fix: 세션 소유자 검증 시 존재 여부와 권한을 분리하여 처리

Boyeon-Shin · Boyeon-Shin · commit c6bdb50163d5 · 2026-04-24T20:43:00.000+09:00
diff --git a/src/main/java/io/wisoft/prepair/prepair_api/global/exception/ErrorCode.java b/src/main/java/io/wisoft/prepair/prepair_api/global/exception/ErrorCode.java
@@ -23,6 +23,9 @@ public enum ErrorCode {
     RESOURCE_NOT_FOUND(HttpStatus.NOT_FOUND, "리소스를 찾을 수 없습니다."),
     DUPLICATE_RESOURCE(HttpStatus.CONFLICT, "이미 존재하는 리소스입니다."),
 
+    // Session
+    SESSION_NOT_FOUND(HttpStatus.NOT_FOUND, "세션을 찾을 수 없습니다."),
+
     // Question
     QUESTION_NOT_FOUND(HttpStatus.NOT_FOUND, "질문을 찾을 수 없습니다."),
 
diff --git a/src/main/java/io/wisoft/prepair/prepair_api/repository/SessionRepository.java b/src/main/java/io/wisoft/prepair/prepair_api/repository/SessionRepository.java
@@ -5,5 +5,4 @@
 import org.springframework.data.jpa.repository.JpaRepository;
 
 public interface SessionRepository extends JpaRepository<InterviewSession, UUID> {
-    boolean existsByIdAndMemberId(UUID id, UUID memberId);
 }
diff --git a/src/main/java/io/wisoft/prepair/prepair_api/service/question/QuestionService.java b/src/main/java/io/wisoft/prepair/prepair_api/service/question/QuestionService.java
@@ -80,7 +80,9 @@ public List<InterviewQuestion> generateVideoQuestions(UUID memberId, VideoInterv
     }
 
     public void validateSessionOwner(UUID sessionId, UUID memberId) {
-        if(!sessionRepository.existsByIdAndMemberId(sessionId, memberId)) {
+        InterviewSession session = sessionRepository.findById(sessionId)
+                .orElseThrow(() -> new BusinessException(ErrorCode.SESSION_NOT_FOUND));
+        if (!session.getMemberId().equals(memberId)) {
             throw new BusinessException(ErrorCode.FORBIDDEN);
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -5,5 +5,4 @@`
`5`	`5`	`import org.springframework.data.jpa.repository.JpaRepository;`
`6`	`6`
`7`	`7`	`public interface SessionRepository extends JpaRepository<InterviewSession, UUID> {`
`8`		`- boolean existsByIdAndMemberId(UUID id, UUID memberId);`
`9`	`8`	`}`
Original file line number	Diff line number	Diff line change
`@@ -80,7 +80,9 @@ public List<InterviewQuestion> generateVideoQuestions(UUID memberId, VideoInterv`
`80`	`80`	`}`
`81`	`81`
`82`	`82`	`public void validateSessionOwner(UUID sessionId, UUID memberId) {`
`83`		`- if(!sessionRepository.existsByIdAndMemberId(sessionId, memberId)) {`
	`83`	`+ InterviewSession session = sessionRepository.findById(sessionId)`
	`84`	`+ .orElseThrow(() -> new BusinessException(ErrorCode.SESSION_NOT_FOUND));`
	`85`	`+ if (!session.getMemberId().equals(memberId)) {`
`84`	`86`	`throw new BusinessException(ErrorCode.FORBIDDEN);`
`85`	`87`	`}`
`86`	`88`	`}`