refactor(api): Map→SaveReq DTO 교체 + 입력 검증 + 잔여 Enum 적용 (리뷰 3b)

infra-reviewer가 지적한 입력 검증 누락 5건과 잔여 매직 스트링 정리.

Map<String,String> 입력 제거 — 신규 DTO 4종:
- auth/ChangePasswordReq (@NotBlank oldPassword/newPassword)
- auth/RefreshTokenReq (@NotBlank refreshToken)
- controller/settle/PaymentStatusUpdateReq (@NotBlank status)
- controller/receive/ResolveErrorReq (@NotBlank status, optional note)

검증 보강:
- PaymentController.generateTransferFile — settleMonth @Pattern("\d{6}")
- UploadController.preview — limit @Max(100)

잔여 매직 스트링 → 3a Enum 적용:
- AuthService 4곳 — UserStatus.LOCKED/RETIRED/ACTIVE
- UserService 2곳 — UserStatus.ACTIVE
- LedgerService:71 — ExceptionLedgerStatus.NEW
This commit is contained in:
GA Pro
2026-05-12 23:28:41 +09:00
parent 693275e9e0
commit af3c6b9d51
11 changed files with 87 additions and 24 deletions
@@ -8,8 +8,6 @@ import jakarta.validation.Valid;
import lombok.RequiredArgsConstructor;
import org.springframework.web.bind.annotation.*;
import java.util.Map;
@Tag(name = "인증")
@RestController
@RequestMapping("/api/auth")
@@ -24,8 +22,8 @@ public class AuthController {
}
@PostMapping("/refresh")
public ApiResponse<LoginResp> refresh(@RequestBody Map<String, String> body) {
return ApiResponse.ok(authService.refresh(body.get("refreshToken")));
public ApiResponse<LoginResp> refresh(@Valid @RequestBody RefreshTokenReq req) {
return ApiResponse.ok(authService.refresh(req.getRefreshToken()));
}
@GetMapping("/me")
@@ -34,8 +32,8 @@ public class AuthController {
}
@PostMapping("/password")
public ApiResponse<Void> changePassword(@RequestBody Map<String, String> body) {
authService.changePassword(body.get("oldPassword"), body.get("newPassword"));
public ApiResponse<Void> changePassword(@Valid @RequestBody ChangePasswordReq req) {
authService.changePassword(req.getOldPassword(), req.getNewPassword());
return ApiResponse.ok();
}