feat: implement comment feature with authentication and authorization

Author: MinJun916

src/app.js

@@ -12,7 +12,8 @@ import { specs, swaggerUiOptions } from './swaggerOptions.js';
 // 라우터 import
 import productRouter from './routes/productRouter.js';
 import articleRouter from './routes/articleRouter.js';
-import commentRouter from './routes/commentRouter.js';
+import productCommentRouter from './routes/productCommentRouter.js';
+import articleCommentRouter from './routes/articleCommentRouter.js';
 import authRouter from './routes/authRouter.js';
 
 const app = express();
@@ -32,7 +33,8 @@ app.use(morgan('combined'));
 // 라우터 설정
 app.use('/products', productRouter);
 app.use('/articles', articleRouter);
-app.use('/comments', commentRouter);
+app.use('/product-comments', productCommentRouter);
+app.use('/article-comments', articleCommentRouter);
 app.use('/auth', authRouter);
 
 // Swagger API Docs Setting

src/controllers/articleCommentControllers.js

@@ -0,0 +1,39 @@
+import * as commentRepository from '../repositories/commentRepository.js';
+
+export const createArticleComment = async (req, res, next) => {
+  try {
+    const { articleId } = req.params;
+    const { content } = req.body;
+    const ownerId = req.user.id;
+
+    const comment = await commentRepository.createCommentByArticle(articleId, content, ownerId);
+    res.status(201).json({ success: true, data: comment });
+  } catch (error) {
+    next(error);
+  }
+};
+
+export const updateArticleComment = async (req, res, next) => {
+  try {
+    const { commentId } = req.params;
+    const { content } = req.body;
+    const ownerId = req.user.id;
+
+    const comment = await commentRepository.updateCommentByArticle(commentId, content, ownerId);
+    res.status(200).json({ success: true, data: comment });
+  } catch (error) {
+    next(error);
+  }
+};
+
+export const deleteArticleComment = async (req, res, next) => {
+  try {
+    const { commentId } = req.params;
+    const ownerId = req.user.id;
+
+    await commentRepository.deleteCommentByArticle(commentId);
+    res.status(200).json({ success: true, message: 'Comment deleted successfully' });
+  } catch (error) {
+    next(error);
+  }
+};

src/controllers/commentControllers.js

@@ -1,85 +1,94 @@
 import prisma from '../middlewares/prisma.js';
 
-export const createComment = async (req, res, next) => {
+export const getCommentByArticle = async (req, res, next) => {
   try {
-    const { content, articleId } = req.body;
-
-    if (!content) {
-      return res.status(400).json({ success: false, message: 'Content is required' });
-    }
+    const { id } = req.params;
+    const cursor = req.query.cursor;
+    const limit = parseInt(req.query.limit) || 10;
+    const direction = req.query.direction || 'next'; // 'next' or 'prev'
 
-    const comment = await prisma.comment.create({ data: { content, articleId } });
-    res.status(201).json({ success: true, data: comment });
-  } catch (error) {
-    next(error);
-  }
-};
+    const validLimit = Math.min(Math.max(1, limit), 50); // 1-50 사이로 제한
 
-export const updateComment = async (req, res, next) => {
-  try {
-    const { id } = req.params;
-    const { content } = req.body;
+    let whereCondition = { articleId: id };
+    let orderBy = { createdAt: 'desc' };
 
-    if (!id) {
-      return res.status(400).json({ success: false, message: 'Id is required' });
+    // cursor가 있는 경우
+    if (cursor) {
+      const cursorDate = new Date(cursor);
+      if (direction === 'prev') {
+        // 이전 페이지: cursor보다 이전 데이터
+        whereCondition.createdAt = { lt: cursorDate };
+        orderBy = { createdAt: 'desc' };
+      } else {
+        // 다음 페이지: cursor보다 이후 데이터
+        whereCondition.createdAt = { gt: cursorDate };
+        orderBy = { createdAt: 'asc' };
+      }
     }
 
-    const comment = await prisma.comment.update({ where: { id }, data: { content } });
-    res.status(200).json({ success: true, data: comment });
-  } catch (error) {
-    next(error);
-  }
-};
+    const comments = await prisma.comment.findMany({
+      where: whereCondition,
+      take: validLimit + 1, // 한 개 더 가져와서 hasNextPage 확인
+      orderBy,
+      select: {
+        id: true,
+        content: true,
+        createdAt: true,
+        updatedAt: true,
+      },
+    });
 
-export const deleteComment = async (req, res, next) => {
-  try {
-    const { id } = req.params;
+    // hasNextPage 확인
+    const hasNextPage = comments.length > validLimit;
+    if (hasNextPage) {
+      comments.pop(); // 마지막 요소 제거
+    }
 
-    if (!id) {
-      return res.status(400).json({ success: false, message: 'Id is required' });
+    // direction이 'prev'인 경우 결과를 다시 역순으로 정렬
+    if (direction === 'prev') {
+      comments.reverse();
     }
 
-    await prisma.comment.delete({ where: { id } });
-    res.status(200).json({ success: true, data: null });
-  } catch (error) {
-    next(error);
-  }
-};
+    // cursor 정보 계산
+    const nextCursor =
+      comments.length > 0 ? comments[comments.length - 1].createdAt.toISOString() : null;
+    const prevCursor = comments.length > 0 ? comments[0].createdAt.toISOString() : null;
 
-export const getComment = async (req, res, next) => {
-  try {
-    const comment = await prisma.comment.findMany();
-    res.status(200).json({ success: true, data: comment });
+    res.status(200).json({
+      success: true,
+      data: comments,
+      pagination: {
+        hasNextPage,
+        hasPrevPage: !!cursor,
+        nextCursor,
+        prevCursor,
+        limit: validLimit,
+        direction,
+      },
+    });
   } catch (error) {
     next(error);
   }
 };
 
-export const getCommentByArticle = async (req, res, next) => {
+export const getCommentByProduct = async (req, res, next) => {
   try {
     const { id } = req.params;
     const cursor = req.query.cursor;
     const limit = parseInt(req.query.limit) || 10;
     const direction = req.query.direction || 'next'; // 'next' or 'prev'
 
-    if (!id) {
-      return res.status(400).json({ success: false, message: 'Id is required' });
-    }
-
     const validLimit = Math.min(Math.max(1, limit), 50); // 1-50 사이로 제한
 
-    let whereCondition = { articleId: id };
+    let whereCondition = { productId: id };
     let orderBy = { createdAt: 'desc' };
 
-    // cursor가 있는 경우
     if (cursor) {
       const cursorDate = new Date(cursor);
       if (direction === 'prev') {
-        // 이전 페이지: cursor보다 이전 데이터
         whereCondition.createdAt = { lt: cursorDate };
         orderBy = { createdAt: 'desc' };
       } else {
-        // 다음 페이지: cursor보다 이후 데이터
         whereCondition.createdAt = { gt: cursorDate };
         orderBy = { createdAt: 'asc' };
       }
@@ -97,18 +106,15 @@ export const getCommentByArticle = async (req, res, next) => {
       },
     });
 
-    // hasNextPage 확인
     const hasNextPage = comments.length > validLimit;
     if (hasNextPage) {
       comments.pop(); // 마지막 요소 제거
     }
 
-    // direction이 'prev'인 경우 결과를 다시 역순으로 정렬
     if (direction === 'prev') {
       comments.reverse();
     }
 
-    // cursor 정보 계산
     const nextCursor =
       comments.length > 0 ? comments[comments.length - 1].createdAt.toISOString() : null;
     const prevCursor = comments.length > 0 ? comments[0].createdAt.toISOString() : null;

src/controllers/productCommentControllers.js

@@ -0,0 +1,39 @@
+import * as commentRepository from '../repositories/commentRepository.js';
+
+export const createProductComment = async (req, res, next) => {
+  try {
+    const { productId } = req.params;
+    const { content } = req.body;
+    const ownerId = req.user.id;
+
+    const comment = await commentRepository.createCommentByProduct(productId, content, ownerId);
+    res.status(201).json({ success: true, data: comment });
+  } catch (error) {
+    next(error);
+  }
+};
+
+export const updateProductComment = async (req, res, next) => {
+  try {
+    const { commentId } = req.params;
+    const { content } = req.body;
+    const ownerId = req.user.id;
+
+    const comment = await commentRepository.updateCommentByProduct(commentId, content, ownerId);
+    res.status(200).json({ success: true, data: comment });
+  } catch (error) {
+    next(error);
+  }
+};
+
+export const deleteProductComment = async (req, res, next) => {
+  try {
+    const { commentId } = req.params;
+    const ownerId = req.user.id;
+
+    await commentRepository.deleteCommentByProduct(commentId);
+    res.status(200).json({ success: true, message: 'Comment deleted successfully' });
+  } catch (error) {
+    next(error);
+  }
+};

src/middlewares/ownership.js

@@ -1,5 +1,6 @@
 import * as productRepository from '../repositories/productRepository.js';
 import * as articleRepository from '../repositories/articleRepository.js';
+import * as commentRepository from '../repositories/commentRepository.js';
 
 export const verifyProductOwner = async (req, res, next) => {
   try {
@@ -42,3 +43,45 @@ export const verifyArticleOwner = async (req, res, next) => {
     next(error);
   }
 };
+
+export const verifyProductCommentOwner = async (req, res, next) => {
+  try {
+    const { commentId } = req.params;
+    const comment = await commentRepository.findProductByIdForOwner(commentId);
+
+    if (!comment) {
+      return res.status(404).json({ success: false, message: 'Comment not found' });
+    }
+
+    if (comment.ownerId !== req.user.id) {
+      return res
+        .status(403)
+        .json({ success: false, message: 'You are not the owner of this comment' });
+    }
+
+    next();
+  } catch (error) {
+    next(error);
+  }
+};
+
+export const verifyArticleCommentOwner = async (req, res, next) => {
+  try {
+    const { commentId } = req.params;
+    const comment = await commentRepository.findArticleByIdForOwner(commentId);
+
+    if (!comment) {
+      return res.status(404).json({ success: false, message: 'Comment not found' });
+    }
+
+    if (comment.ownerId !== req.user.id) {
+      return res
+        .status(403)
+        .json({ success: false, message: 'You are not the owner of this comment' });
+    }
+
+    next();
+  } catch (error) {
+    next(error);
+  }
+};

src/middlewares/validate/commentValidator.js

@@ -0,0 +1,13 @@
+import { body, param } from 'express-validator';
+
+export const createCommentValidator = [
+  body('content').notEmpty().withMessage('Content is required'),
+];
+
+export const updateCommentValidator = [
+  body('content').notEmpty().withMessage('Content is required'),
+];
+
+export const commentIdValidator = [param('commentId').isUUID().withMessage('Invalid comment id')];
+
+export const articleIdValidator = [param('articleId').isUUID().withMessage('Invalid article id')];

src/middlewares/validate/productValidator.js

@@ -14,4 +14,4 @@ export const updateProductValidator = [
   body('tags').optional().isArray().withMessage('Tags must be an array'),
 ];
 
-export const productIdValidator = [param('id').isUUID().withMessage('Invalid product ID')];
+export const productIdValidator = [param('productId').isUUID().withMessage('Invalid product ID')];

src/repositories/commentRepository.js

@@ -0,0 +1,53 @@
+import prisma from '../middlewares/prisma.js';
+
+export const createCommentByProduct = async (productId, content, ownerId) => {
+  return await prisma.productComment.create({
+    data: { productId, content, ownerId },
+  });
+};
+
+export const createCommentByArticle = async (articleId, content, ownerId) => {
+  return await prisma.articleComment.create({
+    data: { articleId, content, ownerId },
+  });
+};
+
+export const updateCommentByProduct = async (commentId, content, ownerId) => {
+  return await prisma.productComment.update({
+    where: { id: commentId },
+    data: { content, ownerId },
+  });
+};
+
+export const updateCommentByArticle = async (commentId, content, ownerId) => {
+  return await prisma.articleComment.update({
+    where: { id: commentId },
+    data: { content, ownerId },
+  });
+};
+
+export const deleteCommentByProduct = async (commentId) => {
+  return await prisma.productComment.delete({
+    where: { id: commentId },
+  });
+};
+
+export const deleteCommentByArticle = async (commentId) => {
+  return await prisma.articleComment.delete({
+    where: { id: commentId },
+  });
+};
+
+export const findProductByIdForOwner = async (commentId) => {
+  return await prisma.productComment.findUnique({
+    where: { id: commentId },
+    select: { id: true, ownerId: true },
+  });
+};
+
+export const findArticleByIdForOwner = async (commentId) => {
+  return await prisma.articleComment.findUnique({
+    where: { id: commentId },
+    select: { id: true, ownerId: true },
+  });
+};