fix: Post Delete, validate post is owned

src/main/java/com/bugflix/weblog/post/controller/PostController.java

@@ -44,7 +44,7 @@ public class PostController {
      * - 2. weblog page 에서 저장 요청
      */
     @PostMapping("/v1/posts")
-    @Operation(summary = "Post 저장",description = "사용자가 작성한 Post를 저장합니다.")
+    @Operation(summary = "Post 저장", description = "사용자가 작성한 Post를 저장합니다.")
     public ResponseEntity<Void> savePost(@Valid @RequestBody PostRequest postRequest,
                                          @AuthenticationPrincipal UserDetails userDetails) {
         postServiceImpl.savePost(postRequest, userDetails);
@@ -165,7 +165,7 @@ public ResponseEntity<List<PostPreviewResponse>> getMyPostPreview(@RequestParam(
         List<PostPreviewResponse> postPreviewResponses;
 
         if (url == null) postPreviewResponses = postServiceImpl.getMyPostPreview(userDetails);
-        else postPreviewResponses = postServiceImpl.getMyPostPreview(url,userDetails);
+        else postPreviewResponses = postServiceImpl.getMyPostPreview(url, userDetails);
 
         return ResponseEntity.ok(postPreviewResponses);
     }
@@ -181,10 +181,10 @@ public ResponseEntity<List<PostPreviewResponse>> getMyPostPreview(@RequestParam(
      * - postId 로 Post 삭제
      */
     @DeleteMapping("/v1/posts/{postId}")
-    @Operation(summary = "Post 삭제",description = "사용자가 자신의 Post를 삭제합니다.")
-    public ResponseEntity<Void> deletePost(@PathVariable Long postId) {
-
-        postServiceImpl.deletePost(postId);
+    @Operation(summary = "Post 삭제", description = "사용자가 자신의 Post를 삭제합니다.")
+    public ResponseEntity<Void> deletePost(@PathVariable Long postId,
+                                           @AuthenticationPrincipal UserDetails userDetails) {
+        postServiceImpl.deletePost(postId, userDetails);
         return ResponseEntity.ok().build();
     }
 

src/main/java/com/bugflix/weblog/post/service/PostServiceImpl.java

@@ -24,10 +24,7 @@
 
 
 import java.time.LocalDateTime;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Optional;
-import java.util.Set;
+import java.util.*;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
@@ -286,12 +283,21 @@ public List<PostPreviewResponse> getMyPostPreview(UserDetails userDetails) {
      * - 존재하면 delete
      * - 존재하지 않으면 IllegalArgumentException 예외 처리 ( Invalid postId )
      */
-    public void deletePost(Long postId) throws IllegalArgumentException {
+    public void deletePost(Long postId, UserDetails userDetails) throws IllegalArgumentException {
+        Long userId = ((CustomUserDetails) userDetails).getUser().getUserId();
         // Todo Global Exception Handler 생성
         Post post = postRepository.findById(postId).orElseThrow(() -> new IllegalArgumentException("Invalid Post Id"));
+        validateIsOwnedPost(post, userId);
+
         postRepository.delete(post);
     }
 
+    private void validateIsOwnedPost(Post post, Long userId) {
+        if (!Objects.equals(userId, post.getUser().getUserId())) {
+            throw new RuntimeException("소유하지 않은 Post입니다.");
+        }
+    }
+
     public List<PostPreviewResponse> getPopularPosts(PostPopularRequest postPopularRequest) {
         List<PostPreviewResponse> postPreviews = new ArrayList<>();
 
@@ -301,10 +307,10 @@ public List<PostPreviewResponse> getPopularPosts(PostPopularRequest postPopularR
                 criterion,
                 // todo: offset -> 0, 1, 2순으로 클라이언트 코드 수정 or API 서버에서 공통처리하는 로직 작성
                 PageRequest.of(postPopularRequest.getOffset() / postPopularRequest.getLimit(),
-                postPopularRequest.getLimit()));
+                        postPopularRequest.getLimit()));
 
         // todo stream으로 개선
-        for(Post post : postList) {
+        for (Post post : postList) {
             Long postId = post.getPostId();
 
             PostPreviewResponse postPreview = new PostPreviewResponse(