test: 타사용자의 이메일, 비밀번호 변경 불가 검증

backend/src/test/java/com/cruru/member/acceptance/MemberAcceptanceTest.java

@@ -0,0 +1,79 @@
+package com.cruru.member.acceptance;
+
+import static org.mockito.Mockito.doNothing;
+
+import com.cruru.auth.service.AuthService;
+import com.cruru.club.domain.repository.ClubRepository;
+import com.cruru.email.service.EmailRedisClient;
+import com.cruru.member.controller.request.EmailChangeRequest;
+import com.cruru.member.controller.request.PasswordChangeRequest;
+import com.cruru.member.domain.Member;
+import com.cruru.member.domain.repository.MemberRepository;
+import com.cruru.util.AcceptanceTest;
+import com.cruru.util.fixture.ClubFixture;
+import com.cruru.util.fixture.MemberFixture;
+import io.restassured.RestAssured;
+import io.restassured.http.ContentType;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.mock.mockito.MockBean;
+
+public class MemberAcceptanceTest extends AcceptanceTest {
+
+    @MockBean
+    private EmailRedisClient emailRedisClient;
+
+    @Autowired
+    private MemberRepository memberRepository;
+
+    @Autowired
+    private ClubRepository clubRepository;
+
+    @Autowired
+    private AuthService authService;
+
+    private Member member;
+    private String newToken;
+
+    @BeforeEach
+    void setUp() {
+        member = memberRepository.save(MemberFixture.DOBBY);
+        clubRepository.save(ClubFixture.create(member));
+        newToken = authService.createAccessToken(member.getEmail(), member.getRole()).getToken();
+    }
+
+    @DisplayName("사용자는 다른 사용자의 이메일을 변경할 수 없다.")
+    @Test
+    void userCannotChangeAnotherUsersEmail() {
+        // given
+        String changeEmail = "[email protected]";
+        EmailChangeRequest request = new EmailChangeRequest(changeEmail);
+        doNothing().when(emailRedisClient).verifyEmail(request.email());
+
+        // when&then
+        RestAssured.given().log().all()
+                .contentType(ContentType.JSON)
+                .cookie("accessToken", newToken)
+                .body(request)
+                .when().patch("/v1/members/{memberId}/email", defaultMember.getId())
+                .then().log().all().statusCode(403);
+    }
+
+    @DisplayName("사용자는 다른 사용자의 비밀번호를 변경할 수 없다.")
+    @Test
+    void userCannotChangeAnotherUsersPassword() {
+        // given
+        String changePassword = "NewPassword123!!";
+        PasswordChangeRequest request = new PasswordChangeRequest(changePassword);
+
+        // when&then
+        RestAssured.given().log().all()
+                .contentType(ContentType.JSON)
+                .cookie("accessToken", newToken)
+                .body(request)
+                .when().patch("/v1/members/{memberId}/password", defaultMember.getId())
+                .then().log().all().statusCode(403);
+    }
+}

backend/src/test/java/com/cruru/util/AcceptanceTest.java

@@ -0,0 +1,81 @@
+package com.cruru.util;
+
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.doNothing;
+import static org.mockito.Mockito.doReturn;
+import static org.mockito.Mockito.mock;
+
+import com.cruru.auth.service.AuthService;
+import com.cruru.club.domain.Club;
+import com.cruru.club.domain.repository.ClubRepository;
+import com.cruru.member.domain.Member;
+import com.cruru.member.domain.repository.MemberRepository;
+import com.cruru.util.fixture.ClubFixture;
+import com.cruru.util.fixture.LocalDateFixture;
+import com.cruru.util.fixture.MemberFixture;
+import io.restassured.RestAssured;
+import jakarta.mail.internet.MimeMessage;
+import java.time.Clock;
+import java.time.Instant;
+import org.junit.jupiter.api.BeforeEach;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.mock.mockito.MockBean;
+import org.springframework.boot.test.mock.mockito.SpyBean;
+import org.springframework.boot.test.web.server.LocalServerPort;
+import org.springframework.mail.javamail.JavaMailSender;
+import org.springframework.test.context.ActiveProfiles;
+
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+@ActiveProfiles("test")
+public class AcceptanceTest {
+
+    private static final Clock FIXED_TIME = LocalDateFixture.fixedClock();
+
+    protected Member defaultMember;
+    protected Club defaultClub;
+    protected String token;
+
+    @LocalServerPort
+    private int port;
+    @Autowired
+    private AuthService authService;
+    @Autowired
+    private MemberRepository memberRepository;
+    @Autowired
+    private ClubRepository clubRepository;
+    @Autowired
+    private DbCleaner dbCleaner;
+    @SpyBean
+    private Clock clock;
+    @MockBean
+    private JavaMailSender javaMailSender;
+
+    @BeforeEach
+    void createDefaultLoginMember() {
+        dbCleaner.truncateEveryTable();
+        defaultMember = memberRepository.save(MemberFixture.ADMIN);
+        defaultClub = clubRepository.save(ClubFixture.create(defaultMember));
+        token = authService.createAccessToken(defaultMember.getEmail(), defaultMember.getRole()).getToken();
+    }
+
+    @BeforeEach
+    void setPort() {
+        RestAssured.port = port;
+    }
+
+    @BeforeEach
+    void setClock() {
+        doReturn(Instant.now(FIXED_TIME))
+                .when(clock)
+                .instant();
+    }
+
+    @BeforeEach
+    void setJavaMailSender() {
+        doReturn(mock(MimeMessage.class))
+                .when(javaMailSender).createMimeMessage();
+        doNothing()
+                .when(javaMailSender).send(any(MimeMessage.class));
+    }
+}