Skip to content

feat(store): store 검색 #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
HyemIin merged 2 commits into from
Jun 16, 2025
Merged

feat(store): store 검색 #27

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
654ebf3
feat(store): store 검색
HyemIin Jun 16, 2025
bcca43a
feat(store): store 검색
HyemIin Jun 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions src/main/java/com/example/gtable/store/controller/StoreController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import com.example.gtable.global.api.ApiUtils;
Expand Down Expand Up @@ -86,4 +87,15 @@ public ResponseEntity<?> deleteStore(@PathVariable Long storeId) {
)
);
}

@GetMapping("/search")
public ResponseEntity<?> searchStores(@RequestParam("name") String name) {
return ResponseEntity
.ok()
.body(
ApiUtils.success(
storeService.searchStoresByName(name)
)
);
}
Comment on lines +91 to +100
Copy link

@coderabbitai coderabbitai bot Jun 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

엔티티 직접 반환으로 API 응답 일관성/보안 문제
서비스가 Store 엔티티를 그대로 반환하므로 컨트롤러도 그대로 노출하고 있습니다. 기존 엔드포인트는 모두 DTO를 사용하므로 API 스키마가 달라집니다. 또한 내부 필드(삭제 플래그 등) 노출 가능성이 있습니다. 서비스·DTO 구조가 정리된 뒤 응답 타입도 함께 수정해 주세요.
추가로 name 파라미터에 대해 @NotBlank 등 검증을 적용하면 부적절한 요청을 미연에 방지할 수 있습니다.

🤖 Prompt for AI Agents 
In src/main/java/com/example/gtable/store/controller/StoreController.java around
lines 91 to 100, the searchStores method currently returns Store entities
directly, causing inconsistency with other endpoints that use DTOs and risking
exposure of internal fields. Refactor the method to convert the Store entities
returned by storeService.searchStoresByName(name) into appropriate DTOs before
returning them in the response. Also, add validation annotation such as
@NotBlank to the 'name' request parameter to prevent invalid requests early.

}
2 changes: 2 additions & 0 deletions src/main/java/com/example/gtable/store/repository/StoreRepository.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,6 @@ public interface StoreRepository extends JpaRepository<Store, Long> {
List<Store> findAllByDeletedFalse();

Optional<Store> findByStoreIdAndDeletedFalse(Long storeId);

List<Store> findByNameContainingIgnoreCase(String name);
}
5 changes: 5 additions & 0 deletions src/main/java/com/example/gtable/store/service/StoreService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,13 @@
package com.example.gtable.store.service;

import java.util.List;

import com.example.gtable.store.dto.StoreCreateRequest;
import com.example.gtable.store.dto.StoreCreateResponse;
import com.example.gtable.store.dto.StoreReadDto;
import com.example.gtable.store.dto.StoreReadResponse;
import com.example.gtable.store.dto.StoreUpdateRequest;
import com.example.gtable.store.model.Store;

public interface StoreService {

Expand All @@ -18,4 +21,6 @@ public interface StoreService {

String deleteStore(Long storeId);

List<Store> searchStoresByName(String name);

Copy link

@coderabbitai coderabbitai bot Jun 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

서비스 계층이 엔티티를 직접 노출하고 있습니다
다른 메서드는 모두 DTO(StoreReadDto, StoreReadResponse 등)를 반환하는데, 새로 추가된 searchStoresByNameStore 엔티티를 그대로 반환하여 API 스키마가 불일치합니다. 민감 필드 노출 가능성과 계층 분리 훼손이 우려됩니다. DTO 리스트 혹은 별도 Response 클래스로 바꾸는 리팩터가 필요합니다.

-	List<Store> searchStoresByName(String name);
+	List<StoreReadDto> searchStoresByName(String name);
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
List<Store> searchStoresByName(String name);
List<StoreReadDto> searchStoresByName(String name);
🤖 Prompt for AI Agents 
In src/main/java/com/example/gtable/store/service/StoreService.java around lines
24 to 25, the method searchStoresByName currently returns a List of Store
entities directly, which breaks the API schema consistency and risks exposing
sensitive fields. Refactor this method to return a List of appropriate DTOs such
as StoreReadDto or a dedicated response class instead of the entity. Update the
method signature and implementation accordingly to map Store entities to the
DTOs before returning.

}
6 changes: 6 additions & 0 deletions src/main/java/com/example/gtable/store/service/StoreServiceImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,4 +91,10 @@ public String deleteStore(Long storeId) {

return "Store ID " + storeId + " 삭제되었습니다.";
}

@Override
public List<Store> searchStoresByName(String name) {
return storeRepository.findByNameContainingIgnoreCase(name);
}
Copy link

@coderabbitai coderabbitai bot Jun 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

트랜잭션 옵션·삭제 필터·DTO 변환 누락

  1. readOnly 속성이 없어 불필요한 쓰기 락이 걸릴 수 있습니다.
  2. 삭제된 매장까지 함께 조회됩니다.
  3. 엔티티를 그대로 반환하여 외부 노출 위험이 있습니다.

아래와 같이 한 번에 개선해 주세요.

-	@Override
-	public List<Store> searchStoresByName(String name) {
-		return storeRepository.findByNameContainingIgnoreCase(name);
-	}
+	@Override
+	@Transactional(readOnly = true)
+	public List<StoreReadDto> searchStoresByName(String name) {
+		return storeRepository.findByNameContainingIgnoreCaseAndDeletedFalse(name)
+			.stream()
+			.map(StoreReadDto::fromEntity)
+			.toList();
+	}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
@Override
public List<Store> searchStoresByName(String name) {
return storeRepository.findByNameContainingIgnoreCase(name);
}
@Override
@Transactional(readOnly = true)
public List<StoreReadDto> searchStoresByName(String name) {
return storeRepository
.findByNameContainingIgnoreCaseAndDeletedFalse(name)
.stream()
.map(StoreReadDto::fromEntity)
.toList();
}
🤖 Prompt for AI Agents 
In src/main/java/com/example/gtable/store/service/StoreServiceImpl.java around
lines 95 to 98, the searchStoresByName method lacks a readOnly transaction
annotation, does not filter out deleted stores, and returns entity objects
directly, risking external exposure. Add @Transactional(readOnly = true) to
optimize transaction handling, modify the repository query or add filtering to
exclude deleted stores, and convert the resulting entities to DTOs before
returning to prevent exposing internal entity details.


}
1 change: 0 additions & 1 deletion src/main/java/com/example/gtable/user/service/UserService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

Expand Down
Loading