                 @RequestParam("readStatus") String readStatus,
                                                                                 @RequestParam("lastUserNovelId") Long lastUserNovelId,
@@ -158,7 +158,7 @@ public ResponseEntity<UserNovelAndNovelsGetResponse> getUserNovelsAndNovels(@Aut
     }
 
     @GetMapping("/{userId}/feeds")
-    public ResponseEntity<UserFeedsGetResponse> getUserFeeds(@AuthenticationPrincipal User user,
+    public ResponseEntity<UserFeedsGetResponse> getUserFeeds(@AuthenticationPrincipal User visitor,
                                                              @PathVariable("userId") Long userId,
                                                              @RequestParam("lastFeedId") Long lastFeedId,
                                                              @RequestParam("size") int size) {
@@ -168,8 +168,9 @@ public ResponseEntity<UserFeedsGetResponse> getUserFeeds(@AuthenticationPrincipa
     }
 
     @GetMapping("/{userId}/preferences/genres")
-    public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(@AuthenticationPrincipal User user,
-                                                                                   @PathVariable("userId") Long ownerId) {
+    public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(
+            @AuthenticationPrincipal User visitor,
+            @PathVariable("userId") Long ownerId) {
         return ResponseEntity
                 .status(OK)
                 .body(userNovelService.getUserGenrePreferences(visitor, ownerId));
@@ -177,7 +178,7 @@ public ResponseEntity<UserGenrePreferencesGetResponse> getUserGenrePreferences(@
 
     @GetMapping("/{userId}/preferences/attractive-points")
     public ResponseEntity<UserTasteAttractivePointPreferencesAndKeywordsGetResponse>
-    getUserAttractivePointsAndKeywords(@AuthenticationPrincipal User user,
+    getUserAttractivePointsAndKeywords(@AuthenticationPrincipal User visitor,
                                        @PathVariable("userId") Long ownerId) {
         return ResponseEntity
                 .status(OK)

From 015386bde3b5a285f95f437611652c5883187bb0 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 27 Mar 2025 01:33:42 +0900
Subject: [PATCH 091/122] =?UTF-8?q?[REFACTOR]=20Principal=20=EB=8C=80?=
 =?UTF-8?q?=EC=8B=A0=20@AuthenticationPrincipal=20User=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/UserNovelController.java     | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
index 484bfd6de..0f3e4cb9b 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
@@ -5,9 +5,9 @@
 import static org.springframework.http.HttpStatus.OK;
 
 import jakarta.validation.Valid;
-import java.security.Principal;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -35,7 +35,8 @@ public class UserNovelController {
     private final UserNovelService userNovelService;
 
     @GetMapping("/{novelId}")
-    public ResponseEntity<UserNovelGetResponse> getEvaluation(Principal principal, @PathVariable Long novelId) {
+    public ResponseEntity<UserNovelGetResponse> getEvaluation(@AuthenticationPrincipal User user,
+                                                              @PathVariable Long novelId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         Novel novel = novelService.getNovelOrException(novelId);
 
@@ -45,7 +46,7 @@ public ResponseEntity<UserNovelGetResponse> getEvaluation(Principal principal, @
     }
 
     @PostMapping
-    public ResponseEntity<Void> createEvaluation(Principal principal,
+    public ResponseEntity<Void> createEvaluation(@AuthenticationPrincipal User user,
                                                  @Valid @RequestBody UserNovelCreateRequest request) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userNovelService.createEvaluation(user, request);
@@ -56,7 +57,7 @@ public ResponseEntity<Void> createEvaluation(Principal principal,
     }
 
     @PutMapping("/{novelId}")
-    public ResponseEntity<Void> updateEvaluation(Principal principal, @PathVariable Long novelId,
+    public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user, @PathVariable Long novelId,
                                                  @Valid @RequestBody UserNovelUpdateRequest request) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         Novel novel = novelService.getNovelOrException(novelId);
@@ -68,7 +69,7 @@ public ResponseEntity<Void> updateEvaluation(Principal principal, @PathVariable
     }
 
     @DeleteMapping("/{novelId}")
-    public ResponseEntity<Void> deleteEvaluation(Principal principal, @PathVariable Long novelId) {
+    public ResponseEntity<Void> deleteEvaluation(@AuthenticationPrincipal User user, @PathVariable Long novelId) {
         User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         Novel novel = novelService.getNovelOrException(novelId);
         userNovelService.deleteEvaluation(user, novel);

From e2068cb5fd7a696d5ded47df912860e9dd59d0b3 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 27 Mar 2025 01:34:18 +0900
Subject: [PATCH 092/122] =?UTF-8?q?[REMOVE]=20=EB=B6=88=ED=95=84=EC=9A=94?=
 =?UTF-8?q?=ED=95=9C=20principal.getName()=20=ED=9B=84=20User=20=EC=A1=B0?=
 =?UTF-8?q?=ED=9A=8C=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/UserNovelController.java        | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
index 0f3e4cb9b..1b36e9174 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
@@ -37,9 +37,7 @@ public class UserNovelController {
     @GetMapping("/{novelId}")
     public ResponseEntity<UserNovelGetResponse> getEvaluation(@AuthenticationPrincipal User user,
                                                               @PathVariable Long novelId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         Novel novel = novelService.getNovelOrException(novelId);
-
         return ResponseEntity
                 .status(OK)
                 .body(userNovelService.getEvaluation(user, novel));
@@ -48,9 +46,7 @@ public ResponseEntity<UserNovelGetResponse> getEvaluation(@AuthenticationPrincip
     @PostMapping
     public ResponseEntity<Void> createEvaluation(@AuthenticationPrincipal User user,
                                                  @Valid @RequestBody UserNovelCreateRequest request) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         userNovelService.createEvaluation(user, request);
-
         return ResponseEntity
                 .status(CREATED)
                 .build();
@@ -59,10 +55,8 @@ public ResponseEntity<Void> createEvaluation(@AuthenticationPrincipal User user,
     @PutMapping("/{novelId}")
     public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user, @PathVariable Long novelId,
                                                  @Valid @RequestBody UserNovelUpdateRequest request) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         Novel novel = novelService.getNovelOrException(novelId);
         userNovelService.updateEvaluation(user, novel, request);
-
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
@@ -70,13 +64,10 @@ public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user,
 
     @DeleteMapping("/{novelId}")
     public ResponseEntity<Void> deleteEvaluation(@AuthenticationPrincipal User user, @PathVariable Long novelId) {
-        User user = userService.getUserOrException(Long.valueOf(principal.getName()));
         Novel novel = novelService.getNovelOrException(novelId);
         userNovelService.deleteEvaluation(user, novel);
-
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
     }
-
 }

From ff6c852cbadfea0d2db9fd11947610ccaa7ea429 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 27 Mar 2025 01:34:32 +0900
Subject: [PATCH 093/122] =?UTF-8?q?[REMOVE]=20=EC=A3=BC=EC=9E=85=ED=95=98?=
 =?UTF-8?q?=EC=97=AC=20=EC=82=AC=EC=9A=A9=ED=95=98=EC=A7=80=20=EC=95=8A?=
 =?UTF-8?q?=EB=8A=94=20UserService=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/controller/UserNovelController.java   | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
index 1b36e9174..49f3574f3 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
@@ -23,14 +23,12 @@
 import org.websoso.WSSServer.dto.userNovel.UserNovelUpdateRequest;
 import org.websoso.WSSServer.service.NovelService;
 import org.websoso.WSSServer.service.UserNovelService;
-import org.websoso.WSSServer.service.UserService;
 
 @RequestMapping("/user-novels")
 @RestController
 @RequiredArgsConstructor
 public class UserNovelController {
 
-    private final UserService userService;
     private final NovelService novelService;
     private final UserNovelService userNovelService;
 

From b8695c3e48dd2bf116d38d7185e55771fd602de8 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 27 Mar 2025 01:35:07 +0900
Subject: [PATCH 094/122] =?UTF-8?q?[STYLE]=20=EB=A9=94=EC=84=9C=EB=93=9C?=
 =?UTF-8?q?=20=EC=88=9C=EC=84=9C=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../controller/UserNovelController.java        | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
index 49f3574f3..58adaf91e 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
@@ -32,15 +32,6 @@ public class UserNovelController {
     private final NovelService novelService;
     private final UserNovelService userNovelService;
 
-    @GetMapping("/{novelId}")
-    public ResponseEntity<UserNovelGetResponse> getEvaluation(@AuthenticationPrincipal User user,
-                                                              @PathVariable Long novelId) {
-        Novel novel = novelService.getNovelOrException(novelId);
-        return ResponseEntity
-                .status(OK)
-                .body(userNovelService.getEvaluation(user, novel));
-    }
-
     @PostMapping
     public ResponseEntity<Void> createEvaluation(@AuthenticationPrincipal User user,
                                                  @Valid @RequestBody UserNovelCreateRequest request) {
@@ -50,6 +41,15 @@ public ResponseEntity<Void> createEvaluation(@AuthenticationPrincipal User user,
                 .build();
     }
 
+    @GetMapping("/{novelId}")
+    public ResponseEntity<UserNovelGetResponse> getEvaluation(@AuthenticationPrincipal User user,
+                                                              @PathVariable Long novelId) {
+        Novel novel = novelService.getNovelOrException(novelId);
+        return ResponseEntity
+                .status(OK)
+                .body(userNovelService.getEvaluation(user, novel));
+    }
+
     @PutMapping("/{novelId}")
     public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user, @PathVariable Long novelId,
                                                  @Valid @RequestBody UserNovelUpdateRequest request) {

From 52dfd298a34903fb0373577beeb510b6158ed986 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 27 Mar 2025 01:39:40 +0900
Subject: [PATCH 095/122] =?UTF-8?q?[FEAT]=20=EC=9D=B8=EC=A6=9D=EB=90=9C=20?=
 =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9E=90=EC=9D=BC=20=EB=95=8C=EB=A7=8C=20?=
 =?UTF-8?q?=EC=B2=98=EB=A6=AC=ED=95=98=EB=8A=94=20=EC=9A=94=EC=B2=AD?=
 =?UTF-8?q?=EC=97=90=20@PreAuthorize=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../websoso/WSSServer/controller/UserNovelController.java    | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
index 58adaf91e..57be24b3d 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
@@ -7,6 +7,7 @@
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -33,6 +34,7 @@ public class UserNovelController {
     private final UserNovelService userNovelService;
 
     @PostMapping
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> createEvaluation(@AuthenticationPrincipal User user,
                                                  @Valid @RequestBody UserNovelCreateRequest request) {
         userNovelService.createEvaluation(user, request);
@@ -42,6 +44,7 @@ public ResponseEntity<Void> createEvaluation(@AuthenticationPrincipal User user,
     }
 
     @GetMapping("/{novelId}")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<UserNovelGetResponse> getEvaluation(@AuthenticationPrincipal User user,
                                                               @PathVariable Long novelId) {
         Novel novel = novelService.getNovelOrException(novelId);
@@ -51,6 +54,7 @@ public ResponseEntity<UserNovelGetResponse> getEvaluation(@AuthenticationPrincip
     }
 
     @PutMapping("/{novelId}")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user, @PathVariable Long novelId,
                                                  @Valid @RequestBody UserNovelUpdateRequest request) {
         Novel novel = novelService.getNovelOrException(novelId);
@@ -61,6 +65,7 @@ public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user,
     }
 
     @DeleteMapping("/{novelId}")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> deleteEvaluation(@AuthenticationPrincipal User user, @PathVariable Long novelId) {
         Novel novel = novelService.getNovelOrException(novelId);
         userNovelService.deleteEvaluation(user, novel);

From b07cccc0cafacef364603b03c3d9b3371764f0bb Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Thu, 27 Mar 2025 01:41:29 +0900
Subject: [PATCH 096/122] =?UTF-8?q?[STYLE]=20=EC=BD=94=EB=93=9C=20?=
 =?UTF-8?q?=ED=8F=AC=EB=A7=B7=ED=8C=85?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../websoso/WSSServer/controller/UserNovelController.java   | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
index 57be24b3d..7f055cb8e 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
@@ -55,7 +55,8 @@ public ResponseEntity<UserNovelGetResponse> getEvaluation(@AuthenticationPrincip
 
     @PutMapping("/{novelId}")
     @PreAuthorize("isAuthenticated()")
-    public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user, @PathVariable Long novelId,
+    public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user,
+                                                 @PathVariable Long novelId,
                                                  @Valid @RequestBody UserNovelUpdateRequest request) {
         Novel novel = novelService.getNovelOrException(novelId);
         userNovelService.updateEvaluation(user, novel, request);
@@ -66,7 +67,8 @@ public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user,
 
     @DeleteMapping("/{novelId}")
     @PreAuthorize("isAuthenticated()")
-    public ResponseEntity<Void> deleteEvaluation(@AuthenticationPrincipal User user, @PathVariable Long novelId) {
+    public ResponseEntity<Void> deleteEvaluation(@AuthenticationPrincipal User user,
+                                                 @PathVariable Long novelId) {
         Novel novel = novelService.getNovelOrException(novelId);
         userNovelService.deleteEvaluation(user, novel);
         return ResponseEntity

From 08e18e2f73243083ca7fcccee5dfa158e5a1d705 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sat, 29 Mar 2025 01:55:06 +0900
Subject: [PATCH 097/122] =?UTF-8?q?[FEAT]=20=EB=A6=AC=EC=86=8C=EC=8A=A4=20?=
 =?UTF-8?q?=EC=A1=B0=EC=9E=91=20=EA=B6=8C=ED=95=9C=20=ED=99=95=EC=9D=B8?=
 =?UTF-8?q?=EC=9D=84=20=EC=9C=84=ED=95=B4=20@PreAuthorize=EC=97=90=20valid?=
 =?UTF-8?q?ate=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/controller/UserNovelController.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
index 7f055cb8e..daf025628 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
@@ -54,7 +54,7 @@ public ResponseEntity<UserNovelGetResponse> getEvaluation(@AuthenticationPrincip
     }
 
     @PutMapping("/{novelId}")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @authorizationService.validate(#novelId, #user, T(org.websoso.WSSServer.domain.UserNovel))")
     public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user,
                                                  @PathVariable Long novelId,
                                                  @Valid @RequestBody UserNovelUpdateRequest request) {
@@ -66,7 +66,7 @@ public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user,
     }
 
     @DeleteMapping("/{novelId}")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @authorizationService.validate(#novelId, #user, T(org.websoso.WSSServer.domain.UserNovel))")
     public ResponseEntity<Void> deleteEvaluation(@AuthenticationPrincipal User user,
                                                  @PathVariable Long novelId) {
         Novel novel = novelService.getNovelOrException(novelId);

From 046988c9dd984e27534dac17257ae2db5ac26eb9 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sat, 29 Mar 2025 01:56:16 +0900
Subject: [PATCH 098/122] =?UTF-8?q?[FEAT]=20UserNovelRepository.findByNove?=
 =?UTF-8?q?l=5FNovelIdAndUser=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/repository/UserNovelRepository.java   | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/repository/UserNovelRepository.java b/src/main/java/org/websoso/WSSServer/repository/UserNovelRepository.java
index 09067260b..e0fdda963 100644
--- a/src/main/java/org/websoso/WSSServer/repository/UserNovelRepository.java
+++ b/src/main/java/org/websoso/WSSServer/repository/UserNovelRepository.java
@@ -27,4 +27,6 @@ public interface UserNovelRepository extends JpaRepository<UserNovel, Long>, Use
     List<UserNovel> findByUserAndIsInterestTrue(User user);
 
     List<UserNovel> findUserNovelByUser(User user);
+
+    Optional<UserNovel> findByNovel_NovelIdAndUser(Long novelId, User user);
 }

From 2bc91a678887413066acffc09d7640f304ecad6d Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sat, 29 Mar 2025 01:57:44 +0900
Subject: [PATCH 099/122] =?UTF-8?q?[FIX]=20getUserNovelOrException?=
 =?UTF-8?q?=EC=9D=98=20=EB=A9=94=EC=84=9C=EB=93=9C=20=EC=8B=9C=EA=B7=B8?=
 =?UTF-8?q?=EB=8B=88=EC=B2=98=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Novel novel -> Long novelId
---
 .../WSSServer/controller/UserNovelController.java      |  4 ++--
 .../websoso/WSSServer/service/UserNovelService.java    | 10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
index daf025628..35466003d 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
@@ -59,7 +59,7 @@ public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user,
                                                  @PathVariable Long novelId,
                                                  @Valid @RequestBody UserNovelUpdateRequest request) {
         Novel novel = novelService.getNovelOrException(novelId);
-        userNovelService.updateEvaluation(user, novel, request);
+        userNovelService.updateEvaluation(user, novelId, request);
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
@@ -70,7 +70,7 @@ public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user,
     public ResponseEntity<Void> deleteEvaluation(@AuthenticationPrincipal User user,
                                                  @PathVariable Long novelId) {
         Novel novel = novelService.getNovelOrException(novelId);
-        userNovelService.deleteEvaluation(user, novel);
+        userNovelService.deleteEvaluation(user, novelId);
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
diff --git a/src/main/java/org/websoso/WSSServer/service/UserNovelService.java b/src/main/java/org/websoso/WSSServer/service/UserNovelService.java
index 1433c4bf5..a41ed3bd6 100644
--- a/src/main/java/org/websoso/WSSServer/service/UserNovelService.java
+++ b/src/main/java/org/websoso/WSSServer/service/UserNovelService.java
@@ -73,6 +73,7 @@ public class UserNovelService {
     @Transactional(readOnly = true)
     public UserNovel getUserNovelOrException(User user, Novel novel) {
         return userNovelRepository.findByNovelAndUser(novel, user).orElseThrow(
+    public UserNovel getUserNovelOrException(User user, Long novelId) {
                 () -> new CustomUserNovelException(USER_NOVEL_NOT_FOUND,
                         "user novel with the given user and novel is not found"));
     }
@@ -105,9 +106,8 @@ public void createEvaluation(User user, UserNovelCreateRequest request) {
         createNovelKeywords(userNovel, request.keywordIds());
     }
 
-    public void updateEvaluation(User user, Novel novel, UserNovelUpdateRequest request) {
-        UserNovel userNovel = getUserNovelOrException(user, novel);
-
+    public void updateEvaluation(User user, Long novelId, UserNovelUpdateRequest request) {
+        UserNovel userNovel = getUserNovelOrException(user, novelId);
         updateUserNovel(userNovel, request);
         updateAssociations(userNovel, request);
     }
@@ -178,8 +178,8 @@ private void createNovelKeywords(UserNovel userNovel, List<Integer> request) {
         }
     }
 
-    public void deleteEvaluation(User user, Novel novel) {
-        UserNovel userNovel = getUserNovelOrException(user, novel);
+    public void deleteEvaluation(User user, Long novelId) {
+        UserNovel userNovel = getUserNovelOrException(user, novelId);
 
         if (userNovel.getStatus() == null) {
             throw new CustomUserNovelException(NOT_EVALUATED, "this novel has not been evaluated by the user");

From e7b8c05e4fb4bf5c53d50dcdb8dd7bc2c4449e79 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sat, 29 Mar 2025 01:59:14 +0900
Subject: [PATCH 100/122] =?UTF-8?q?[REMOVE]=20Novel=20=EC=9D=B4=EC=A4=91?=
 =?UTF-8?q?=20=EA=B2=80=EC=A6=9D=20=EC=BD=94=EB=93=9C=20=EC=82=AD=EC=A0=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/controller/UserNovelController.java  | 2 --
 src/main/java/org/websoso/WSSServer/service/NovelService.java  | 3 +--
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
index 35466003d..09b353b2d 100644
--- a/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/UserNovelController.java
@@ -58,7 +58,6 @@ public ResponseEntity<UserNovelGetResponse> getEvaluation(@AuthenticationPrincip
     public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user,
                                                  @PathVariable Long novelId,
                                                  @Valid @RequestBody UserNovelUpdateRequest request) {
-        Novel novel = novelService.getNovelOrException(novelId);
         userNovelService.updateEvaluation(user, novelId, request);
         return ResponseEntity
                 .status(NO_CONTENT)
@@ -69,7 +68,6 @@ public ResponseEntity<Void> updateEvaluation(@AuthenticationPrincipal User user,
     @PreAuthorize("isAuthenticated() and @authorizationService.validate(#novelId, #user, T(org.websoso.WSSServer.domain.UserNovel))")
     public ResponseEntity<Void> deleteEvaluation(@AuthenticationPrincipal User user,
                                                  @PathVariable Long novelId) {
-        Novel novel = novelService.getNovelOrException(novelId);
         userNovelService.deleteEvaluation(user, novelId);
         return ResponseEntity
                 .status(NO_CONTENT)
diff --git a/src/main/java/org/websoso/WSSServer/service/NovelService.java b/src/main/java/org/websoso/WSSServer/service/NovelService.java
index 3d4e1de75..c25eab95a 100644
--- a/src/main/java/org/websoso/WSSServer/service/NovelService.java
+++ b/src/main/java/org/websoso/WSSServer/service/NovelService.java
@@ -144,8 +144,7 @@ public void registerAsInterest(User user, Long novelId) {
     }
 
     public void unregisterAsInterest(User user, Long novelId) {
-        Novel novel = getNovelOrException(novelId);
-        UserNovel userNovel = userNovelService.getUserNovelOrException(user, novel);
+        UserNovel userNovel = userNovelService.getUserNovelOrException(user, novelId);
 
         if (!userNovel.getIsInterest()) {
             throw new CustomUserNovelException(NOT_INTERESTED, "not registered as interest");

From a6c7f5f01bfe9cb411ccc68d21bf9cba9dbdc320 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sat, 29 Mar 2025 01:59:37 +0900
Subject: [PATCH 101/122] =?UTF-8?q?[FIX]=20getUserNovelOrExceptionNovel?=
 =?UTF-8?q?=EC=97=90=EC=84=9C=20findByNovel=5FNovelIdAndUser=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9=ED=95=98=EB=8F=84=EB=A1=9D=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/service/UserNovelService.java | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/service/UserNovelService.java b/src/main/java/org/websoso/WSSServer/service/UserNovelService.java
index a41ed3bd6..3371eee95 100644
--- a/src/main/java/org/websoso/WSSServer/service/UserNovelService.java
+++ b/src/main/java/org/websoso/WSSServer/service/UserNovelService.java
@@ -71,10 +71,9 @@ public class UserNovelService {
     );
 
     @Transactional(readOnly = true)
-    public UserNovel getUserNovelOrException(User user, Novel novel) {
-        return userNovelRepository.findByNovelAndUser(novel, user).orElseThrow(
     public UserNovel getUserNovelOrException(User user, Long novelId) {
-                () -> new CustomUserNovelException(USER_NOVEL_NOT_FOUND,
+        return userNovelRepository.findByNovel_NovelIdAndUser(novelId, user)
+                .orElseThrow(() -> new CustomUserNovelException(USER_NOVEL_NOT_FOUND,
                         "user novel with the given user and novel is not found"));
     }
 

From 7a03caf902099e9f0945dd432625b1f8e5d54f8a Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sat, 29 Mar 2025 02:05:08 +0900
Subject: [PATCH 102/122] =?UTF-8?q?[REFACTOR]=20POST=20/reissue=20?=
 =?UTF-8?q?=EC=8B=9C=20=EB=B3=80=EC=88=98=20=EC=9D=B8=EB=9D=BC=EC=9D=B8=20?=
 =?UTF-8?q?=EC=B2=98=EB=A6=AC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/AuthController.java  | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/AuthController.java b/src/main/java/org/websoso/WSSServer/controller/AuthController.java
index b5af7cd66..89125a449 100644
--- a/src/main/java/org/websoso/WSSServer/controller/AuthController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/AuthController.java
@@ -35,10 +35,9 @@ public class AuthController {
 
     @PostMapping("/reissue")
     public ResponseEntity<ReissueResponse> reissue(@RequestBody ReissueRequest reissueRequest) {
-        String refreshToken = reissueRequest.refreshToken();
         return ResponseEntity
                 .status(OK)
-                .body(authService.reissue(refreshToken));
+                .body(authService.reissue(reissueRequest.refreshToken()));
     }
 
     @PostMapping("/auth/login/kakao")

From 290d5baf803a97986e92713d98ee3a1a6dca3ad2 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sat, 29 Mar 2025 02:06:41 +0900
Subject: [PATCH 103/122] =?UTF-8?q?[REFACTOR]=20LogoutRequest=EB=A5=BC=20?=
 =?UTF-8?q?=EC=84=9C=EB=B9=84=EC=8A=A4=EC=97=90=20=EA=B7=B8=EB=8C=80?=
 =?UTF-8?q?=EB=A1=9C=20=EC=A0=84=EB=8B=AC=ED=95=98=EB=8F=84=EB=A1=9D=20?=
 =?UTF-8?q?=EB=A6=AC=ED=8C=A9=ED=84=B0=EB=A7=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../websoso/WSSServer/controller/AuthController.java   |  4 +---
 .../org/websoso/WSSServer/service/UserService.java     | 10 +++++++---
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/AuthController.java b/src/main/java/org/websoso/WSSServer/controller/AuthController.java
index 89125a449..5685e723b 100644
--- a/src/main/java/org/websoso/WSSServer/controller/AuthController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/AuthController.java
@@ -58,9 +58,7 @@ public ResponseEntity<AuthResponse> loginByApple(@Valid @RequestBody AppleLoginR
     @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> logout(@AuthenticationPrincipal User user,
                                        @Valid @RequestBody LogoutRequest request) {
-        String refreshToken = request.refreshToken();
-        String deviceIdentifier = request.deviceIdentifier();
-        userService.logout(user, refreshToken, deviceIdentifier);
+        userService.logout(user, request);
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
diff --git a/src/main/java/org/websoso/WSSServer/service/UserService.java b/src/main/java/org/websoso/WSSServer/service/UserService.java
index 1ef1f734f..23da7345d 100644
--- a/src/main/java/org/websoso/WSSServer/service/UserService.java
+++ b/src/main/java/org/websoso/WSSServer/service/UserService.java
@@ -28,6 +28,7 @@
 import org.websoso.WSSServer.domain.WithdrawalReason;
 import org.websoso.WSSServer.domain.common.DiscordWebhookMessage;
 import org.websoso.WSSServer.domain.common.SocialLoginType;
+import org.websoso.WSSServer.dto.auth.LogoutRequest;
 import org.websoso.WSSServer.dto.notification.PushSettingGetResponse;
 import org.websoso.WSSServer.dto.user.EditMyInfoRequest;
 import org.websoso.WSSServer.dto.user.EditProfileStatusRequest;
@@ -182,9 +183,12 @@ public void registerUserInfo(User user, RegisterUserInfoRequest registerUserInfo
                 MessageFormatter.formatUserJoinMessage(user, SocialLoginType.fromSocialId(user.getSocialId())), JOIN));
     }
 
-    public void logout(User user, String refreshToken, String deviceIdentifier) {
-        refreshTokenRepository.findByRefreshToken(refreshToken).ifPresent(refreshTokenRepository::delete);
-        userDeviceRepository.deleteByUserAndDeviceIdentifier(user, deviceIdentifier);
+    public void logout(User user, LogoutRequest request) {
+        refreshTokenRepository.findByRefreshToken(request.refreshToken())
+                .ifPresent(refreshTokenRepository::delete);
+
+        userDeviceRepository.deleteByUserAndDeviceIdentifier(user, request.deviceIdentifier());
+
         if (user.getSocialId().startsWith(KAKAO_PREFIX)) {
             kakaoService.kakaoLogout(user);
         }

From 82930aa0a7164e9d21e03d36aaa7c2dbb3302652 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 30 Mar 2025 16:12:06 +0900
Subject: [PATCH 104/122] =?UTF-8?q?[FIX]=20blockingId=EC=99=80=20userId?=
 =?UTF-8?q?=EA=B0=80=20=EA=B0=99=EC=9D=84=20=EB=95=8C=EB=A1=9C=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

blockId: Block의 인조키
blockingId: 차단한 사람 userId
blockedId: 차단 당한 사람 userId
---
 .../WSSServer/auth/validator/BlockAuthorizationValidator.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java
index 474855ce0..266b5a888 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java
@@ -34,7 +34,7 @@ private Block getBlockOrException(Long blockId) {
     }
 
     private boolean isBlockOwner(Block block, User user) {
-        return block.getBlockedId().equals(user.getUserId());
+        return block.getBlockingId().equals(user.getUserId());
     }
 
     @Override

From e002c1c544c7758bc6de4a93c2ef100bf282eafc Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 30 Mar 2025 16:15:37 +0900
Subject: [PATCH 105/122] =?UTF-8?q?[STYLE]=20=EC=BD=94=EB=93=9C=20?=
 =?UTF-8?q?=ED=8F=AC=EB=A7=B7=ED=8C=85?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/auth/validator/BlockAuthorizationValidator.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java
index 266b5a888..0daba4aac 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/BlockAuthorizationValidator.java
@@ -29,8 +29,8 @@ public boolean hasPermission(Long blockId, User user) {
 
     private Block getBlockOrException(Long blockId) {
         return blockRepository.findById(blockId)
-                .orElseThrow(
-                        () -> new CustomBlockException(BLOCK_NOT_FOUND, "block with the given blockId was not found"));
+                .orElseThrow(() -> new CustomBlockException(BLOCK_NOT_FOUND,
+                        "block with the given blockId was not found"));
     }
 
     private boolean isBlockOwner(Block block, User user) {

From 9fce815af36ec8b60ac1257eb86d8252d1cb62c7 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 30 Mar 2025 17:32:02 +0900
Subject: [PATCH 106/122] =?UTF-8?q?[REMOVE]=20=EB=A6=AC=EC=86=8C=EC=8A=A4?=
 =?UTF-8?q?=20=EC=88=98=EC=A0=95=EC=9D=84=20=EC=9C=84=ED=95=9C=20=EC=A4=91?=
 =?UTF-8?q?=EB=B3=B5=20=EA=B2=80=EC=A6=9D=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/main/java/org/websoso/WSSServer/service/FeedService.java | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/service/FeedService.java b/src/main/java/org/websoso/WSSServer/service/FeedService.java
index 984dc117b..967967de1 100644
--- a/src/main/java/org/websoso/WSSServer/service/FeedService.java
+++ b/src/main/java/org/websoso/WSSServer/service/FeedService.java
@@ -93,7 +93,6 @@ public void createFeed(User user, FeedCreateRequest request) {
 
     public void updateFeed(User user, Long feedId, FeedUpdateRequest request) {
         Feed feed = getFeedOrException(feedId);
-        feed.validateUserAuthorization(user, UPDATE);
 
         if (request.novelId() != null && feed.isNovelChanged(request.novelId())) {
             novelService.getNovelOrException(request.novelId());

From 3cf8a3ef89e1d336a40ebeccfdb1f4bc0c6ea136 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 30 Mar 2025 17:32:24 +0900
Subject: [PATCH 107/122] =?UTF-8?q?[REFACTOR]=20updateFeed()=20=EB=A9=94?=
 =?UTF-8?q?=EC=84=9C=EB=93=9C=20=EC=8B=9C=EA=B7=B8=EB=8B=88=EC=B2=98=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/FeedController.java   | 2 +-
 src/main/java/org/websoso/WSSServer/service/FeedService.java    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index ab1ab39db..3069e9d41 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -75,7 +75,7 @@ public ResponseEntity<FeedsGetResponse> getFeeds(@AuthenticationPrincipal User u
     public ResponseEntity<Void> updateFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId,
                                            @Valid @RequestBody FeedUpdateRequest request) {
-        feedService.updateFeed(user, feedId, request);
+        feedService.updateFeed(feedId, request);
         return ResponseEntity
                 .status(NO_CONTENT)
                 .build();
diff --git a/src/main/java/org/websoso/WSSServer/service/FeedService.java b/src/main/java/org/websoso/WSSServer/service/FeedService.java
index 967967de1..d901a11e6 100644
--- a/src/main/java/org/websoso/WSSServer/service/FeedService.java
+++ b/src/main/java/org/websoso/WSSServer/service/FeedService.java
@@ -91,7 +91,7 @@ public void createFeed(User user, FeedCreateRequest request) {
         feedCategoryService.createFeedCategory(feed, request.relevantCategories());
     }
 
-    public void updateFeed(User user, Long feedId, FeedUpdateRequest request) {
+    public void updateFeed(Long feedId, FeedUpdateRequest request) {
         Feed feed = getFeedOrException(feedId);
 
         if (request.novelId() != null && feed.isNovelChanged(request.novelId())) {

From 805b627498ef32545e33377e22c69aefa9d066b9 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 30 Mar 2025 17:32:45 +0900
Subject: [PATCH 108/122] =?UTF-8?q?[REMOVE]=20=EC=82=AC=EC=9A=A9=ED=95=98?=
 =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EB=8A=94=20=EB=A6=AC=EC=86=8C=EC=8A=A4=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95=20=EA=B6=8C=ED=95=9C=20=EA=B2=80=EC=A6=9D=20?=
 =?UTF-8?q?=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/main/java/org/websoso/WSSServer/domain/Feed.java | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/domain/Feed.java b/src/main/java/org/websoso/WSSServer/domain/Feed.java
index 9365a23c9..68d7df1b5 100644
--- a/src/main/java/org/websoso/WSSServer/domain/Feed.java
+++ b/src/main/java/org/websoso/WSSServer/domain/Feed.java
@@ -2,7 +2,6 @@
 
 import static jakarta.persistence.CascadeType.ALL;
 import static jakarta.persistence.GenerationType.IDENTITY;
-import static org.websoso.WSSServer.exception.error.CustomUserError.INVALID_AUTHORIZED;
 
 import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
@@ -21,8 +20,6 @@
 import lombok.Getter;
 import lombok.NoArgsConstructor;
 import org.hibernate.annotations.DynamicInsert;
-import org.websoso.WSSServer.domain.common.Action;
-import org.websoso.WSSServer.exception.exception.CustomUserException;
 
 @Getter
 @DynamicInsert
@@ -90,13 +87,6 @@ public void updateFeed(String feedContent, Boolean isSpoiler, Long novelId) {
         this.modifiedDate = LocalDateTime.now();
     }
 
-    public void validateUserAuthorization(User user, Action action) {
-        if (!this.user.equals(user)) {
-            throw new CustomUserException(INVALID_AUTHORIZED,
-                    "only the author can " + action.getLabel() + " the feed");
-        }
-    }
-
     public boolean isNovelChanged(Long novelId) {
         return !Objects.equals(this.novelId, novelId);
     }

From 4fedcd70431e693d604e80f1e8760a24b75e9dff Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 30 Mar 2025 18:06:56 +0900
Subject: [PATCH 109/122] =?UTF-8?q?[FIX]=20=EC=9E=98=EB=AA=BB=20=EA=B2=80?=
 =?UTF-8?q?=EC=A6=9D=ED=95=98=EA=B3=A0=20=EC=9E=88=EB=8D=98=20=EC=A2=8B?=
 =?UTF-8?q?=EC=95=84=EC=9A=94=20=EC=B7=A8=EC=86=8C=20=EA=B4=80=EB=A0=A8=20?=
 =?UTF-8?q?=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/websoso/WSSServer/controller/FeedController.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index 3069e9d41..9ddf0bd8f 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -102,7 +102,7 @@ public ResponseEntity<Void> likeFeed(@AuthenticationPrincipal User user,
     }
 
     @DeleteMapping("/{feedId}/likes")
-    @PreAuthorize("isAuthenticated() and @authorizationService.validate(#feedId, #user, T(org.websoso.WSSServer.domain.Feed))")
+    @PreAuthorize("isAuthenticated()")
     public ResponseEntity<Void> unLikeFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId) {
         feedService.unLikeFeed(user, feedId);

From 17b3ffc6a047f74ce673ecacb753206205f17213 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 30 Mar 2025 18:08:37 +0900
Subject: [PATCH 110/122] =?UTF-8?q?[RENAME]=20=EC=A2=8B=EC=95=84=EC=9A=94?=
 =?UTF-8?q?=20=EA=B4=80=EB=A0=A8=20CustomError=20=EA=B0=84=EA=B2=B0?=
 =?UTF-8?q?=ED=95=98=EA=B2=8C=20rename?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../org/websoso/WSSServer/exception/error/CustomFeedError.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/exception/error/CustomFeedError.java b/src/main/java/org/websoso/WSSServer/exception/error/CustomFeedError.java
index 96a0989f6..f93b15db7 100644
--- a/src/main/java/org/websoso/WSSServer/exception/error/CustomFeedError.java
+++ b/src/main/java/org/websoso/WSSServer/exception/error/CustomFeedError.java
@@ -16,7 +16,7 @@ public enum CustomFeedError implements ICustomError {
 
     FEED_NOT_FOUND("FEED-001", "해당 ID를 가진 피드를 찾을 수 없습니다.", NOT_FOUND),
     ALREADY_LIKED("FEED-002", "이미 해당 피드에 좋아요를 눌렀습니다.", CONFLICT),
-    LIKE_USER_NOT_FOUND("FEED-003", "해당 사용자가 이 피드에 좋아요를 누르지 않았습니다.", NOT_FOUND),
+    NOT_LIKED("FEED-003", "해당 사용자가 이 피드에 좋아요를 누르지 않았습니다.", NOT_FOUND),
     INVALID_LIKE_COUNT("FEED-004", "좋아요 수가 유효하지 않습니다.", BAD_REQUEST),
     HIDDEN_FEED_ACCESS("FEED-005", "이 피드는 숨겨져 있어 접근할 수 없습니다.", FORBIDDEN),
     BLOCKED_USER_ACCESS("FEED-006", "해당 사용자와 피드 작성자가 차단 상태이므로 이 피드에 접근할 수 없습니다.", FORBIDDEN),

From 244486da9b0203cab2ac9aef9971bb67e8e5cafb Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 30 Mar 2025 18:11:50 +0900
Subject: [PATCH 111/122] =?UTF-8?q?[FIX]=20=EC=A2=8B=EC=95=84=EC=9A=94=20?=
 =?UTF-8?q?=EC=B7=A8=EC=86=8C=20=EB=A1=9C=EC=A7=81=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

as-is
- userId와 feed로 바로 삭제
- deleteByUserIdAndFeed()로 삭제

to-be
- 좋아요 한 적 있는지 확인하고 삭제
- findByUserIdAndFeed()로 조회 후, delete로 삭제
---
 .../websoso/WSSServer/repository/LikeRepository.java   |  3 ++-
 .../org/websoso/WSSServer/service/LikeService.java     | 10 +++++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/repository/LikeRepository.java b/src/main/java/org/websoso/WSSServer/repository/LikeRepository.java
index 62a87160e..2cc3f53bb 100644
--- a/src/main/java/org/websoso/WSSServer/repository/LikeRepository.java
+++ b/src/main/java/org/websoso/WSSServer/repository/LikeRepository.java
@@ -1,5 +1,6 @@
 package org.websoso.WSSServer.repository;
 
+import java.util.Optional;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
 import org.websoso.WSSServer.domain.Feed;
@@ -8,7 +9,7 @@
 @Repository
 public interface LikeRepository extends JpaRepository<Like, Long> {
 
-    void deleteByUserIdAndFeed(Long userId, Feed feed);
+    Optional<Like> findByUserIdAndFeed(Long userId, Feed feed);
 
     boolean existsByUserIdAndFeed(Long userId, Feed feed);
 }
diff --git a/src/main/java/org/websoso/WSSServer/service/LikeService.java b/src/main/java/org/websoso/WSSServer/service/LikeService.java
index d728dc53e..a981c5a8e 100644
--- a/src/main/java/org/websoso/WSSServer/service/LikeService.java
+++ b/src/main/java/org/websoso/WSSServer/service/LikeService.java
@@ -1,6 +1,7 @@
 package org.websoso.WSSServer.service;
 
 import static org.websoso.WSSServer.exception.error.CustomFeedError.ALREADY_LIKED;
+import static org.websoso.WSSServer.exception.error.CustomFeedError.NOT_LIKED;
 
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
@@ -26,7 +27,14 @@ public void createLike(User user, Feed feed) {
     }
 
     public void deleteLike(User user, Feed feed) {
-        likeRepository.deleteByUserIdAndFeed(user.getUserId(), feed);
+        Like like = getLikeOrException(user, feed);
+        likeRepository.delete(like);
+    }
+
+    private Like getLikeOrException(User user, Feed feed) {
+        return likeRepository.findByUserIdAndFeed(user.getUserId(), feed)
+                .orElseThrow(() -> new CustomFeedException(NOT_LIKED,
+                        "User did not like this feed or like already deleted"));
     }
 
     @Transactional(readOnly = true)

From 4e4ead0f9bcbe2198bf19b9467bacd23fefdf167 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sun, 30 Mar 2025 18:35:50 +0900
Subject: [PATCH 112/122] =?UTF-8?q?[REFACTOR]=20=EB=B9=84=EB=A1=9C?=
 =?UTF-8?q?=EA=B7=B8=EC=9D=B8=20=EC=82=AC=EC=9A=A9=EC=9E=90=EB=95=8C?=
 =?UTF-8?q?=EB=AC=B8=EC=97=90=20=EB=B0=9C=EC=83=9D=ED=95=98=EB=8A=94=20nul?=
 =?UTF-8?q?l=20=EB=B6=84=EA=B8=B0=20Optional=EB=A1=9C=20=EC=B2=98=EB=A6=AC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/service/PopularFeedService.java   | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/service/PopularFeedService.java b/src/main/java/org/websoso/WSSServer/service/PopularFeedService.java
index 648ce0d12..73b57009c 100644
--- a/src/main/java/org/websoso/WSSServer/service/PopularFeedService.java
+++ b/src/main/java/org/websoso/WSSServer/service/PopularFeedService.java
@@ -3,7 +3,9 @@
 import static java.lang.Boolean.TRUE;
 
 import java.util.List;
+import java.util.Optional;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.websoso.WSSServer.domain.Feed;
@@ -103,16 +105,19 @@ private String generateNotificationBodyFragment(Feed feed) {
 
     @Transactional(readOnly = true)
     public PopularFeedsGetResponse getPopularFeeds(User user) {
-        List<PopularFeed> popularFeeds = findPopularFeeds(user);
+        List<PopularFeed> popularFeeds = Optional.ofNullable(user)
+                .map(u -> findPopularFeedsWithUser(u.getUserId()))
+                .orElseGet(this::findPopularFeedsWithoutUser);
         List<PopularFeedGetResponse> popularFeedGetResponses = mapToPopularFeedGetResponseList(popularFeeds);
         return new PopularFeedsGetResponse(popularFeedGetResponses);
     }
 
-    private List<PopularFeed> findPopularFeeds(User user) {
-        if (user == null) {
-            return popularFeedRepository.findTop9ByOrderByPopularFeedIdDesc();
-        }
-        return popularFeedRepository.findTodayPopularFeeds(user.getUserId());
+    private List<PopularFeed> findPopularFeedsWithUser(Long userId) {
+        return popularFeedRepository.findTodayPopularFeeds(userId);
+    }
+
+    private List<PopularFeed> findPopularFeedsWithoutUser() {
+        return popularFeedRepository.findTop9ByOrderByPopularFeedIdDesc();
     }
 
     private static List<PopularFeedGetResponse> mapToPopularFeedGetResponseList(List<PopularFeed> popularFeeds) {

From 822c411e49d6c9e1590342349546322da63e15b1 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 8 Apr 2025 23:52:01 +0900
Subject: [PATCH 113/122] =?UTF-8?q?[FEAT]=20FeedAccessValidator=20?=
 =?UTF-8?q?=EB=8F=84=EC=9E=85=EC=9C=BC=EB=A1=9C=20=ED=94=BC=EB=93=9C=20?=
 =?UTF-8?q?=EC=A0=91=EA=B7=BC=20=EA=B6=8C=ED=95=9C=20=EA=B2=80=EC=A6=9D=20?=
 =?UTF-8?q?=EC=B1=85=EC=9E=84=20=EB=B6=84=EB=A6=AC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/validator/FeedAccessValidator.java   | 45 +++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 src/main/java/org/websoso/WSSServer/auth/validator/FeedAccessValidator.java

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAccessValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAccessValidator.java
new file mode 100644
index 000000000..2eaf1b77b
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAccessValidator.java
@@ -0,0 +1,45 @@
+package org.websoso.WSSServer.auth.validator;
+
+import static org.websoso.WSSServer.exception.error.CustomFeedError.BLOCKED_USER_ACCESS;
+import static org.websoso.WSSServer.exception.error.CustomFeedError.FEED_NOT_FOUND;
+import static org.websoso.WSSServer.exception.error.CustomFeedError.HIDDEN_FEED_ACCESS;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+import org.websoso.WSSServer.domain.Feed;
+import org.websoso.WSSServer.domain.User;
+import org.websoso.WSSServer.exception.exception.CustomFeedException;
+import org.websoso.WSSServer.repository.FeedRepository;
+import org.websoso.WSSServer.service.BlockService;
+
+@Component
+@RequiredArgsConstructor
+public class FeedAccessValidator {
+
+    private final FeedRepository feedRepository;
+    private final BlockService blockService;
+
+    public boolean canAccess(Long feedId, User user) {
+        Feed feed = getFeedOrException(feedId);
+
+        if (feed.getUser().equals(user)) {
+            return true;
+        }
+
+        if (feed.getIsHidden()) {
+            throw new CustomFeedException(HIDDEN_FEED_ACCESS, "Cannot access hidden feed.");
+        }
+
+        if (blockService.isBlocked(user.getUserId(), feed.getUser().getUserId())) {
+            throw new CustomFeedException(BLOCKED_USER_ACCESS,
+                    "cannot access this feed because either you or the feed author has blocked the other.");
+        }
+
+        return true;
+    }
+
+    private Feed getFeedOrException(Long feedId) {
+        return feedRepository.findById(feedId)
+                .orElseThrow(() -> new CustomFeedException(FEED_NOT_FOUND, "feed with the given id was not found"));
+    }
+}

From 38eeabf83903695fec8388f904973469864657e2 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 8 Apr 2025 23:54:05 +0900
Subject: [PATCH 114/122] =?UTF-8?q?[REFACTOR]=20=ED=94=BC=EB=93=9C=20?=
 =?UTF-8?q?=EA=B4=80=EB=A0=A8=20API=EC=97=90=EC=84=9C=20FeedAccessValidato?=
 =?UTF-8?q?r=EB=A5=BC=20=ED=86=B5=ED=95=9C=20=EC=A0=91=EA=B7=BC=20?=
 =?UTF-8?q?=EA=B6=8C=ED=95=9C=20=EA=B2=80=EC=A6=9D=20=EB=A1=9C=EC=A7=81=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/controller/FeedController.java     | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/controller/FeedController.java b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
index 9ddf0bd8f..84d2c7b13 100644
--- a/src/main/java/org/websoso/WSSServer/controller/FeedController.java
+++ b/src/main/java/org/websoso/WSSServer/controller/FeedController.java
@@ -52,7 +52,7 @@ public ResponseEntity<Void> createFeed(@AuthenticationPrincipal User user,
     }
 
     @GetMapping("/{feedId}")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @feedAccessValidator.canAccess(#feedId, #user)")
     public ResponseEntity<FeedGetResponse> getFeed(@AuthenticationPrincipal User user,
                                                    @PathVariable("feedId") Long feedId) {
         return ResponseEntity
@@ -92,7 +92,7 @@ public ResponseEntity<Void> deleteFeed(@AuthenticationPrincipal User user,
     }
 
     @PostMapping("/{feedId}/likes")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @feedAccessValidator.canAccess(#feedId, #user)")
     public ResponseEntity<Void> likeFeed(@AuthenticationPrincipal User user,
                                          @PathVariable("feedId") Long feedId) {
         feedService.likeFeed(user, feedId);
@@ -102,7 +102,7 @@ public ResponseEntity<Void> likeFeed(@AuthenticationPrincipal User user,
     }
 
     @DeleteMapping("/{feedId}/likes")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @feedAccessValidator.canAccess(#feedId, #user)")
     public ResponseEntity<Void> unLikeFeed(@AuthenticationPrincipal User user,
                                            @PathVariable("feedId") Long feedId) {
         feedService.unLikeFeed(user, feedId);
@@ -127,7 +127,7 @@ public ResponseEntity<InterestFeedsGetResponse> getInterestFeeds(@Authentication
     }
 
     @PostMapping("/{feedId}/comments")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @feedAccessValidator.canAccess(#feedId, #user)")
     public ResponseEntity<Void> createComment(@AuthenticationPrincipal User user,
                                               @PathVariable("feedId") Long feedId,
                                               @Valid @RequestBody CommentCreateRequest request) {
@@ -138,7 +138,7 @@ public ResponseEntity<Void> createComment(@AuthenticationPrincipal User user,
     }
 
     @GetMapping("/{feedId}/comments")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @feedAccessValidator.canAccess(#feedId, #user)")
     public ResponseEntity<CommentsGetResponse> getComments(@AuthenticationPrincipal User user,
                                                            @PathVariable("feedId") Long feedId) {
         return ResponseEntity
@@ -170,7 +170,7 @@ public ResponseEntity<Void> deleteComment(@AuthenticationPrincipal User user,
     }
 
     @PostMapping("/{feedId}/spoiler")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @feedAccessValidator.canAccess(#feedId, #user)")
     public ResponseEntity<Void> reportFeedSpoiler(@AuthenticationPrincipal User user,
                                                   @PathVariable("feedId") Long feedId) {
         feedService.reportFeed(user, feedId, SPOILER);
@@ -180,7 +180,7 @@ public ResponseEntity<Void> reportFeedSpoiler(@AuthenticationPrincipal User user
     }
 
     @PostMapping("/{feedId}/impertinence")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @feedAccessValidator.canAccess(#feedId, #user)")
     public ResponseEntity<Void> reportedFeedImpertinence(@AuthenticationPrincipal User user,
                                                          @PathVariable("feedId") Long feedId) {
         feedService.reportFeed(user, feedId, IMPERTINENCE);
@@ -190,7 +190,7 @@ public ResponseEntity<Void> reportedFeedImpertinence(@AuthenticationPrincipal Us
     }
 
     @PostMapping("/{feedId}/comments/{commentId}/spoiler")
-    @PreAuthorize("isAuthenticated()")
+    @PreAuthorize("isAuthenticated() and @feedAccessValidator.canAccess(#feedId, #user)")
     public ResponseEntity<Void> reportCommentSpoiler(@AuthenticationPrincipal User user,
                                                      @PathVariable("feedId") Long feedId,
                                                      @PathVariable("commentId") Long commentId) {

From 51769c694823bce8b45269fabdd48b341086c3a6 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Tue, 8 Apr 2025 23:55:02 +0900
Subject: [PATCH 115/122] =?UTF-8?q?[REFACTOR]=20FeedAccessValidator=20?=
 =?UTF-8?q?=EB=8F=84=EC=9E=85=EC=9C=BC=EB=A1=9C=20=EC=84=9C=EB=B9=84?=
 =?UTF-8?q?=EC=8A=A4=20=EB=A0=88=EC=9D=B4=EC=96=B4=20=EC=A4=91=EB=B3=B5=20?=
 =?UTF-8?q?=EA=B2=80=EC=82=AC=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0=20?=
 =?UTF-8?q?=EB=B0=8F=20=EB=B6=88=ED=95=84=EC=9A=94=20=EB=A9=94=EC=84=9C?=
 =?UTF-8?q?=EB=93=9C=20=EC=A0=95=EB=A6=AC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/service/FeedService.java        | 43 -------------------
 1 file changed, 43 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/service/FeedService.java b/src/main/java/org/websoso/WSSServer/service/FeedService.java
index d901a11e6..63e06409a 100644
--- a/src/main/java/org/websoso/WSSServer/service/FeedService.java
+++ b/src/main/java/org/websoso/WSSServer/service/FeedService.java
@@ -1,11 +1,8 @@
 package org.websoso.WSSServer.service;
 
 import static java.lang.Boolean.TRUE;
-import static org.websoso.WSSServer.domain.common.Action.UPDATE;
 import static org.websoso.WSSServer.domain.common.DiscordWebhookMessageType.REPORT;
-import static org.websoso.WSSServer.exception.error.CustomFeedError.BLOCKED_USER_ACCESS;
 import static org.websoso.WSSServer.exception.error.CustomFeedError.FEED_NOT_FOUND;
-import static org.websoso.WSSServer.exception.error.CustomFeedError.HIDDEN_FEED_ACCESS;
 import static org.websoso.WSSServer.exception.error.CustomFeedError.SELF_REPORT_NOT_ALLOWED;
 import static org.websoso.WSSServer.exception.error.CustomUserError.PRIVATE_PROFILE_STATUS;
 
@@ -107,11 +104,8 @@ public void deleteFeed(Long feedId) {
 
     public void likeFeed(User user, Long feedId) {
         Feed feed = getFeedOrException(feedId);
-        checkHiddenFeed(feed);
-        checkBlocked(feed.getUser(), user);
 
         likeService.createLike(user, feed);
-
         if (feed.getLikes().size() == POPULAR_FEED_LIKE_THRESHOLD) {
             popularFeedService.createPopularFeed(feed);
         }
@@ -182,17 +176,12 @@ private String createNotificationTitle(Feed feed) {
 
     public void unLikeFeed(User user, Long feedId) {
         Feed feed = getFeedOrException(feedId);
-        checkHiddenFeed(feed);
-        checkBlocked(feed.getUser(), user);
         likeService.deleteLike(user, feed);
     }
 
     @Transactional(readOnly = true)
     public FeedGetResponse getFeedById(User user, Long feedId) {
         Feed feed = getFeedOrException(feedId);
-        checkHiddenFeed(feed);
-        checkBlocked(feed.getUser(), user);
-
         UserBasicInfo userBasicInfo = getUserBasicInfo(feed.getUser());
         Novel novel = getLinkedNovelOrNull(feed.getNovelId());
         Boolean isLiked = isUserLikedFeed(user, feed);
@@ -216,35 +205,28 @@ public FeedsGetResponse getFeeds(User user, String category, Long lastFeedId, in
 
     public void createComment(User user, Long feedId, CommentCreateRequest request) {
         Feed feed = getFeedOrException(feedId);
-        validateFeedAccess(feed, user);
         commentService.createComment(user, feed, request.commentContent());
     }
 
     public void updateComment(User user, Long feedId, Long commentId, CommentUpdateRequest request) {
         Feed feed = getFeedOrException(feedId);
-        validateFeedAccess(feed, user);
         commentService.updateComment(user.getUserId(), feed, commentId, request.commentContent());
     }
 
     public void deleteComment(User user, Long feedId, Long commentId) {
         Feed feed = getFeedOrException(feedId);
-        validateFeedAccess(feed, user);
         commentService.deleteComment(user.getUserId(), feed, commentId);
     }
 
     @Transactional(readOnly = true)
     public CommentsGetResponse getComments(User user, Long feedId) {
         Feed feed = getFeedOrException(feedId);
-        validateFeedAccess(feed, user);
         return commentService.getComments(user, feed);
     }
 
     public void reportFeed(User user, Long feedId, ReportedType reportedType) {
         Feed feed = getFeedOrException(feedId);
 
-        checkHiddenFeed(feed);
-        checkBlocked(feed.getUser(), user);
-
         if (isUserFeedOwner(feed.getUser(), user)) {
             throw new CustomFeedException(SELF_REPORT_NOT_ALLOWED, "cannot report own feed");
         }
@@ -264,10 +246,6 @@ public void reportFeed(User user, Long feedId, ReportedType reportedType) {
 
     public void reportComment(User user, Long feedId, Long commentId, ReportedType reportedType) {
         Feed feed = getFeedOrException(feedId);
-
-        checkHiddenFeed(feed);
-        checkBlocked(feed.getUser(), user);
-
         commentService.createReportedComment(feed, commentId, user, reportedType);
     }
 
@@ -276,19 +254,6 @@ private Feed getFeedOrException(Long feedId) {
                 new CustomFeedException(FEED_NOT_FOUND, "feed with the given id was not found"));
     }
 
-    private void checkHiddenFeed(Feed feed) {
-        if (feed.getIsHidden()) {
-            throw new CustomFeedException(HIDDEN_FEED_ACCESS, "Cannot access hidden feed.");
-        }
-    }
-
-    private void checkBlocked(User createdFeedUser, User user) {
-        if (blockService.isBlocked(user.getUserId(), createdFeedUser.getUserId())) {
-            throw new CustomFeedException(BLOCKED_USER_ACCESS,
-                    "cannot access this feed because either you or the feed author has blocked the other.");
-        }
-    }
-
     private UserBasicInfo getUserBasicInfo(User user) {
         return user.getUserBasicInfo(
                 avatarService.getAvatarOrException(user.getAvatarId()).getAvatarImage()
@@ -381,14 +346,6 @@ public NovelGetResponseFeedTab getFeedsByNovel(User user, Long novelId, Long las
         return NovelGetResponseFeedTab.of(feeds.hasNext(), feedGetResponses);
     }
 
-    private void validateFeedAccess(Feed feed, User user) {
-        if (feed.getUser().equals(user)) {
-            return;
-        }
-        checkHiddenFeed(feed);
-        checkBlocked(feed.getUser(), user);
-    }
-
     @Transactional(readOnly = true)
     public UserFeedsGetResponse getUserFeeds(User visitor, Long ownerId, Long lastFeedId, int size) {
         User owner = userService.getUserOrException(ownerId);

From af28ac4f323e7cf1f722c193c48f6c32161c28cd Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sat, 12 Apr 2025 15:16:24 +0900
Subject: [PATCH 116/122] =?UTF-8?q?[REFACTOR]=20Feed=20=EB=8F=84=EB=A9=94?=
 =?UTF-8?q?=EC=9D=B8=EC=97=90=20getWriterId()=20=EC=B6=94=EA=B0=80=20?=
 =?UTF-8?q?=EB=B0=8F=20=EC=99=B8=EB=B6=80=20=EC=A0=91=EA=B7=BC=20=EC=8B=9C?=
 =?UTF-8?q?=20=ED=95=B4=EB=8B=B9=20=EB=A9=94=EC=84=9C=EB=93=9C=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9=EC=9C=BC=EB=A1=9C=20=EC=B6=94=EC=83=81=ED=99=94=20?=
 =?UTF-8?q?=EA=B0=95=ED=99=94?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../websoso/WSSServer/auth/validator/FeedAccessValidator.java  | 2 +-
 src/main/java/org/websoso/WSSServer/domain/Feed.java           | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAccessValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAccessValidator.java
index 2eaf1b77b..612167f11 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAccessValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAccessValidator.java
@@ -30,7 +30,7 @@ public boolean canAccess(Long feedId, User user) {
             throw new CustomFeedException(HIDDEN_FEED_ACCESS, "Cannot access hidden feed.");
         }
 
-        if (blockService.isBlocked(user.getUserId(), feed.getUser().getUserId())) {
+        if (blockService.isBlocked(user.getUserId(), feed.getWriterId())) {
             throw new CustomFeedException(BLOCKED_USER_ACCESS,
                     "cannot access this feed because either you or the feed author has blocked the other.");
         }
diff --git a/src/main/java/org/websoso/WSSServer/domain/Feed.java b/src/main/java/org/websoso/WSSServer/domain/Feed.java
index 68d7df1b5..4aeeb63c2 100644
--- a/src/main/java/org/websoso/WSSServer/domain/Feed.java
+++ b/src/main/java/org/websoso/WSSServer/domain/Feed.java
@@ -95,4 +95,7 @@ public void hideFeed() {
         this.isHidden = true;
     }
 
+    public Long getWriterId() {
+        return user.getUserId();
+    }
 }

From bbd5cb7f943a80e2e41dab2be118525b392a38f8 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sat, 12 Apr 2025 15:23:02 +0900
Subject: [PATCH 117/122] =?UTF-8?q?[FEAT]=20Feed=20=EB=8F=84=EB=A9=94?=
 =?UTF-8?q?=EC=9D=B8=EC=97=90=20isMine()=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/main/java/org/websoso/WSSServer/domain/Feed.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/main/java/org/websoso/WSSServer/domain/Feed.java b/src/main/java/org/websoso/WSSServer/domain/Feed.java
index 4aeeb63c2..414e9b121 100644
--- a/src/main/java/org/websoso/WSSServer/domain/Feed.java
+++ b/src/main/java/org/websoso/WSSServer/domain/Feed.java
@@ -98,4 +98,8 @@ public void hideFeed() {
     public Long getWriterId() {
         return user.getUserId();
     }
+
+    public boolean isMine(Long userId) {
+        return this.user.getUserId().equals(userId);
+    }
 }

From 625253bc607b978fb37c04b8a64faa9244d8578a Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sat, 12 Apr 2025 15:23:52 +0900
Subject: [PATCH 118/122] =?UTF-8?q?[REFACTOR]=20isFeedOwner()=20=EB=8C=80?=
 =?UTF-8?q?=EC=8B=A0=20isMine()=20=EC=82=AC=EC=9A=A9=ED=95=98=EB=8F=84?=
 =?UTF-8?q?=EB=A1=9D=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

캡슐화 강화
---
 .../WSSServer/auth/validator/FeedAuthorizationValidator.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
index fc330571e..bc0e05f42 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
@@ -21,7 +21,7 @@ public class FeedAuthorizationValidator implements ResourceAuthorizationValidato
     public boolean hasPermission(Long feedId, User user) {
         Feed feed = getFeedOrException(feedId);
 
-        if (!isFeedOwner(feed, user)) {
+        if (!feed.isMine(user.getUserId())) {
             throw new CustomUserException(INVALID_AUTHORIZED,
                     "User with ID " + user.getUserId() + " is not the owner of feed " + feed.getFeedId());
         }

From cc78d2b07ae55ed5799202416f428e987013889b Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Sat, 12 Apr 2025 15:24:15 +0900
Subject: [PATCH 119/122] =?UTF-8?q?[REMOVE]=20=EC=82=AC=EC=9A=A9=ED=95=98?=
 =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EB=8A=94=20isFeedOwner()=20=EC=A0=9C?=
 =?UTF-8?q?=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../WSSServer/auth/validator/FeedAuthorizationValidator.java  | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
index bc0e05f42..593576414 100644
--- a/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
+++ b/src/main/java/org/websoso/WSSServer/auth/validator/FeedAuthorizationValidator.java
@@ -33,10 +33,6 @@ private Feed getFeedOrException(Long feedId) {
                 .orElseThrow(() -> new CustomFeedException(FEED_NOT_FOUND, "feed with the given id was not found"));
     }
 
-    private boolean isFeedOwner(Feed feed, User user) {
-        return feed.getUser().getUserId().equals(user.getUserId());
-    }
-
     @Override
     public Class<?> getResourceType() {
         return Feed.class;

From 2083bca20d558079f28b727f37814c90ad127b11 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 18 Apr 2025 19:36:23 +0900
Subject: [PATCH 120/122] =?UTF-8?q?[REMOVE]=20=EC=82=AC=EC=9A=A9=ED=95=98?=
 =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EB=8A=94=20validateAdminPrivilege()=20?=
 =?UTF-8?q?=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../service/NotificationService.java          | 42 ++++++++++---------
 1 file changed, 22 insertions(+), 20 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/service/NotificationService.java b/src/main/java/org/websoso/WSSServer/service/NotificationService.java
index a8d617b8c..c3e6b7c4e 100644
--- a/src/main/java/org/websoso/WSSServer/service/NotificationService.java
+++ b/src/main/java/org/websoso/WSSServer/service/NotificationService.java
@@ -1,13 +1,33 @@
 package org.websoso.WSSServer.service;
 
+import static org.websoso.WSSServer.domain.common.NotificationTypeGroup.FEED;
+import static org.websoso.WSSServer.domain.common.NotificationTypeGroup.NOTICE;
+import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_ALREADY_READ;
+import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_NOT_FOUND;
+import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_NOT_NOTICE_TYPE;
+import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_READ_FORBIDDEN;
+import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_TYPE_INVALID;
+import static org.websoso.WSSServer.exception.error.CustomNotificationTypeError.NOTIFICATION_TYPE_NOT_FOUND;
+
+import java.util.List;
+import java.util.Set;
+import java.util.stream.Collectors;
 import lombok.RequiredArgsConstructor;
 import org.springframework.data.domain.PageRequest;
 import org.springframework.data.domain.Slice;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
-import org.websoso.WSSServer.domain.*;
+import org.websoso.WSSServer.domain.Notification;
+import org.websoso.WSSServer.domain.NotificationType;
+import org.websoso.WSSServer.domain.ReadNotification;
+import org.websoso.WSSServer.domain.User;
+import org.websoso.WSSServer.domain.UserDevice;
 import org.websoso.WSSServer.domain.common.NotificationTypeGroup;
-import org.websoso.WSSServer.dto.notification.*;
+import org.websoso.WSSServer.dto.notification.NotificationCreateRequest;
+import org.websoso.WSSServer.dto.notification.NotificationGetResponse;
+import org.websoso.WSSServer.dto.notification.NotificationInfo;
+import org.websoso.WSSServer.dto.notification.NotificationsGetResponse;
+import org.websoso.WSSServer.dto.notification.NotificationsReadStatusGetResponse;
 import org.websoso.WSSServer.exception.exception.CustomNotificationException;
 import org.websoso.WSSServer.exception.exception.CustomNotificationTypeException;
 import org.websoso.WSSServer.notification.FCMService;
@@ -17,16 +37,6 @@
 import org.websoso.WSSServer.repository.ReadNotificationRepository;
 import org.websoso.WSSServer.repository.UserRepository;
 
-import java.util.List;
-import java.util.Set;
-import java.util.stream.Collectors;
-
-import static org.websoso.WSSServer.domain.common.NotificationTypeGroup.FEED;
-import static org.websoso.WSSServer.domain.common.NotificationTypeGroup.NOTICE;
-import static org.websoso.WSSServer.domain.common.Role.ADMIN;
-import static org.websoso.WSSServer.exception.error.CustomNotificationError.*;
-import static org.websoso.WSSServer.exception.error.CustomNotificationTypeError.NOTIFICATION_TYPE_NOT_FOUND;
-
 @Service
 @RequiredArgsConstructor
 @Transactional
@@ -114,7 +124,6 @@ private void checkIfNotificationAlreadyRead(User user, Notification notification
     }
 
     public void createNoticeNotification(User user, NotificationCreateRequest request) {
-        validateAdminPrivilege(user);
         validateNoticeType(request.notificationTypeName());
 
         Notification notification = notificationRepository.save(Notification.create(
@@ -129,13 +138,6 @@ public void createNoticeNotification(User user, NotificationCreateRequest reques
         sendNoticePushMessage(request.userId(), notification);
     }
 
-    private void validateAdminPrivilege(User user) {
-        if (user.getRole() != ADMIN) {
-            throw new CustomNotificationException(NOTIFICATION_ADMIN_ONLY,
-                    "User who tried to create, modify, or delete the notice is not an ADMIN.");
-        }
-    }
-
     private void validateNoticeType(String notificationTypeName) {
         if (!NotificationTypeGroup.isTypeInGroup(notificationTypeName, NOTICE)) {
             throw new CustomNotificationException(NOTIFICATION_NOT_NOTICE_TYPE,

From 03d87c8402c296ed58ae96c74f1ab313290aaea0 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 18 Apr 2025 19:37:04 +0900
Subject: [PATCH 121/122] =?UTF-8?q?[REMOVE]=20=EC=82=AC=EC=9A=A9=ED=95=98?=
 =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EB=8A=94=20validateNoticeType()=20?=
 =?UTF-8?q?=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../websoso/WSSServer/service/NotificationService.java | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/src/main/java/org/websoso/WSSServer/service/NotificationService.java b/src/main/java/org/websoso/WSSServer/service/NotificationService.java
index c3e6b7c4e..d51867538 100644
--- a/src/main/java/org/websoso/WSSServer/service/NotificationService.java
+++ b/src/main/java/org/websoso/WSSServer/service/NotificationService.java
@@ -4,7 +4,6 @@
 import static org.websoso.WSSServer.domain.common.NotificationTypeGroup.NOTICE;
 import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_ALREADY_READ;
 import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_NOT_FOUND;
-import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_NOT_NOTICE_TYPE;
 import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_READ_FORBIDDEN;
 import static org.websoso.WSSServer.exception.error.CustomNotificationError.NOTIFICATION_TYPE_INVALID;
 import static org.websoso.WSSServer.exception.error.CustomNotificationTypeError.NOTIFICATION_TYPE_NOT_FOUND;
@@ -124,8 +123,6 @@ private void checkIfNotificationAlreadyRead(User user, Notification notification
     }
 
     public void createNoticeNotification(User user, NotificationCreateRequest request) {
-        validateNoticeType(request.notificationTypeName());
-
         Notification notification = notificationRepository.save(Notification.create(
                 request.notificationTitle(),
                 request.notificationBody(),
@@ -138,13 +135,6 @@ public void createNoticeNotification(User user, NotificationCreateRequest reques
         sendNoticePushMessage(request.userId(), notification);
     }
 
-    private void validateNoticeType(String notificationTypeName) {
-        if (!NotificationTypeGroup.isTypeInGroup(notificationTypeName, NOTICE)) {
-            throw new CustomNotificationException(NOTIFICATION_NOT_NOTICE_TYPE,
-                    "given notification type does not belong to the NOTICE category");
-        }
-    }
-
     private NotificationType getNotificationTypeOrException(String notificationTypeName) {
         return notificationTypeRepository
                 .findOptionalByNotificationTypeName(notificationTypeName)

From c9f6cb6f03ca9602831787ab649dc62b53888746 Mon Sep 17 00:00:00 2001
From: Kim-TaeUk <xodnr0130@naver.com>
Date: Fri, 18 Apr 2025 19:46:43 +0900
Subject: [PATCH 122/122] =?UTF-8?q?[FIX]=20=EB=A6=AC=EC=86=8C=EC=8A=A4?=
 =?UTF-8?q?=ED=83=80=EC=9E=85=20=ED=9C=B4=EB=A8=BC=EC=97=90=EB=9F=AC=20?=
 =?UTF-8?q?=EB=B0=9C=EC=83=9D=20=EC=8B=9C=20Runtime=20Exception=20?=
 =?UTF-8?q?=EC=95=84=EB=8B=8C=20Custom=20Exception=20=EB=8D=98=EC=A7=80?=
 =?UTF-8?q?=EB=8F=84=EB=A1=9D=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/ResourceAuthorizationHandler.java    |  6 +++++-
 .../error/CustomAuthorizationError.java       | 19 +++++++++++++++++++
 .../CustomAuthorizationException.java         | 12 ++++++++++++
 3 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 src/main/java/org/websoso/WSSServer/exception/error/CustomAuthorizationError.java
 create mode 100644 src/main/java/org/websoso/WSSServer/exception/exception/CustomAuthorizationException.java

diff --git a/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
index b528d217a..4fc7c1bbb 100644
--- a/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
+++ b/src/main/java/org/websoso/WSSServer/auth/ResourceAuthorizationHandler.java
@@ -1,5 +1,7 @@
 package org.websoso.WSSServer.auth;
 
+import static org.websoso.WSSServer.exception.error.CustomAuthorizationError.UNSUPPORTED_RESOURCE_TYPE;
+
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -8,6 +10,7 @@
 import org.springframework.stereotype.Component;
 import org.websoso.WSSServer.auth.validator.ResourceAuthorizationValidator;
 import org.websoso.WSSServer.domain.User;
+import org.websoso.WSSServer.exception.exception.CustomAuthorizationException;
 
 @Component
 public class ResourceAuthorizationHandler {
@@ -23,7 +26,8 @@ public ResourceAuthorizationHandler(List<ResourceAuthorizationValidator> validat
 
     public boolean authorizeResourceAccess(Long resourceId, User user, Class<?> resourceType) {
         return Optional.ofNullable(validatorMap.get(resourceType))
-                .orElseThrow(RuntimeException::new)
+                .orElseThrow(() -> new CustomAuthorizationException(
+                        UNSUPPORTED_RESOURCE_TYPE, "Unsupported resource type for authorization"))
                 .hasPermission(resourceId, user);
     }
 }
diff --git a/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthorizationError.java b/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthorizationError.java
new file mode 100644
index 000000000..e30fa3878
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/exception/error/CustomAuthorizationError.java
@@ -0,0 +1,19 @@
+package org.websoso.WSSServer.exception.error;
+
+import static org.springframework.http.HttpStatus.BAD_REQUEST;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import org.springframework.http.HttpStatus;
+import org.websoso.WSSServer.exception.common.ICustomError;
+
+@Getter
+@AllArgsConstructor
+public enum CustomAuthorizationError implements ICustomError {
+
+    UNSUPPORTED_RESOURCE_TYPE("AUTHORIZATION-001", "지원하지 않는 리소스 타입입니다.", BAD_REQUEST);
+
+    private final String code;
+    private final String description;
+    private final HttpStatus statusCode;
+}
diff --git a/src/main/java/org/websoso/WSSServer/exception/exception/CustomAuthorizationException.java b/src/main/java/org/websoso/WSSServer/exception/exception/CustomAuthorizationException.java
new file mode 100644
index 000000000..6365713c2
--- /dev/null
+++ b/src/main/java/org/websoso/WSSServer/exception/exception/CustomAuthorizationException.java
@@ -0,0 +1,12 @@
+package org.websoso.WSSServer.exception.exception;
+
+import lombok.Getter;
+import org.websoso.WSSServer.exception.common.AbstractCustomException;
+import org.websoso.WSSServer.exception.error.CustomAuthorizationError;
+
+@Getter
+public class CustomAuthorizationException extends AbstractCustomException {
+    public CustomAuthorizationException(CustomAuthorizationError customAuthorizationError, String message) {
+        super(customAuthorizationError, message);
+    }
+}