[feat] 이미지 업로드 기능 구현

Vloeiolzlr · web-flow · commit e58323d172e6 · 2025-11-20T16:31:17.000+09:00
diff --git a/build.gradle b/build.gradle
@@ -32,9 +32,15 @@ dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-web'
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
 
+	// AWS S3 연동 라이브러리
+	implementation 'io.awspring.cloud:spring-cloud-aws-starter-s3:3.1.0'
+
 	// Spring Security
 	implementation 'org.springframework.boot:spring-boot-starter-security'
 
+	// [추가] Spring Security Test 라이브러리
+	testImplementation 'org.springframework.security:spring-security-test'
+
 	// ⬇JWT (Java JWT)
 	implementation 'io.jsonwebtoken:jjwt-api:0.12.3'
 	runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.3'
diff --git a/src/main/java/com/web/coreclass/CoreclassApplication.java b/src/main/java/com/web/coreclass/CoreclassApplication.java
@@ -11,7 +11,7 @@
 import org.springframework.security.crypto.password.PasswordEncoder;
 
 @SpringBootApplication
-@EnableJpaAuditing
+//@EnableJpaAuditing
 @Slf4j
 public class CoreclassApplication {
 
diff --git a/src/main/java/com/web/coreclass/global/config/JpaConfig.java b/src/main/java/com/web/coreclass/global/config/JpaConfig.java
@@ -0,0 +1,9 @@
+package com.web.coreclass.global.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
+
+@Configuration
+@EnableJpaAuditing
+public class JpaConfig {
+}
diff --git a/src/main/java/com/web/coreclass/global/config/SecurityConfig.java b/src/main/java/com/web/coreclass/global/config/SecurityConfig.java
@@ -84,6 +84,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                         .requestMatchers(HttpMethod.PUT, "/api/instructor/**").hasRole("ADMIN")
                         .requestMatchers(HttpMethod.DELETE, "/api/instructor/**").hasRole("ADMIN")
 
+                        // --- 이미지 업로드 API는 ADMIN 권한 필요 ---
+                        .requestMatchers(HttpMethod.POST, "/api/image/upload").hasRole("ADMIN")
                         // --- 그 외 모든 요청 ---
                         .anyRequest().authenticated()
                 )
diff --git a/src/main/java/com/web/coreclass/global/s3/ImageController.java b/src/main/java/com/web/coreclass/global/s3/ImageController.java
@@ -0,0 +1,28 @@
+package com.web.coreclass.global.s3;
+
+import com.web.coreclass.global.s3.S3Uploader;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestPart;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.multipart.MultipartFile;
+
+@Tag(name = "Image Upload", description = "이미지 업로드 API")
+@RestController
+@RequestMapping("/api/image")
+@RequiredArgsConstructor
+public class ImageController {
+    private final S3Uploader s3Uploader;
+
+    @Operation(summary = "이미지 업로드", description = "이미지 파일을 업로드하고 URL을 반환받습니다.")
+    @PostMapping(value = "/upload", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
+    public ResponseEntity<String> uploadImage(@RequestPart("file") MultipartFile file) {
+        String imageUrl = s3Uploader.upload(file);
+        return ResponseEntity.ok(imageUrl);
+    }
+}
diff --git a/src/main/java/com/web/coreclass/global/s3/S3Uploader.java b/src/main/java/com/web/coreclass/global/s3/S3Uploader.java
@@ -0,0 +1,41 @@
+package com.web.coreclass.global.s3;
+
+import io.awspring.cloud.s3.S3Template;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Service;
+import org.springframework.web.multipart.MultipartFile;
+
+import java.io.IOException;
+import java.util.UUID;
+
+@Service
+@RequiredArgsConstructor
+public class S3Uploader {
+
+    private final S3Template s3Template;
+
+    @Value("${spring.cloud.aws.s3.bucket}")
+    private String bucket;
+
+    public String upload(MultipartFile file) {
+        if (file.isEmpty()) {
+            throw new IllegalArgumentException("빈 파일은 업로드할 수 없습니다.");
+        }
+
+        try {
+            // 1. 파일 이름 중복 방지를 위해 UUID 사용 (예: uuid_originalName.png)
+            String originalFileName = file.getOriginalFilename();
+            String uuidFileName = UUID.randomUUID() + "_" + originalFileName;
+
+            // 2. S3에 업로드 (InputStream 사용)
+            s3Template.upload(bucket, uuidFileName, file.getInputStream());
+
+            // 3. 업로드된 파일의 접근 가능한 URL 반환
+            return s3Template.download(bucket, uuidFileName).getURL().toString();
+
+        } catch (IOException e) {
+            throw new RuntimeException("이미지 업로드 중 오류가 발생했습니다.", e);
+        }
+    }
+}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
@@ -1,54 +1,47 @@
 spring.application.name=coreclass
 
-## Test InMemory DB
-#spring.datasource.url=jdbc:h2:mem:testdb
-#spring.datasource.driverClassName=org.h2.Driver
-#spring.datasource.username=sa
-#spring.datasource.password=
-
-# DDL(??? ??/??) ??
+# DDL ??
 spring.jpa.hibernate.ddl-auto=update
 
-# MySQL Setting
-#spring.datasource.url=jdbc:mysql://localhost:3306/sgea?useSSL=false&serverTimezone=UTC&allowPublicKeyRetrieval=true
-#spring.datasource.username=root
-#spring.datasource.password=root
-#spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
-# MySQL Setting Deploy
-spring.datasource.url=second-generation-backend-db.c1wmgymweu6m.ap-northeast-2.rds.amazonaws.com
-spring.datasource.username=admin
-spring.datasource.password=admin123!
+# ==========================================
+# ? Database Setting (???? ??)
+# ==========================================
+spring.datasource.url=${DB_URL}
+spring.datasource.username=${DB_USERNAME}
+spring.datasource.password=${DB_PASSWORD}
 spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
-# com.web.coreclass ???(?? ???? ???) ??? ?? ??? DEBUG? ??
+
+# Logging
 logging.level.com.web.coreclass=DEBUG
 
-# (Optional) H2 ?? ?? (??? ? ??)
-# spring.h2.console.enabled=true
+# ==========================================
+# ? AWS S3 Setting (???? ??)
+# ==========================================
+spring.cloud.aws.s3.bucket=${AWS_S3_BUCKET}
+spring.cloud.aws.region.static=ap-northeast-2
+spring.cloud.aws.credentials.access-key=${AWS_ACCESS_KEY}
+spring.cloud.aws.credentials.secret-key=${AWS_SECRET_KEY}
+
+# File Upload Limit
+spring.servlet.multipart.max-file-size=10MB
+spring.servlet.multipart.max-request-size=10MB
+
+# ==========================================
+# ? JWT Setting (???? ??)
+# ==========================================
+jwt.secret=${JWT_SECRET}
+jwt.expiration-ms=3600000
 
-# Swagger Spring UI Setting
-# ?? ??? ????? ??
+# Swagger Config (?? ?? ??)
 springdoc.packages-to-scan=com.web.coreclass
-# API? ?? ? ???? ?? ??? ?? ??
 springdoc.default-consumes-media-type=application/json;charset=UTF-8
 springdoc.default-produces-media-type=application/json;charset=UTF-8
-# OpenAPI ?? ??? ?? ?? ?? ( true = ???? )
 springdoc.cache.disabled=true
-# OpenAPI ?? ??? ?? ??( ??? = /v3/api-docs )
 springdoc.api-docs.path=/api-docs/json
-# API ???? ???
 springdoc.api-docs.groups.enabled=true
-# Swagger UI ??? ??
 springdoc.swagger-ui.enabled=true
-# Swagger UI ?? ?? ( ??? = /Swagger-ui.html )
 springdoc.swagger-ui.path=/Swagger-ui.html
-# ?? & ????? ?????? ??
 springdoc.swagger-ui.tags-sorter=alpha
 springdoc.swagger-ui.operations-sorter=alpha
 
-#JWT
-jwt.secret=NGMyZDliMGU1N2ZhYjU1NzViYjM2Y2VjYjhiMjYxNGE2M2EwNmMwZjVhZmE1ODRhNjRlN2E3MDIzMmE1ZDA3NQo=
-
-# ?? ?? ?? (1?? = 3600 * 1000ms)
-jwt.expiration-ms=3600000
-
-server.address = 0.0.0.0
+server.address=0.0.0.0
diff --git a/src/test/java/com/web/coreclass/ImageControllerTest.java b/src/test/java/com/web/coreclass/ImageControllerTest.java
@@ -0,0 +1,76 @@
+package com.web.coreclass;
+
+import com.web.coreclass.domain.admin.repository.AdminRepository;
+import com.web.coreclass.global.s3.ImageController;
+import com.web.coreclass.global.config.SecurityConfig; // ⬅️ 실제 설정 가져오기
+import com.web.coreclass.global.jwt.JwtAuthenticationFilter;
+import com.web.coreclass.global.jwt.JwtProvider;
+import com.web.coreclass.global.s3.S3Uploader;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.boot.test.mock.mockito.MockBean;
+import org.springframework.context.annotation.Import;
+import org.springframework.http.MediaType;
+import org.springframework.mock.web.MockMultipartFile;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.web.servlet.MockMvc;
+
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.BDDMockito.given;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.multipart;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+@WebMvcTest(ImageController.class)
+// 💡 핵심 1: 실제 SecurityConfig와 필터를 가져와서 환경을 똑같이 맞춥니다.
+@Import({SecurityConfig.class, JwtAuthenticationFilter.class})
+class ImageControllerTest {
+
+    @Autowired
+    private MockMvc mockMvc;
+
+    @MockBean
+    private S3Uploader s3Uploader;
+
+    // 💡 핵심 2: 필터가 동작할 때 필요한 '재료'만 가짜로 넣어줍니다.
+    @MockBean
+    private JwtProvider jwtProvider;
+
+    // 메인 앱(CoreclassApplication) 실행 시 필요한 빈들 (오류 방지용)
+    @MockBean
+    private AdminRepository adminRepository;
+
+    // SecurityConfig가 PasswordEncoder를 빈으로 등록하므로,
+    // 여기서는 MockBean을 쓰지 않고 실제 빈을 사용하거나
+    // 충돌 방지를 위해 굳이 선언하지 않아도 됩니다. (하지만 명시적 Mocking도 괜찮습니다)
+    // 여기서는 SecurityConfig의 빈을 사용하도록 MockBean 생략
+
+    @Test
+    @DisplayName("이미지 업로드 테스트: S3에 가지 않고 가짜 URL을 반환한다")
+    @WithMockUser(roles = "ADMIN") // 관리자 권한으로 실행
+    void uploadImageTest() throws Exception {
+        // Given: 가짜 파일 생성
+        MockMultipartFile fakeFile = new MockMultipartFile(
+                "file",
+                "test.png",
+                MediaType.IMAGE_PNG_VALUE,
+                "test image content".getBytes()
+        );
+
+        // Mocking: s3Uploader가 호출되면 가짜 URL 반환
+        given(s3Uploader.upload(any())).willReturn("https://fake-s3-url.com/test.png");
+
+        // When & Then
+        mockMvc.perform(multipart("/api/image/upload")
+                        .file(fakeFile))
+                // 💡 핵심 3: .with(csrf()) 제거 (SecurityConfig에서 이미 껐으므로 불필요)
+                // 💡 핵심 4: .contentType(...) 절대 금지 (자동 설정을 방해함)
+                .andExpect(status().isOk())
+                .andExpect(content().string("https://fake-s3-url.com/test.png"))
+                .andDo(print());
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -84,6 +84,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {`
`84`	`84`	`.requestMatchers(HttpMethod.PUT, "/api/instructor/**").hasRole("ADMIN")`
`85`	`85`	`.requestMatchers(HttpMethod.DELETE, "/api/instructor/**").hasRole("ADMIN")`
`86`	`86`
	`87`	`+ // --- 이미지 업로드 API는 ADMIN 권한 필요 ---`
	`88`	`+ .requestMatchers(HttpMethod.POST, "/api/image/upload").hasRole("ADMIN")`
`87`	`89`	`// --- 그 외 모든 요청 ---`
`88`	`90`	`.anyRequest().authenticated()`
`89`	`91`	`)`