zenn/sori.studio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

태그를 관리용/일반용으로 분리하고 관리자 드래그 정렬을 추가.

Browse Source 
댓글/회원/관리자 인증·프로필 흐름 보완과 관련 마이그레이션 및 문서를 함께 반영해 운영 동선을 안정화.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
zenn
2026-05-11 18:34:23 +09:00
parent b18aca4dcc
commit cdc16c72b2
35 changed files with 1721 additions and 138 deletions
Download Patch File Download Diff File Expand all files Collapse all files

173
server/repositories/comment-repository.js
View File

@@ -10,7 +10,9 @@ import { getPostgresClient } from './postgres-client'
* @property {string} status - 댓글 상태
* @property {string} createdAt - 생성 시각
* @property {string} updatedAt - 수정 시각
* @property {{ id: string, username: string }} user - 작성자 정보
* @property {number} likeCount - 좋아요 수
* @property {boolean} likedByMe - 현재 회원 좋아요 여부
* @property {{ id: string, username: string, avatarUrl: string }} user - 작성자 정보
*/
/**
@@ -19,6 +21,13 @@ import { getPostgresClient } from './postgres-client'
*/
const getSql = () => getPostgresClient()
/**
* Postgres undefined table 에러 여부 확인
* @param {unknown} error - 에러 객체
* @returns {boolean} undefined table 여부
*/
const isUndefinedTableError = (error) => String(error?.code || '') === '42P01'
/**
* 게시물 ID 조회
* @param {ReturnType<typeof import('postgres').default>} sql - postgres 클라이언트
@@ -46,7 +55,7 @@ const findPublishedPostIdBySlug = async (sql, slug) => {
* @param {string} slug - 게시물 슬러그
* @returns {Promise<Array<PostComment>>} 댓글 목록
*/
export const listPostCommentsBySlug = async (slug) => {
export const listPostCommentsBySlug = async (slug, viewerUserId = null) => {
const sql = getSql()
if (!sql) {
@@ -61,23 +70,64 @@ export const listPostCommentsBySlug = async (slug) => {
})
}
const rows = await sql`
SELECT
comments.id,
comments.post_id AS "postId",
comments.parent_id AS "parentId",
comments.body,
comments.status,
comments.created_at AS "createdAt",
comments.updated_at AS "updatedAt",
users.id AS "userId",
users.username AS "username"
FROM comments
INNER JOIN users ON users.id = comments.user_id
WHERE comments.post_id = ${postId}
AND comments.status = 'published'
ORDER BY comments.created_at ASC
`
let rows = []
try {
rows = await sql`
SELECT
comments.id,
comments.post_id AS "postId",
comments.parent_id AS "parentId",
comments.body,
comments.status,
comments.created_at AS "createdAt",
comments.updated_at AS "updatedAt",
users.id AS "userId",
users.username AS "username",
users.avatar_url AS "avatarUrl",
COALESCE(comment_like_counts.like_count, 0) AS "likeCount",
CASE
WHEN viewer_comment_likes.user_id IS NULL THEN false
ELSE true
END AS "likedByMe"
FROM comments
INNER JOIN users ON users.id = comments.user_id
LEFT JOIN (
SELECT comment_id, COUNT(*)::INT AS like_count
FROM comment_likes
GROUP BY comment_id
) AS comment_like_counts ON comment_like_counts.comment_id = comments.id
LEFT JOIN comment_likes AS viewer_comment_likes
ON viewer_comment_likes.comment_id = comments.id
AND viewer_comment_likes.user_id = ${viewerUserId}
WHERE comments.post_id = ${postId}
AND comments.status = 'published'
ORDER BY comments.created_at ASC
`
} catch (error) {
if (!isUndefinedTableError(error)) {
throw error
}
rows = await sql`
SELECT
comments.id,
comments.post_id AS "postId",
comments.parent_id AS "parentId",
comments.body,
comments.status,
comments.created_at AS "createdAt",
comments.updated_at AS "updatedAt",
users.id AS "userId",
users.username AS "username",
users.avatar_url AS "avatarUrl"
FROM comments
INNER JOIN users ON users.id = comments.user_id
WHERE comments.post_id = ${postId}
AND comments.status = 'published'
ORDER BY comments.created_at ASC
`
}
return rows.map((row) => ({
id: row.id,
@@ -87,9 +137,12 @@ export const listPostCommentsBySlug = async (slug) => {
status: row.status,
createdAt: row.createdAt.toISOString(),
updatedAt: row.updatedAt.toISOString(),
likeCount: Number(row.likeCount || 0),
likedByMe: Boolean(row.likedByMe),
user: {
id: row.userId,
username: row.username
username: row.username,
avatarUrl: row.avatarUrl || ''
}
}))
}
@@ -165,7 +218,7 @@ export const createComment = async (input) => {
}
const userRows = await sql`
SELECT id, username
SELECT id, username, avatar_url
FROM users
WHERE id = ${input.userId}
LIMIT 1
@@ -189,8 +242,84 @@ export const createComment = async (input) => {
updatedAt: created.updatedAt.toISOString(),
user: {
id: user.id,
username: user.username
username: user.username,
avatarUrl: user.avatar_url || ''
}
}
}
/**
* 댓글 좋아요를 토글한다.
* @param {{ slug: string, commentId: string, userId: string }} input - 좋아요 입력값
* @returns {Promise<{ liked: boolean, likeCount: number }>} 좋아요 결과
*/
export const toggleCommentLike = async (input) => {
const sql = getSql()
if (!sql) {
throw createError({
statusCode: 500,
message: '데이터베이스 설정이 필요합니다.'
})
}
const postId = await findPublishedPostIdBySlug(sql, input.slug)
if (!postId) {
throw createError({
statusCode: 404,
statusMessage: '게시물을 찾을 수 없습니다'
})
}
const commentRows = await sql`
SELECT id
FROM comments
WHERE id = ${input.commentId}
AND post_id = ${postId}
AND status = 'published'
LIMIT 1
`
const comment = commentRows?.[0]
if (!comment) {
throw createError({
statusCode: 404,
message: '댓글을 찾을 수 없습니다.'
})
}
const likedRows = await sql`
SELECT 1
FROM comment_likes
WHERE comment_id = ${input.commentId}
AND user_id = ${input.userId}
LIMIT 1
`
const alreadyLiked = Boolean(likedRows?.[0])
if (alreadyLiked) {
await sql`
DELETE FROM comment_likes
WHERE comment_id = ${input.commentId}
AND user_id = ${input.userId}
`
} else {
await sql`
INSERT INTO comment_likes (comment_id, user_id)
VALUES (${input.commentId}, ${input.userId})
ON CONFLICT (comment_id, user_id) DO NOTHING
`
}
const countRows = await sql`
SELECT COUNT(*)::INT AS like_count
FROM comment_likes
WHERE comment_id = ${input.commentId}
`
return {
liked: !alreadyLiked,
likeCount: Number(countRows?.[0]?.like_count || 0)
}
}

74
server/repositories/content-repository.js
View File

@@ -59,7 +59,8 @@ const mapTagRow = (row) => ({
slug: row.slug,
description: row.description,
sortOrder: row.sort_order,
color: row.color
color: row.color,
tagType: row.tag_type || 'managed'
})
/**
@@ -532,22 +533,45 @@ export const getPageBySlug = async (slug) => {
* 공개 태그 목록 조회
* @returns {Promise<Array>} 태그 목록
*/
export const listTags = async () => {
export const listTags = async ({ tagType } = {}) => {
const sql = getPostgresClient()
if (!sql) {
return getSampleTags()
const sampleTags = getSampleTags().map((tag) => ({
...tag,
tagType: 'managed'
}))
if (!tagType) {
return sampleTags
}
return sampleTags.filter((tag) => tag.tagType === tagType)
}
const rows = await sql`
SELECT *
FROM tags
ORDER BY sort_order ASC, name ASC
`
const rows = tagType
? await sql`
SELECT *
FROM tags
WHERE tag_type = ${tagType}
ORDER BY sort_order ASC, name ASC
`
: await sql`
SELECT *
FROM tags
ORDER BY
CASE tag_type WHEN 'managed' THEN 0 ELSE 1 END ASC,
sort_order ASC,
name ASC
`
return rows.map(mapTagRow)
}
/**
* 관리자 태그 목록 조회
* @returns {Promise<Array>} 관리자 태그 목록
*/
export const listAdminTags = async () => listTags()
const SEARCH_TAG_LIMIT = 12
const SEARCH_POST_LIMIT = 12
const SEARCH_POST_CANDIDATE_LIMIT = 48
@@ -823,8 +847,8 @@ export const createAdminTag = async (input) => {
}
const rows = await sql`
INSERT INTO tags (name, slug, description, sort_order, color)
VALUES (${input.name}, ${input.slug}, ${input.description}, ${input.sortOrder}, ${input.color})
INSERT INTO tags (name, slug, description, sort_order, color, tag_type)
VALUES (${input.name}, ${input.slug}, ${input.description}, ${input.sortOrder}, ${input.color}, ${input.tagType})
RETURNING *
`
@@ -852,6 +876,7 @@ export const updateAdminTag = async (id, input) => {
description = ${input.description},
sort_order = ${input.sortOrder},
color = ${input.color},
tag_type = ${input.tagType},
updated_at = now()
WHERE id = ${id}
RETURNING *
@@ -860,6 +885,35 @@ export const updateAdminTag = async (id, input) => {
return rows[0] ? mapTagRow(rows[0]) : null
}
/**
* 관리자 관리용 태그 순서를 일괄 갱신
* @param {Array<string>} tagIds - 정렬된 태그 ID 목록
* @returns {Promise<Array>} 갱신된 태그 목록
*/
export const reorderManagedTags = async (tagIds) => {
const sql = getPostgresClient()
if (!sql) {
throw new Error('DATABASE_REQUIRED')
}
await sql.begin(async (transaction) => {
for (let index = 0; index < tagIds.length; index += 1) {
const tagId = tagIds[index]
await transaction`
UPDATE tags
SET
sort_order = ${(index + 1) * 10},
updated_at = now()
WHERE id = ${tagId}
AND tag_type = 'managed'
`
}
})
return listTags({ tagType: 'managed' })
}
/**
* 관리자 태그 삭제
* @param {string} id - 태그 ID

208
server/repositories/member-repository.js
View File

@@ -1,6 +1,14 @@
import { createError } from 'h3'
import { getPostgresClient } from './postgres-client'
export const MEMBER_ROLE = {
OWNER: 'owner',
ADMIN: 'admin',
MEMBER: 'member'
}
const PRIVILEGED_ROLES = [MEMBER_ROLE.OWNER, MEMBER_ROLE.ADMIN]
/**
* @typedef {Object} MemberUser
* @property {string} id - 사용자 ID
@@ -8,6 +16,8 @@ import { getPostgresClient } from './postgres-client'
* @property {string} email - 이메일
* @property {string} passwordHash - 비밀번호 해시
* @property {string} avatarUrl - 아바타 URL
* @property {boolean} isAdmin - 관리자 여부
* @property {'owner' | 'admin' | 'member'} role - 권한 코드
* @property {string} createdAt - 생성 시각(ISO)
* @property {string} updatedAt - 수정 시각(ISO)
* @property {string | null} lastSeenAt - 최근 접속 시각(ISO)
@@ -43,6 +53,8 @@ export const getUserByEmail = async (email) => {
email,
password_hash AS "passwordHash",
avatar_url AS "avatarUrl",
is_admin AS "isAdmin",
user_role AS "role",
created_at AS "createdAt",
updated_at AS "updatedAt",
last_seen_at AS "lastSeenAt",
@@ -68,6 +80,8 @@ export const getUserById = async (id) => {
username,
email,
avatar_url AS "avatarUrl",
is_admin AS "isAdmin",
user_role AS "role",
created_at AS "createdAt",
updated_at AS "updatedAt",
last_seen_at AS "lastSeenAt",
@@ -94,6 +108,8 @@ export const getUserByIdWithPassword = async (id) => {
email,
password_hash AS "passwordHash",
avatar_url AS "avatarUrl",
is_admin AS "isAdmin",
user_role AS "role",
created_at AS "createdAt",
updated_at AS "updatedAt",
last_seen_at AS "lastSeenAt",
@@ -115,13 +131,25 @@ export const createUser = async (input) => {
const sql = requireSql()
const rows = await sql`
INSERT INTO users (username, email, password_hash, avatar_url)
VALUES (${input.username}, ${input.email}, ${input.passwordHash}, '')
INSERT INTO users (username, email, password_hash, avatar_url, is_admin, user_role)
VALUES (
${input.username},
${input.email},
${input.passwordHash},
'',
NOT EXISTS (SELECT 1 FROM users),
CASE
WHEN NOT EXISTS (SELECT 1 FROM users) THEN ${MEMBER_ROLE.OWNER}
ELSE ${MEMBER_ROLE.MEMBER}
END
)
RETURNING
id,
username,
email,
avatar_url AS "avatarUrl",
is_admin AS "isAdmin",
user_role AS "role",
created_at AS "createdAt",
updated_at AS "updatedAt",
last_seen_at AS "lastSeenAt",
@@ -175,6 +203,8 @@ export const updateMemberProfile = async (input) => {
username,
email,
avatar_url AS "avatarUrl",
is_admin AS "isAdmin",
user_role AS "role",
created_at AS "createdAt",
updated_at AS "updatedAt",
last_seen_at AS "lastSeenAt",
@@ -240,7 +270,7 @@ export const isUsernameTaken = async (input) => {
/**
* 관리자용 회원 목록 조회(댓글 활동 포함)
* @returns {Promise<Array<{ id: string, username: string, email: string, avatarUrl: string, createdAt: string, updatedAt: string, lastSeenAt: string | null, lastSeenIp: string, commentCount: number, activityStatus: string }>>} 회원 목록
* @returns {Promise<Array<{ id: string, username: string, email: string, avatarUrl: string, isAdmin: boolean, roleCode: string, createdAt: string, updatedAt: string, lastSeenAt: string | null, lastSeenIp: string, commentCount: number, activityStatus: string, role: string }>>} 회원 목록
*/
export const listMembersForAdmin = async () => {
const sql = requireSql()
@@ -250,6 +280,8 @@ export const listMembersForAdmin = async () => {
users.username,
users.email,
users.avatar_url AS "avatarUrl",
users.is_admin AS "isAdmin",
users.user_role AS "roleCode",
users.created_at AS "createdAt",
users.updated_at AS "updatedAt",
users.last_seen_at AS "lastSeenAt",
@@ -272,13 +304,181 @@ export const listMembersForAdmin = async () => {
username: row.username,
email: row.email,
avatarUrl: row.avatarUrl || '',
isAdmin: Boolean(row.isAdmin),
roleCode: String(row.roleCode || MEMBER_ROLE.MEMBER),
createdAt: row.createdAt.toISOString(),
updatedAt: row.updatedAt.toISOString(),
lastSeenAt,
lastSeenIp: row.lastSeenIp || '',
commentCount: Number(row.commentCount || 0),
activityStatus: isActive ? '활성' : '비활성'
activityStatus: isActive ? '활성' : '비활성',
role: row.roleCode === MEMBER_ROLE.OWNER
? '소유자'
: row.roleCode === MEMBER_ROLE.ADMIN
? '관리자'
: '멤버'
}
})
}
/**
* 이메일 기준 관리자 회원 조회
* @param {string} email - 이메일
* @returns {Promise<MemberUser | null>} 관리자 회원
*/
export const getAdminUserByEmail = async (email) => {
const sql = requireSql()
const rows = await sql`
SELECT
id,
username,
email,
password_hash AS "passwordHash",
avatar_url AS "avatarUrl",
is_admin AS "isAdmin",
user_role AS "role",
created_at AS "createdAt",
updated_at AS "updatedAt",
last_seen_at AS "lastSeenAt",
last_seen_ip AS "lastSeenIp"
FROM users
WHERE lower(email) = lower(${email})
AND user_role = ANY(${PRIVILEGED_ROLES})
LIMIT 1
`
return rows?.[0] || null
}
/**
* 최초 관리자 등록 필요 여부를 확인한다.
* @returns {Promise<{ hasUsers: boolean, needsAdminSetup: boolean }>} 부트스트랩 상태
*/
export const getMemberBootstrapState = async () => {
const sql = requireSql()
const rows = await sql`
SELECT COUNT(*)::int AS "userCount"
FROM users
`
const userCount = Number(rows?.[0]?.userCount || 0)
return {
hasUsers: userCount > 0,
needsAdminSetup: userCount === 0
}
}
/**
* 관리자 권한을 가진 회원 여부를 확인한다.
* @param {string} userId - 사용자 ID
* @returns {Promise<boolean>} 관리자 권한 여부
*/
export const isPrivilegedMember = async (userId) => {
const sql = requireSql()
const rows = await sql`
SELECT id
FROM users
WHERE id = ${userId}
AND user_role = ANY(${PRIVILEGED_ROLES})
LIMIT 1
`
return Boolean(rows?.[0])
}
/**
* 관리자 화면에서 회원 권한을 변경한다.
* @param {{ actorUserId: string, targetUserId: string, role: 'owner' | 'admin' | 'member' }} input - 변경 정보
* @returns {Promise<{ id: string, roleCode: string, role: string, isAdmin: boolean }>} 변경 결과
*/
export const updateMemberRoleByAdmin = async (input) => {
const sql = requireSql()
const normalizedRole = String(input.role || '').trim()
const allowedRoles = [MEMBER_ROLE.OWNER, MEMBER_ROLE.ADMIN, MEMBER_ROLE.MEMBER]
if (!allowedRoles.includes(normalizedRole)) {
throw createError({
statusCode: 400,
message: '유효하지 않은 권한 값입니다.'
})
}
const actorCanManage = await isPrivilegedMember(input.actorUserId)
if (!actorCanManage) {
throw createError({
statusCode: 403,
message: '권한 변경 권한이 없습니다.'
})
}
const targetRows = await sql`
SELECT id, user_role AS "roleCode"
FROM users
WHERE id = ${input.targetUserId}
LIMIT 1
`
const target = targetRows?.[0]
if (!target) {
throw createError({
statusCode: 404,
message: '대상 회원을 찾을 수 없습니다.'
})
}
if (target.id === input.actorUserId && normalizedRole === MEMBER_ROLE.MEMBER) {
throw createError({
statusCode: 400,
message: '본인 계정을 멤버로 변경할 수 없습니다.'
})
}
if (target.roleCode === MEMBER_ROLE.OWNER && normalizedRole !== MEMBER_ROLE.OWNER) {
const ownerRows = await sql`
SELECT COUNT(*)::int AS "ownerCount"
FROM users
WHERE user_role = ${MEMBER_ROLE.OWNER}
`
if (Number(ownerRows?.[0]?.ownerCount || 0) <= 1) {
throw createError({
statusCode: 400,
message: '최소 1명의 소유자 권한은 유지되어야 합니다.'
})
}
}
const updatedRows = await sql`
UPDATE users
SET
user_role = ${normalizedRole},
is_admin = ${normalizedRole === MEMBER_ROLE.OWNER || normalizedRole === MEMBER_ROLE.ADMIN},
updated_at = now()
WHERE id = ${input.targetUserId}
RETURNING
id,
user_role AS "roleCode",
is_admin AS "isAdmin"
`
const updated = updatedRows?.[0]
if (!updated) {
throw createError({
statusCode: 500,
message: '권한 변경에 실패했습니다.'
})
}
return {
id: updated.id,
roleCode: updated.roleCode,
role: updated.roleCode === MEMBER_ROLE.OWNER
? '소유자'
: updated.roleCode === MEMBER_ROLE.ADMIN
? '관리자'
: '멤버',
isAdmin: Boolean(updated.isAdmin)
}
}