⚡ MarkSphere v1.0.5

그룹 소유권 양도 기능 구현
그룹 탈퇴, 회원 탈퇴 시 소유 그룹 검사
QR 코드 생성 시 권한 검사

Author: son0307

src/main/java/com/sonkim/bookmarking/auth/service/AuthService.java

@@ -67,7 +67,7 @@ public User createAccount(RegisterRequestDto dto) {
 
         // 기본 개인 그룹 생성
         Team personalTeam = Team.builder()
-                .name(dto.getNickname() + "님의 개인 공간")
+                .name("개인 공간")
                 .owner(newUser)
                 .build();
         teamService.saveTeam(personalTeam);

src/main/java/com/sonkim/bookmarking/common/exception/GlobalExceptionHandler.java

@@ -84,6 +84,18 @@ public ResponseEntity<?> handleUnprocessableEntityException(UnprocessableEntityE
         return buildResponse(HttpStatus.UNPROCESSABLE_ENTITY, e.getMessage());
     }
 
+    // 회원 탈퇴 시 소유주 변경이 필요한 그룹이 있을 경우 예외 처리
+    @ExceptionHandler(OwnershipTransferRequiredException.class)
+    public ResponseEntity<Map<String, Object>> handleOwnershipTransferRequiredException(OwnershipTransferRequiredException e) {
+        log.warn("회원 탈퇴 실패: 소유권 이전 필요. {}", e.getMessage());
+
+        Map<String, Object> response = new HashMap<>();
+        response.put("message", e.getMessage());
+        response.put("requiredActionGroups", e.getGroups());
+
+        return new ResponseEntity<>(response, HttpStatus.CONFLICT);
+    }
+
     // 범용 예외 처리
     @ExceptionHandler(Exception.class)
     public ResponseEntity<?> handleException(Exception e) {

src/main/java/com/sonkim/bookmarking/common/exception/OwnershipTransferRequiredException.java

@@ -0,0 +1,16 @@
+package com.sonkim.bookmarking.common.exception;
+
+import com.sonkim.bookmarking.domain.mypage.dto.OwnershipRequiredGroupDto;
+import lombok.Getter;
+
+import java.util.List;
+
+public class OwnershipTransferRequiredException extends RuntimeException {
+    @Getter
+    private final List<OwnershipRequiredGroupDto> groups;
+
+    public OwnershipTransferRequiredException(List<OwnershipRequiredGroupDto> groups) {
+        super("소유권 이전이 필요한 그룹이 존재하여 탈퇴할 수 없습니다.");
+        this.groups = groups;
+    }
+}

src/main/java/com/sonkim/bookmarking/domain/category/service/CategoryService.java

@@ -95,7 +95,7 @@ public List<CategoryDto.CategoryResponseDto> updateCategory(Long userId, Long ca
         teamService.validateGroupIsActive(teamId);
 
         // 요청자가 권한이 있는지 검사
-        teamMemberService.validateAdmin(userId, teamId);
+        teamMemberService.validateEditor(userId, teamId);
 
         // 동일한 이름의 카테고리가 있는지 확인
         if(categoryRepository.existsByNameAndTeam_Id(request.getName(), teamId)) {

src/main/java/com/sonkim/bookmarking/domain/mypage/dto/OwnershipRequiredGroupDto.java

@@ -0,0 +1,11 @@
+package com.sonkim.bookmarking.domain.mypage.dto;
+
+import lombok.Builder;
+import lombok.Data;
+
+@Data
+@Builder
+public class OwnershipRequiredGroupDto {
+    private Long groupId;
+    private String groupName;
+}

src/main/java/com/sonkim/bookmarking/domain/mypage/service/MyPageService.java

@@ -1,15 +1,20 @@
 package com.sonkim.bookmarking.domain.mypage.service;
 
 import com.sonkim.bookmarking.common.dto.PageResponseDto;
+import com.sonkim.bookmarking.common.exception.OwnershipTransferRequiredException;
 import com.sonkim.bookmarking.common.s3.service.S3Service;
 import com.sonkim.bookmarking.domain.bookmark.dto.BookmarkResponseDto;
 import com.sonkim.bookmarking.domain.bookmark.entity.Bookmark;
 import com.sonkim.bookmarking.domain.bookmark.repository.BookmarkRepository;
 import com.sonkim.bookmarking.domain.bookmark.service.BookmarkService;
 import com.sonkim.bookmarking.domain.mypage.dto.MyProfileDto;
+import com.sonkim.bookmarking.domain.mypage.dto.OwnershipRequiredGroupDto;
 import com.sonkim.bookmarking.domain.mypage.dto.PasswordDto;
 import com.sonkim.bookmarking.auth.token.service.TokenService;
 import com.sonkim.bookmarking.domain.profile.service.ProfileService;
+import com.sonkim.bookmarking.domain.team.entity.Team;
+import com.sonkim.bookmarking.domain.team.repository.TeamMemberRepository;
+import com.sonkim.bookmarking.domain.team.repository.TeamRepository;
 import com.sonkim.bookmarking.domain.user.entity.User;
 import com.sonkim.bookmarking.domain.user.repository.UserRepository;
 import com.sonkim.bookmarking.domain.user.service.UserService;
@@ -22,6 +27,8 @@
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.data.domain.Pageable;
 
+import java.util.List;
+
 @Slf4j
 @Service
 @RequiredArgsConstructor
@@ -35,6 +42,8 @@ public class MyPageService {
     private final UserService userService;
     private final S3Service s3Service;
     private final ProfileService profileService;
+    private final TeamRepository teamRepository;
+    private final TeamMemberRepository teamMemberRepository;
 
     @Transactional(readOnly = true)
     public MyProfileDto.MyProfileResponseDto getMyProfile(Long userId) {
@@ -128,6 +137,24 @@ public PageResponseDto<BookmarkResponseDto> getMyLikedBookmarks(Long userId, Pag
     // 탈퇴 처리
     @Transactional
     public void deleteAccount(Long userId) {
+        // 탈퇴하려는 사용자가 속한 그룹 목록 조회
+        List<Team> ownedGroups = teamRepository.findAllByOwner_Id(userId);
+
+        // 소유한 그룹 중, 개인 그룹이 아닌 그룹만 필터링
+        List<OwnershipRequiredGroupDto> groupsRequiringAction = ownedGroups.stream()
+                .filter(team -> teamMemberRepository.countByTeam_Id(team.getId()) > 1)
+                .map(team -> OwnershipRequiredGroupDto.builder()
+                        .groupId(team.getId())
+                        .groupName(team.getName())
+                        .build()
+                )
+                .toList();
+
+        // 조치가 필요한 그룹이 하나라도 있으면 예외 발생
+        if (!groupsRequiringAction.isEmpty()) {
+            throw new OwnershipTransferRequiredException(groupsRequiringAction);
+        }
+
         log.info("userId: {} 탈퇴 요청", userId);
 
         // 사용자 정보 불러와서 탈퇴 처리

src/main/java/com/sonkim/bookmarking/domain/team/controller/TeamController.java

@@ -7,6 +7,7 @@
 import com.sonkim.bookmarking.domain.team.service.QrCodeService;
 import com.sonkim.bookmarking.domain.team.service.TeamService;
 import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Content;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
@@ -108,8 +109,9 @@ public ResponseEntity<Void> joinTeamMember(@AuthenticationPrincipal UserDetailsI
         return ResponseEntity.status(HttpStatus.CREATED).build();
     }
 
-    @Operation(summary = "그룹 초대 QR 코드 이미지 생성", description = "그룹 초대를 위한 QR 코드를 이미지(PNG) 형식으로 생성하여 반환합니다.")
+    @Operation(summary = "그룹 초대 QR 코드 이미지 생성", description = "그룹 초대를 위한 QR 코드를 이미지(PNG) 형식으로 생성하여 반환합니다. ADMIN 이상의 권한을 가진 유저만 가능")
     @ApiResponse(responseCode = "200", description = "QR 코드 생성 성공", content = @Content(mediaType = "image/png"))
+    @ApiResponse(responseCode = "403", description = "권한 부족")
     @GetMapping("/{groupId}/invite-qr")
     public ResponseEntity<byte[]> generateInviteCode(@AuthenticationPrincipal UserDetailsImpl userDetails,
                                                 @PathVariable("groupId") Long groupId) {
@@ -118,10 +120,10 @@ public ResponseEntity<byte[]> generateInviteCode(@AuthenticationPrincipal UserDe
             String inviteCode = teamService.getInviteCodeByTeamId(groupId);
 
             // QR 코드에 담을 URL 생성
-            String joinUrl = "http://localhost:8080/api/groups/join?code=" + inviteCode;    // 차후 도메인으로 수정
+            String joinUrl = "https://marksphere.link/api/groups/join?code=" + inviteCode;    // 차후 도메인으로 수정
 
             // QR 코드 이미지 생성
-            byte[] qrCodeImage = qrCodeService.generateQrCodeImage(userDetails.getId(), joinUrl);
+            byte[] qrCodeImage = qrCodeService.generateQrCodeImage(userDetails.getId(), groupId, joinUrl);
 
             return ResponseEntity.ok()
                     .contentType(MediaType.IMAGE_PNG)
@@ -174,4 +176,20 @@ public ResponseEntity<TeamDto.CodeResponseDto> getInviteCode(
 
         return ResponseEntity.status(HttpStatus.CREATED).body(response);
     }
+
+    @Operation(summary = "그룹 소유권 이전", description = "그룹의 소유권을 다른 멤버에게 이전합니다. 현재 소유주만 실행할 수 있습니다.")
+    @ApiResponses({
+            @ApiResponse(responseCode = "200", description = "소유권 이전 성공"),
+            @ApiResponse(responseCode = "403", description = "권한 없음 (소유주가 아님)"),
+            @ApiResponse(responseCode = "400", description = "잘못된 요청 (예: 멤버가 아닌 사용자에게 이전 시도)")
+    })
+    @PostMapping("/{groupId}/transfer-ownership")
+    public ResponseEntity<Void> transferOwnership(
+            @AuthenticationPrincipal UserDetailsImpl userDetails,
+            @Parameter(description = "소유권을 이전할 그룹 ID") @PathVariable Long groupId,
+            @RequestBody TeamDto.OwnerTransferDto transferDto)
+    {
+        teamService.transferOwnership(userDetails.getId(), transferDto.getNewOwnerId(), groupId);
+        return ResponseEntity.ok().build();
+    }
 }

src/main/java/com/sonkim/bookmarking/domain/team/controller/TeamMemberController.java

@@ -66,7 +66,7 @@ public ResponseEntity<Void> kickMember(@AuthenticationPrincipal UserDetailsImpl
     @Operation(summary = "그룹 탈퇴", description = "멤버 스스로 그룹에서 나갑니다.")
     @ApiResponses({
             @ApiResponse(responseCode = "200", description = "그룹 탈퇴 성공"),
-            @ApiResponse(responseCode = "400", description = "마지막 남은 관리자는 탈퇴할 수 없음"),
+            @ApiResponse(responseCode = "409", description = "마지막 남은 관리자는 탈퇴할 수 없음"),
             @ApiResponse(responseCode = "404", description = "그룹 또는 멤버를 찾을 수 없음")
     })
     @DeleteMapping("/{groupId}/leave")

src/main/java/com/sonkim/bookmarking/domain/team/dto/TeamDto.java

@@ -55,4 +55,10 @@ public static class CreateResponseDto {
     public static class CodeResponseDto {
         private String code;
     }
+
+    // 그룹 소유주 이전
+    @Data
+    public static class OwnerTransferDto {
+        private Long newOwnerId;
+    }
 }

src/main/java/com/sonkim/bookmarking/domain/team/entity/Team.java

@@ -70,4 +70,9 @@ public void cancelDeletion() {
         this.status = TeamStatus.ACTIVE;
         this.deletionScheduledAt = null;
     }
+
+    // 소유주 변경
+    public void updateOwner(User owner) {
+        this.owner = owner;
+    }
 }