Skip to content

fix: 릴리즈 리뷰 반영 (StoreImage soft-delete·ID 빈값/0n 방어·discountRate clamp)#162

Merged
chanwoo7 merged 1 commit into
developfrom
fix/store-detail-review-followups
Jun 24, 2026
Merged

fix: 릴리즈 리뷰 반영 (StoreImage soft-delete·ID 빈값/0n 방어·discountRate clamp)#162
chanwoo7 merged 1 commit into
developfrom
fix/store-detail-review-followups

Conversation

@chanwoo7

Copy link
Copy Markdown
Member

Summary

릴리즈 PR #161 리뷰에서 나온 Codex P2 + CodeRabbit Functional 지적을 반영한다. store-detail 조회 API의 soft-delete 등록·입력 방어를 보강한다.

Scope

  • StoreImageSOFT_DELETE_MODELS에 등록 → 직접 조회 시 deleted_at 자동 필터 적용 (Codex P2)
  • storeProducts/storeReviews input의 ID(storeId·categoryId·cursor)에 @IsNotEmpty 추가 — 빈 문자열 차단
  • discountRate를 0~100으로 clamp — 음수 salePrice 등 비정상 데이터에도 공개 계약 보장
  • accountId 0n falsy 분기를 !== undefined로 (storeReviews·storeDetail — account id 0의 좋아요/찜 조회 누락 방지)
  • product-storefront service spec: "비활성 매장" / "soft-delete 매장" 케이스 분리·검증 추가

진행 상황

  • 릴리즈 PR #161에서 발견된 지적. develop에 반영하면 릴리즈 PR이 자동 갱신됨
  • CodeRabbit Major(서비스/리졸버 spec을 mock으로 전환)는 미반영 — 이 레포는 testcontainers 기반 realDB 통합 테스트가 모든 기존 spec에 확립된 컨벤션이라, 일반론적 mock 제안은 부적합(릴리즈 PR에 근거 코멘트 예정)

Impact

  • 조회 동작의 입력/soft-delete 방어 강화. 기존 정상 경로 동작 변화 없음
  • 스키마/계약 변경 없음

Test plan

  • yarn validate 통과(168 suites / 1403 tests) — 음수 clamp·soft-delete 매장 케이스 테스트 추가

…amp)

- StoreImage를 SOFT_DELETE_MODELS에 등록해 직접 조회 시 deleted_at 자동 필터 적용 (Codex P2)
- storeProducts/storeReviews input의 ID(storeId·categoryId·cursor)에 @isnotempty 추가 (빈 문자열 차단)
- discountRate를 0~100으로 clamp (음수 salePrice 방어)
- accountId 0n falsy 분기를 !== undefined로 (storeReviews·storeDetail — account id 0의 좋아요/찜 누락 방지)
- product-storefront service spec: 비활성/삭제 매장 케이스 분리 + soft-delete 검증 추가

CodeRabbit Functional + Codex P2 반영. CodeRabbit Major(spec을 mock으로 전환)는 testcontainers realDB 통합 컨벤션 유지로 미반영.
@coderabbitai

coderabbitai Bot commented Jun 24, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: bb53fe7a-fb85-4e08-b399-5a4cb7afa4ec

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/store-detail-review-followups

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions

Copy link
Copy Markdown

🧹 knip — dead-code 리포트

요약 항목 없음
전체 리포트
(knip 출력 없음 — 이슈 0이거나 실행 실패)

청소 후보(오탐 가능) · 기준 docs/guide/architecture-conventions.md

@github-actions

Copy link
Copy Markdown

🩺 NestJS Doctor — 89/100 (Good)

진단 259건 (error 0).

Category error warning info
architecture 0 0 13
correctness 0 109 0
performance 0 24 16
schema 0 0 84
security 0 13 0
architecture / security 상위 항목
  • info architecture/architecture/no-barrel-export-internals: Barrel file re-exports internal type 'IAuditLogRepository'.
  • warning security/security/no-exposed-env-vars: Direct 'process.env.NODE_ENV' access in 'AuthController'. Use ConfigService instead.
  • warning security/security/require-guards-on-endpoints: Endpoint 'start' has no @UseGuards() at class or method level.
  • warning security/security/require-guards-on-endpoints: Endpoint 'callback' has no @UseGuards() at class or method level.
  • warning security/security/require-guards-on-endpoints: Endpoint 'refresh' has no @UseGuards() at class or method level.
  • warning security/security/require-guards-on-endpoints: Endpoint 'logout' has no @UseGuards() at class or method level.
  • warning security/security/require-guards-on-endpoints: Endpoint 'sellerLogin' has no @UseGuards() at class or method level.
  • warning security/security/require-guards-on-endpoints: Endpoint 'sellerRefresh' has no @UseGuards() at class or method level.
  • warning security/security/require-guards-on-endpoints: Endpoint 'sellerLogout' has no @UseGuards() at class or method level.
  • warning security/security/require-guards-on-endpoints: Endpoint 'devIssueToken' has no @UseGuards() at class or method level.
  • info architecture/architecture/no-barrel-export-internals: Barrel file re-exports internal module '@/features/conversation/repositories/conversation.repository'.
  • info architecture/architecture/no-barrel-export-internals: Barrel file re-exports internal type 'ConversationRepository'.
  • info architecture/architecture/no-barrel-export-internals: Barrel file re-exports internal module '@/features/order/repositories/order.repository'.
  • info architecture/architecture/no-barrel-export-internals: Barrel file re-exports internal type 'OrderRepository'.
  • info architecture/architecture/no-barrel-export-internals: Barrel file re-exports internal module '@/features/product/repositories/product.repository'.

오탐 포함 가능 · 기준 docs/guide/architecture-conventions.md

@codecov

codecov Bot commented Jun 24, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@github-actions

Copy link
Copy Markdown

Coverage report

St.
Category Percentage Covered / Total
🟢 Statements 97.49% 4041/4145
🟢 Branches 93.3% 1268/1359
🟢 Functions 94.9% 763/804
🟢 Lines 97.9% 3685/3764

Test suite run success

1403 tests passing in 168 suites.

Report generated by 🧪jest coverage report action from 41c1df9

@chanwoo7 chanwoo7 merged commit 64ea223 into develop Jun 24, 2026
12 checks passed
@chanwoo7 chanwoo7 deleted the fix/store-detail-review-followups branch June 24, 2026 12:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant