refactor(member): enhance readability & add unit test (#8)

* refactor(member): enhance readability & add unit test

Author: dengfeige

src/main/java/com/featureprobe/api/base/constants/MessageKey.java

@@ -7,7 +7,11 @@ public class MessageKey {
 
     public static final String NOT_FOUND = "resource.error.not_found";
 
+    public static final String FORBIDDEN = "resource.error.forbidden";
+
     public static final String INVALID_REQUEST = "validate.invalid_request";
 
+    public static final String INVALID_OLD_PASSWORD = "validate.invalid_old_password";
+
     public static final String USING = "resource.error.using";
 }

src/main/java/com/featureprobe/api/base/constants/ResponseCode.java

@@ -4,7 +4,8 @@ public enum ResponseCode {
 
     CONFLICT("conflict", MessageKey.CONFLICT),
     NOT_FOUND("not_found", MessageKey.NOT_FOUND),
-    INVALID_REQUEST("invalid_request", MessageKey.INVALID_REQUEST);
+    INVALID_REQUEST("invalid_request", MessageKey.INVALID_REQUEST),
+    FORBIDDEN("forbidden", MessageKey.FORBIDDEN);
 
     private String code;
 

src/main/java/com/featureprobe/api/base/exception/ForbiddenException.java

@@ -0,0 +1,4 @@
+package com.featureprobe.api.base.exception;
+
+public class ForbiddenException extends RuntimeException{
+}

src/main/java/com/featureprobe/api/base/exception/WebExceptionAspect.java

@@ -42,16 +42,16 @@ public void resourceConflictHandler(HttpServletResponse response, ResourceConfli
         response.getWriter().write(toErrorResponse(ResponseCode.CONFLICT));
     }
 
-    @ExceptionHandler(value = PasswordErrorException.class)
-    public void passwordErrorHandler(HttpServletResponse response, PasswordErrorException e)
+    @ExceptionHandler(value = ForbiddenException.class)
+    public void forbiddenHandler(HttpServletResponse response, ForbiddenException e)
             throws IOException {
-        response.setStatus(HttpStatus.BAD_REQUEST.value());
+        response.setStatus(HttpStatus.FORBIDDEN.value());
         response.setCharacterEncoding(StandardCharsets.UTF_8.name());
-        response.getWriter().write(toErrorResponse(ResponseCode.INVALID_REQUEST));
+        response.getWriter().write(toErrorResponse(ResponseCode.FORBIDDEN));
     }
 
     @ExceptionHandler(value = IllegalArgumentException.class)
-    public void invalidHandler(HttpServletResponse response, IllegalArgumentException e)
+    public void invalidArgumentHandler(HttpServletResponse response, IllegalArgumentException e)
             throws IOException {
         response.setStatus(HttpStatus.BAD_REQUEST.value());
         response.setCharacterEncoding(StandardCharsets.UTF_8.name());

src/main/java/com/featureprobe/api/controller/MemberController.java

@@ -54,7 +54,7 @@ public List<MemberResponse> create(@Validated @RequestBody MemberCreateRequest c
     @GetMapping
     @Operation(summary = "List Member", description = "Get a list of all member")
     public Page<MemberResponse> list(MemberSearchRequest searchRequest) {
-        return memberService.list(searchRequest);
+        return memberService.query(searchRequest);
     }
 
     @PatchMapping
@@ -78,6 +78,6 @@ public MemberResponse delete(@Validated @RequestBody MemberDeleteRequest deleteR
     @GetMapping("/query")
     @Operation(summary = "Get member", description = "Get a single member by account.")
     public MemberResponse query(String account) {
-        return memberService.query(account);
+        return memberService.queryByAccount(account);
     }
 }

src/main/java/com/featureprobe/api/controller/SegmentController.java

@@ -10,22 +10,17 @@
 import com.featureprobe.api.dto.PaginationRequest;
 import com.featureprobe.api.dto.SegmentCreateRequest;
 import com.featureprobe.api.dto.SegmentResponse;
+import com.featureprobe.api.dto.SegmentSearchRequest;
 import com.featureprobe.api.dto.SegmentUpdateRequest;
 import com.featureprobe.api.dto.ToggleSegmentResponse;
 import com.featureprobe.api.service.SegmentService;
-import com.featureprobe.api.base.doc.GetApiResponse;
-import com.featureprobe.api.dto.SegmentResponse;
-import com.featureprobe.api.dto.SegmentSearchRequest;
-import com.featureprobe.api.service.SegmentService;
 import com.featureprobe.api.validate.ResourceExistsValidate;
 import io.swagger.v3.oas.annotations.Operation;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.data.domain.Page;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PatchMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -35,8 +30,6 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
-import java.util.List;
-
 
 @Slf4j
 @AllArgsConstructor

src/main/java/com/featureprobe/api/service/MemberService.java

@@ -1,9 +1,10 @@
 package com.featureprobe.api.service;
 
 import com.featureprobe.api.auth.UserPasswordAuthenticationToken;
+import com.featureprobe.api.base.constants.MessageKey;
 import com.featureprobe.api.base.enums.ResourceType;
 import com.featureprobe.api.base.enums.RoleEnum;
-import com.featureprobe.api.base.exception.PasswordErrorException;
+import com.featureprobe.api.base.exception.ForbiddenException;
 import com.featureprobe.api.base.exception.ResourceConflictException;
 import com.featureprobe.api.base.exception.ResourceNotFoundException;
 import com.featureprobe.api.dto.MemberCreateRequest;
@@ -14,50 +15,60 @@
 import com.featureprobe.api.entity.Member;
 import com.featureprobe.api.mapper.MemberMapper;
 import com.featureprobe.api.repository.MemberRepository;
-import lombok.AllArgsConstructor;
+import com.featureprobe.api.util.PageRequestUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.data.domain.Page;
-import org.springframework.data.domain.PageRequest;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.domain.Sort;
 import org.springframework.data.jpa.domain.Specification;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
-import javax.persistence.criteria.CriteriaBuilder;
-import javax.persistence.criteria.CriteriaQuery;
-import javax.persistence.criteria.Predicate;
-import javax.persistence.criteria.Root;
-import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
+import java.util.Optional;
 import java.util.stream.Collectors;
 
 
 @Slf4j
-@AllArgsConstructor
 @Service
 public class MemberService {
 
     private MemberRepository memberRepository;
 
+    private PasswordEncoder passwordEncoder;
+
+    public MemberService(MemberRepository memberRepository) {
+        this.memberRepository = memberRepository;
+        this.passwordEncoder = new BCryptPasswordEncoder();
+    }
+
     @Transactional(rollbackFor = Exception.class)
     public List<MemberResponse> create(MemberCreateRequest createRequest) {
-        List<Member> members = new ArrayList<>();
-        createRequest.getAccounts().stream().forEach(account -> {
-            if (memberRepository.findByAccountIncludeDeleted(account).isPresent()) {
-                throw new ResourceConflictException(ResourceType.MEMBER);
-            }
-            members.add(newMember(account, createRequest.getPassword()));
-        });
-        List<Member> saveMembers = memberRepository.saveAll(members);
-        return saveMembers.stream().map(item ->
+        List<Member> savedMembers = memberRepository.saveAll(newNumbers(createRequest));
+
+        return savedMembers.stream().map(item ->
                 MemberMapper.INSTANCE.entityToResponse(item)).collect(Collectors.toList());
     }
 
+    private List<Member> newNumbers(MemberCreateRequest createRequest) {
+        return createRequest.getAccounts()
+                .stream()
+                .filter(this::notExistsAccount)
+                .map(account -> newMember(account, createRequest.getPassword())).collect(Collectors.toList());
+    }
+
+    private boolean notExistsAccount(String account) {
+        if (memberRepository.findByAccountIncludeDeleted(account).isPresent()) {
+            throw new ResourceConflictException(ResourceType.MEMBER);
+        }
+        return true;
+    }
+
     private Member newMember(String account, String password) {
         Member member = new Member();
         member.setAccount(account);
@@ -68,73 +79,88 @@ private Member newMember(String account, String password) {
 
     @Transactional(rollbackFor = Exception.class)
     public MemberResponse update(MemberUpdateRequest updateRequest) {
-        UserPasswordAuthenticationToken authentication =
-                (UserPasswordAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
-        Member member = memberRepository.findByAccount(updateRequest.getAccount())
-                .orElseThrow(() -> new ResourceNotFoundException(ResourceType.MEMBER, updateRequest.getAccount()));
+        verifyAdminPrivileges();
+
+        Member member = findMemberByAccount(updateRequest.getAccount());
         MemberMapper.INSTANCE.mapEntity(updateRequest, member);
-        if (authentication.isAdmin()) {
-            return MemberMapper.INSTANCE.entityToResponse(memberRepository.save(member));
-        }
-        return null;
+        return MemberMapper.INSTANCE.entityToResponse(memberRepository.save(member));
     }
 
     @Transactional(rollbackFor = Exception.class)
     public MemberResponse modifyPassword(MemberModifyPasswordRequest modifyPasswordRequest) {
-        UserPasswordAuthenticationToken authentication =
-                (UserPasswordAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
-        Member member = memberRepository.findByAccount(authentication.getAccount())
-                .orElseThrow(() -> new ResourceNotFoundException(ResourceType.MEMBER, authentication.getAccount()));
-        if (new BCryptPasswordEncoder().matches(modifyPasswordRequest.getOldPassword(), member.getPassword())) {
-            member.setPassword(new BCryptPasswordEncoder().encode(modifyPasswordRequest.getNewPassword()));
-            return MemberMapper.INSTANCE.entityToResponse(memberRepository.save(member));
-        } else {
-            throw new PasswordErrorException();
+        Member member = findLoggedInMember();
+        verifyPassword(modifyPasswordRequest.getOldPassword(), member.getPassword());
+
+        member.setPassword(passwordEncoder.encode(modifyPasswordRequest.getNewPassword()));
+        return MemberMapper.INSTANCE.entityToResponse(memberRepository.save(member));
+    }
+
+    private void verifyPassword(String oldPassword, String newPassword) {
+        if (!passwordEncoder.matches(oldPassword, newPassword)) {
+            throw new IllegalArgumentException(MessageKey.INVALID_OLD_PASSWORD);
         }
     }
 
     @Transactional(rollbackFor = Exception.class)
     public void updateVisitedTime(String account) {
-        Member member = memberRepository.findByAccount(account)
-                .orElseThrow(() -> new ResourceNotFoundException(ResourceType.MEMBER, account));
+        Member member = findMemberByAccount(account);
+
         member.setVisitedTime(new Date());
         memberRepository.save(member);
     }
 
     @Transactional(rollbackFor = Exception.class)
     public MemberResponse delete(String account) {
+        verifyAdminPrivileges();
+
+        Member member = findMemberByAccount(account);
+        member.setDeleted(true);
+        return MemberMapper.INSTANCE.entityToResponse(memberRepository.save(member));
+    }
+
+    private void verifyAdminPrivileges() {
         UserPasswordAuthenticationToken authentication =
                 (UserPasswordAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
-        Member member = memberRepository.findByAccount(account).orElseThrow(() ->
-                new ResourceNotFoundException(ResourceType.MEMBER, account));
-        member.setDeleted(true);
-        if (authentication.isAdmin()) {
-            return MemberMapper.INSTANCE.entityToResponse(memberRepository.save(member));
+
+        if (authentication == null || !authentication.isAdmin()) {
+            throw new ForbiddenException();
         }
-        return null;
-    }
-
-    public Page<MemberResponse> list(MemberSearchRequest searchRequest) {
-        Pageable pageable = PageRequest.of(searchRequest.getPageIndex(), searchRequest.getPageSize(),
-                Sort.Direction.DESC, "createdTime");
-        Specification<Member> spec = new Specification<Member>() {
-            @Override
-            public Predicate toPredicate(Root<Member> root, CriteriaQuery<?> query, CriteriaBuilder cb) {
-                if (StringUtils.isNotBlank(searchRequest.getKeyword())) {
-                    Predicate p0 = cb.like(root.get("account"), "%" + searchRequest.getKeyword() + "%");
-                    query.where(p0);
-                }
-                return query.getRestriction();
-            }
-        };
-        Page<Member> members = memberRepository.findAll(spec, pageable);
+    }
+
+    public Page<MemberResponse> query(MemberSearchRequest searchRequest) {
+        Pageable pageable = PageRequestUtil.toPageable(searchRequest, Sort.Direction.DESC, "createdTime");
+        Page<Member> members = memberRepository.findAll(accountLike(searchRequest.getKeyword()), pageable);
+
         return members.map(item -> MemberMapper.INSTANCE.entityToResponse(item));
     }
 
-    public MemberResponse query(String account) {
-        Member member = memberRepository.findByAccountIncludeDeleted(account)
-                .orElseThrow(() -> new ResourceNotFoundException(ResourceType.MEMBER, account));
+    private Specification<Member> accountLike(String account) {
+        if (StringUtils.isBlank(account)) {
+            return null;
+        }
+        return (root, query, criteriaBuilder) -> criteriaBuilder.like(root.get("account"),
+                "%" + account + "%");
+    }
+
+    public MemberResponse queryByAccount(String account) {
+        Member member = findMemberByAccount(account, true);
         return MemberMapper.INSTANCE.entityToResponse(member);
     }
 
+    private Member findLoggedInMember() {
+        UserPasswordAuthenticationToken authentication =
+                (UserPasswordAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
+
+        return findMemberByAccount(authentication.getAccount());
+    }
+
+    private Member findMemberByAccount(String account) {
+        return findMemberByAccount(account, false);
+    }
+
+    private Member findMemberByAccount(String account, boolean includeDeleted) {
+        Optional<Member> member = includeDeleted ? memberRepository.findByAccountIncludeDeleted(account) :
+                memberRepository.findByAccount(account);
+        return member.orElseThrow(() -> new ResourceNotFoundException(ResourceType.MEMBER, account));
+    }
 }

src/main/java/com/featureprobe/api/util/PageRequestUtil.java

@@ -0,0 +1,14 @@
+package com.featureprobe.api.util;
+
+import com.featureprobe.api.dto.PaginationRequest;
+import org.springframework.data.domain.PageRequest;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.domain.Sort;
+
+public class PageRequestUtil {
+
+    public static Pageable toPageable(PaginationRequest pageRequest, Sort.Direction direction, String sortBy) {
+        return PageRequest.of(pageRequest.getPageIndex(), pageRequest.getPageSize(),
+                direction, sortBy);
+    }
+}

src/main/resources/i18n/messages_en_US.properties

@@ -5,5 +5,7 @@ resource.member=Member
 
 resource.error.conflict=This resource already exists, please modify
 resource.error.not_found={0} {1} not found
-validate.invalid_request=request invalid
+resource.error.forbidden=Forbidden
+validate.invalid_request=Request invalid
 resource.error.using=This resource is being used
+validate.invalid_old_password=Invalid old password

src/main/resources/i18n/messages_zh_CN.properties

@@ -5,5 +5,8 @@ resource.member=成员
 
 resource.error.conflict=资源已经存在
 resource.error.not_found={0} {1} 不存在
+resource.error.using=资源正在被使用
+resource.error.forbidden=操作不合法
+
 validate.invalid_request=请求无效
-resource.error.using=资源正在被使用
+validate.invalid_old_password=旧密码错误