Skip to content

[User] 프로필 이미지 업로드 검증 로직 리팩토링#154

Merged
Creamcheesepie merged 3 commits into
mainfrom
refactor/#153
Dec 22, 2025
Merged

[User] 프로필 이미지 업로드 검증 로직 리팩토링#154
Creamcheesepie merged 3 commits into
mainfrom
refactor/#153

Conversation

@larama-C
Copy link
Copy Markdown
Collaborator

@larama-C larama-C commented Dec 21, 2025
edited
Loading

🔗 관련 이슈

관련된 이슈 번호를 연결해주세요.
Close #이슈번호 를 쓰면 PR merge 시 자동으로 close 됩니다.

🚀 PR 개요

이 PR이 어떤 변경을 포함하고 있는지 간단히 설명해주세요.

  • 유저 프로필 이미지 업로드 시 보안을 강화하기 위해 Apache Tika 기반 MIME 타입 검증 로직을 도입했습니다.
  • 확장자 위조 파일 업로드를 방지하기 위해 실제 바이너리 기반 파일 유효성 검증을 수행하도록 개선했습니다.

📌 변경 사항

주요 변경 내용을 체크리스트 형태로 정리해주세요.

  • 기능 추가
  • 버그 수정
  • 리팩터링
  • 문서 업데이트
  • 테스트 추가/수정

🧪 테스트 방법

변경된 내용을 어떻게 테스트했는지 구체적으로 적어주세요.

📸 스크린샷 (선택)

UI 변경 또는 시각적으로 확인할 수 있는 변경이 있다면 첨부해주세요.

⚠️ 참고 사항

리뷰어가 알아야 할 사항이 있다면 자유롭게 작성해주세요.

@larama-C larama-C self-assigned this Dec 21, 2025
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Dec 21, 2025

Test Results

6 tests  ±0   6 ✅ ±0   1s ⏱️ ±0s
3 suites ±0   0 💤 ±0 
3 files   ±0   0 ❌ ±0 

Results for commit e885d65. ± Comparison against base commit 28839d8.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Dec 21, 2025

⭐ JaCoCo Coverage

Line Coverage: 6.95%

📄 Coverage Details

Overall Line Coverage: 6.91% (189 covered / 2735 lines)

Package Summary (lowest first)
Package Line % Covered Missed
com/back/web7_9_codecrete_be/domain/chats/controller 0.00% 0 2
com/back/web7_9_codecrete_be/domain/chats/service 0.00% 0 38
com/back/web7_9_codecrete_be/domain/plans/controller 0.00% 0 43
com/back/web7_9_codecrete_be/domain/location/controller 0.00% 0 14
com/back/web7_9_codecrete_be/global/rsData 0.00% 0 11
com/back/web7_9_codecrete_be/domain/chats/entity 0.00% 0 4
com/back/web7_9_codecrete_be/domain/location/entity 0.00% 0 15
com/back/web7_9_codecrete_be/global/scheduler 0.00% 0 3
com/back/web7_9_codecrete_be/domain/auth/entity 0.00% 0 0
com/back/web7_9_codecrete_be/domain/auth/service 0.00% 0 161
com/back/web7_9_codecrete_be/domain/plans/service 0.00% 0 311
com/back/web7_9_codecrete_be/global/initData 0.00% 0 51
com/back/web7_9_codecrete_be/domain/users/controller 0.00% 0 20
com/back/web7_9_codecrete_be/domain/email/entity 0.00% 0 6
com/back/web7_9_codecrete_be/domain/auth/controller 0.00% 0 24
com/back/web7_9_codecrete_be/domain/artists/controller 0.00% 0 27
com/back/web7_9_codecrete_be/global/aspect 0.00% 0 4
com/back/web7_9_codecrete_be/global/wikidata 0.36% 1 279
com/back/web7_9_codecrete_be/domain/artists/service 0.76% 3 390
com/back/web7_9_codecrete_be/global/musicbrainz 0.99% 1 100
com/back/web7_9_codecrete_be/domain/users/service 1.52% 1 65
com/back/web7_9_codecrete_be/domain/email/service 1.61% 1 61
com/back/web7_9_codecrete_be/domain/concerts/entity 3.33% 3 87
com/back/web7_9_codecrete_be/domain/concerts/controller 3.45% 1 28
com/back/web7_9_codecrete_be/global/storage 3.57% 2 54
com/back/web7_9_codecrete_be/domain/concerts/service 5.12% 24 445
com/back/web7_9_codecrete_be/domain/artists/entity 8.33% 4 44
com/back/web7_9_codecrete_be/global/rq 10.87% 5 41
com/back/web7_9_codecrete_be/domain/users/util 14.29% 1 6
com/back/web7_9_codecrete_be/domain/plans/entity 24.14% 21 66
com/back/web7_9_codecrete_be/global/security 27.62% 29 76
com/back/web7_9_codecrete_be/domain/users/entity 29.27% 12 29
com/back/web7_9_codecrete_be/global/spotify 35.71% 5 9
com/back/web7_9_codecrete_be/domain/location/service 64.44% 58 32
com/back/web7_9_codecrete_be/global/doc 100.00% 17 0
Lowest Covered Classes (Top 20)
Class Line % Covered Missed
com.back.web7_9_codecrete_be.domain.plans.service.PlanService 0.00% 0 311
com.back.web7_9_codecrete_be.domain.auth.service.AuthService 0.00% 0 98
com.back.web7_9_codecrete_be.domain.artists.service.ArtistService 0.00% 0 78
com.back.web7_9_codecrete_be.domain.concerts.service.ConcertService 0.00% 0 63
com.back.web7_9_codecrete_be.global.initData.BaseInitData 0.00% 0 51
com.back.web7_9_codecrete_be.domain.plans.controller.PlanController 0.00% 0 43
com.back.web7_9_codecrete_be.domain.concerts.entity.Concert 0.00% 0 40
com.back.web7_9_codecrete_be.domain.plans.entity.Schedule 0.00% 0 37
com.back.web7_9_codecrete_be.global.security.JwtTokenProvider 0.00% 0 37
com.back.web7_9_codecrete_be.domain.artists.entity.Artist 0.00% 0 31
com.back.web7_9_codecrete_be.domain.location.service.LocationService 0.00% 0 30
com.back.web7_9_codecrete_be.domain.concerts.entity.ConcertPlace 0.00% 0 29
com.back.web7_9_codecrete_be.domain.users.entity.User 0.00% 0 29
com.back.web7_9_codecrete_be.domain.chats.service.ChatPolicyService 0.00% 0 27
com.back.web7_9_codecrete_be.domain.auth.service.TokenService 0.00% 0 27
com.back.web7_9_codecrete_be.domain.artists.controller.ArtistsController 0.00% 0 27
com.back.web7_9_codecrete_be.domain.auth.controller.AuthController 0.00% 0 24
com.back.web7_9_codecrete_be.global.storage.S3FileStorageService 0.00% 0 23
com.back.web7_9_codecrete_be.domain.users.controller.UserController 0.00% 0 20
com.back.web7_9_codecrete_be.domain.plans.entity.Plan 0.00% 0 18
Changed Classes (from this PR)
Source (PR) Class Prefix Line % Covered Missed
src/main/java/com/back/web7_9_codecrete_be/global/storage/ImageMimeType.java com.back.web7_9_codecrete_be.global.storage.ImageMimeType 0.00% 0 14
src/main/java/com/back/web7_9_codecrete_be/global/error/code/FileErrorCode.java com.back.web7_9_codecrete_be.global.error.code.FileErrorCode 0.00% 0 0
src/main/java/com/back/web7_9_codecrete_be/global/error/code/UserErrorCode.java com.back.web7_9_codecrete_be.global.error.code.UserErrorCode 0.00% 0 0
src/main/java/com/back/web7_9_codecrete_be/domain/users/service/UserService.java com.back.web7_9_codecrete_be.domain.users.service.UserService 1.61% 1 61
src/main/java/com/back/web7_9_codecrete_be/global/storage/ImageFileValidator.java com.back.web7_9_codecrete_be.global.storage.ImageFileValidator 10.53% 2 17

🔗 Full HTML report: See artifact jacoco-full-html on this run → https://github.com/prgrms-web-devcourse-final-project/WEB7_9_codecrete_BE/actions/runs/20403676119

Creamcheesepie
Creamcheesepie approved these changes Dec 22, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@Creamcheesepie Creamcheesepie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

기본적인 구현으로는 충분히 할 거 다 하신거 같은데 S3에서 피해야하는 제한 사항이 있어서 해당 부분만 검증 추가하시면 완벽할것 같습니다!
S3 객체 키 제한 사항

@Creamcheesepie Creamcheesepie merged commit 586475d into main Dec 22, 2025
2 checks passed
@Creamcheesepie Creamcheesepie deleted the refactor/#153 branch December 22, 2025 01:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Creamcheesepie Creamcheesepie Creamcheesepie approved these changes

@heygeeji heygeeji heygeeji approved these changes

Assignees

@larama-C larama-C

Labels

Refactor

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[User] 프로필 이미지 파일 업로드시 확장자 검사 로직 리팩토링

3 participants

@larama-C @Creamcheesepie @heygeeji