solid-connection · JAEHEE25 · Dec 28, 2025 · Jan 1, 2026 · Jan 2, 2026 · Jan 3, 2026
@@ -0,0 +1,42 @@
+package com.example.solidconnection.admin.controller;
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PatchMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import com.example.solidconnection.admin.dto.UserBanRequest;
+import com.example.solidconnection.admin.service.AdminUserBanService;
+import com.example.solidconnection.common.resolver.AuthorizedUser;
+
+import jakarta.validation.Valid;
+import lombok.RequiredArgsConstructor;
+
+@RequiredArgsConstructor
+@RequestMapping("/admin/users")
+@RestController
+public class AdminUserBanController {
+	private final AdminUserBanService adminUserBanService;
+
+	@PostMapping("/{user-id}/ban")
+	public ResponseEntity<Void> banUser(
+			@AuthorizedUser long adminId,
+			@PathVariable(name = "user-id") long userId,
+			@Valid @RequestBody UserBanRequest request
+	) {
+		adminUserBanService.banUser(userId, adminId, request);
+		return ResponseEntity.ok().build();
+	}
+
+    @PatchMapping("/{user-id}/unban")
+    public ResponseEntity<Void> unbanUser(
+            @AuthorizedUser long adminId,
+            @PathVariable(name = "user-id") long userId
+    ) {
+        adminUserBanService.unbanUser(userId, adminId);
+        return ResponseEntity.ok().build();
+    }
+}
@@ -0,0 +1,11 @@
+package com.example.solidconnection.admin.dto;
+
+import com.example.solidconnection.siteuser.domain.UserBanDuration;
+
+import jakarta.validation.constraints.NotNull;
+
+public record UserBanRequest(
+    @NotNull(message = "차단 기간을 입력해주세요.")
+	UserBanDuration duration
+) {
+}
@@ -0,0 +1,113 @@
+package com.example.solidconnection.admin.service;
+
+import static java.time.ZoneOffset.UTC;
+
+import com.example.solidconnection.admin.dto.UserBanRequest;
+import com.example.solidconnection.chat.repository.ChatMessageRepository;
+import com.example.solidconnection.common.exception.CustomException;
+import com.example.solidconnection.common.exception.ErrorCode;
+import com.example.solidconnection.community.post.repository.PostRepository;
+import com.example.solidconnection.report.repository.ReportRepository;
+import com.example.solidconnection.siteuser.domain.SiteUser;
+import com.example.solidconnection.siteuser.domain.UserBan;
+import com.example.solidconnection.siteuser.domain.UserStatus;
+import com.example.solidconnection.siteuser.repository.SiteUserRepository;
+import com.example.solidconnection.siteuser.repository.UserBanRepository;
+import java.time.ZonedDateTime;
+import java.util.List;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Slf4j
+@RequiredArgsConstructor
+@Service
+public class AdminUserBanService {
+
+    private final UserBanRepository userBanRepository;
+    private final ReportRepository reportRepository;
+    private final SiteUserRepository siteUserRepository;
+    private final PostRepository postRepository;
+    private final ChatMessageRepository chatMessageRepository;
+
+    @Transactional
+    public void banUser(long userId, long adminId, UserBanRequest request) {
+        SiteUser user = siteUserRepository.findById(userId)
+                .orElseThrow(() -> new CustomException(ErrorCode.USER_NOT_FOUND));
+        validateNotAlreadyBanned(userId);
+        validateReportExists(userId);
+
+        user.updateUserStatus(UserStatus.BANNED);
+        updateReportedContentIsDeleted(userId, true);
+        createUserBan(userId, adminId, request);
+    }
+
+    private void validateNotAlreadyBanned(long userId) {
+        if (userBanRepository.existsByBannedUserIdAndIsExpiredFalseAndExpiredAtAfter(userId, ZonedDateTime.now(UTC))) {
+            throw new CustomException(ErrorCode.ALREADY_BANNED_USER);
+        }
+    }
+
+    private void validateReportExists(long userId) {
+        if (!reportRepository.existsByReportedId(userId)) {
+            throw new CustomException(ErrorCode.REPORT_NOT_FOUND);
+        }
+    }
+
+    private void updateReportedContentIsDeleted(long userId, boolean isDeleted) {
+        postRepository.updateReportedPostsIsDeleted(userId, isDeleted);
+        chatMessageRepository.updateReportedChatMessagesIsDeleted(userId, isDeleted);
+    }
+
+    private void createUserBan(long userId, long adminId, UserBanRequest request) {
+        ZonedDateTime now = ZonedDateTime.now(UTC);
+        ZonedDateTime expiredAt = now.plusDays(request.duration().getDays());
+        UserBan userBan = new UserBan(userId, adminId, request.duration(), expiredAt);
+        userBanRepository.save(userBan);
+    }
+
+    @Transactional
+    public void unbanUser(long userId, long adminId) {
+        SiteUser user = siteUserRepository.findById(userId)
+                .orElseThrow(() -> new CustomException(ErrorCode.USER_NOT_FOUND));
+        UserBan userBan = findActiveBan(userId);
+        userBan.manuallyUnban(adminId);
+
+        user.updateUserStatus(UserStatus.REPORTED);
+        updateReportedContentIsDeleted(userId, false);
+    }
+
+    private UserBan findActiveBan(long userId) {
+        return userBanRepository
+                .findByBannedUserIdAndIsExpiredFalseAndExpiredAtAfter(userId, ZonedDateTime.now(UTC))
+                .orElseThrow(() -> new CustomException(ErrorCode.NOT_BANNED_USER));
+    }
+
+    @Transactional
+    @Scheduled(cron = "0 0 0 * * *")
+    public void expireUserBans() {
+        try {
+            ZonedDateTime now = ZonedDateTime.now(UTC);
+            List<Long> expiredUserIds = userBanRepository.findExpiredBannedUserIds(now);
+
+            if (expiredUserIds.isEmpty()) {
+                return;
+            }
+
+            userBanRepository.bulkExpireUserBans(now);
+            siteUserRepository.bulkUpdateUserStatus(expiredUserIds, UserStatus.REPORTED);
+            bulkUpdateReportedContentIsDeleted(expiredUserIds);
+            log.info("Finished processing expired blocks:: userIds={}", expiredUserIds);
+        } catch (Exception e) {
+            log.error("Failed to process expired blocks", e);
+        }
+    }
+
+    private void bulkUpdateReportedContentIsDeleted(List<Long> expiredUserIds) {
+        postRepository.bulkUpdateReportedPostsIsDeleted(expiredUserIds, false);
+        chatMessageRepository.bulkUpdateReportedChatMessagesIsDeleted(expiredUserIds, false);
+    }
+
+}
@@ -1,9 +1,6 @@
 package com.example.solidconnection.auth.dto;
 
-import com.example.solidconnection.siteuser.domain.AuthType;
 import com.example.solidconnection.siteuser.domain.ExchangeStatus;
-import com.example.solidconnection.siteuser.domain.Role;
-import com.example.solidconnection.siteuser.domain.SiteUser;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import jakarta.validation.constraints.NotBlank;
 import java.util.List;
@@ -20,27 +17,4 @@ public record SignUpRequest(
 
         @NotBlank(message = "닉네임을 입력해주세요.")
         String nickname) {
-
-    public SiteUser toOAuthSiteUser(String email, AuthType authType) {
-        return new SiteUser(
-                email,
-                this.nickname,
-                this.profileImageUrl,
-                this.exchangeStatus,
-                Role.MENTEE,
-                authType
-        );
-    }
-
-    public SiteUser toEmailSiteUser(String email, String encodedPassword) {
-        return new SiteUser(
-                email,
-                this.nickname,
-                this.profileImageUrl,
-                this.exchangeStatus,
-                Role.MENTEE,
-                AuthType.EMAIL,
-                encodedPassword
-        );
-    }
 }
@@ -13,6 +13,7 @@
 import com.example.solidconnection.siteuser.domain.AuthType;
 import com.example.solidconnection.siteuser.domain.Role;
 import com.example.solidconnection.siteuser.domain.SiteUser;
+import com.example.solidconnection.siteuser.domain.UserStatus;
 import com.example.solidconnection.siteuser.repository.SiteUserRepository;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
@@ -56,7 +57,8 @@ public SignInResponse signUp(SignUpRequest signUpRequest) {
                 signUpRequest.exchangeStatus(),
                 Role.MENTEE,
                 authType,
-                password
+                password,
+                UserStatus.ACTIVE
         ));
 
         // 관심 지역, 국가 저장

@@ -15,10 +15,12 @@
 import lombok.AccessLevel;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
+import org.hibernate.annotations.Where;
 
 @Entity
 @Getter
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
+@Where(clause = "is_deleted = false")
 public class ChatMessage extends BaseEntity {
 
     @Id
@@ -33,6 +35,9 @@ public class ChatMessage extends BaseEntity {
     @ManyToOne(fetch = FetchType.LAZY)
     private ChatRoom chatRoom;
 
+    @Column(name = "is_deleted", columnDefinition = "boolean default false", nullable = false)
+    private boolean isDeleted = false;
+
     @OneToMany(mappedBy = "chatMessage", cascade = CascadeType.ALL, orphanRemoval = true)
     private final List<ChatAttachment> chatAttachments = new ArrayList<>();
 

@@ -6,6 +6,7 @@
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.domain.Slice;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Modifying;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
 
@@ -48,4 +49,20 @@ SELECT MAX(cm2.id)
            GROUP BY cm.chatRoom.id
            """)
     List<UnreadCountDto> countUnreadMessagesBatch(@Param("chatRoomIds") List<Long> chatRoomIds, @Param("userId") long userId);
+
+    @Modifying(clearAutomatically = true, flushAutomatically = true)
+    @Query(value = """
+           UPDATE chat_message cm SET cm.is_deleted = :isDeleted
+           WHERE cm.id IN (SELECT r.target_id FROM report r WHERE r.target_type = 'CHAT')
+           AND cm.sender_id IN (SELECT cp.id FROM chat_participant cp WHERE cp.site_user_id = :siteUserId)
+           """, nativeQuery = true)
+    void updateReportedChatMessagesIsDeleted(@Param("siteUserId") long siteUserId, @Param("isDeleted") boolean isDeleted);
+
+    @Modifying(clearAutomatically = true, flushAutomatically = true)
+    @Query(value = """
+           UPDATE chat_message cm SET cm.is_deleted = :isDeleted
+           WHERE cm.id IN (SELECT r.target_id FROM report r WHERE r.target_type = 'CHAT')
+           AND cm.sender_id IN (SELECT cp.id FROM chat_participant cp WHERE cp.site_user_id IN :siteUserIds)
+           """, nativeQuery = true)
+    void bulkUpdateReportedChatMessagesIsDeleted(@Param("siteUserIds") List<Long> siteUserIds, @Param("isDeleted") boolean isDeleted);
 }
@@ -1,11 +1,13 @@
 package com.example.solidconnection.common.config.web;
 
+import com.example.solidconnection.common.interceptor.BannedUserInterceptor;
 import com.example.solidconnection.common.resolver.AuthorizedUserResolver;
 import com.example.solidconnection.common.resolver.CustomPageableHandlerMethodArgumentResolver;
 import java.util.List;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 @Configuration
@@ -14,6 +16,7 @@ public class WebMvcConfig implements WebMvcConfigurer {
 
     private final AuthorizedUserResolver authorizedUserResolver;
     private final CustomPageableHandlerMethodArgumentResolver customPageableHandlerMethodArgumentResolver;
+    private final BannedUserInterceptor bannedUserInterceptor;
 
     @Override
     public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
@@ -22,4 +25,10 @@ public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers)
                 customPageableHandlerMethodArgumentResolver
         ));
     }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(bannedUserInterceptor)
+                .addPathPatterns("/posts/**", "/comments/**", "/chats/**", "/boards/**");
+    }
 }
@@ -53,6 +53,7 @@ public enum ErrorCode {
     TERM_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "존재하지 않는 학기입니다."),
     CURRENT_TERM_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "현재 학기를 찾을 수 없습니다."),
     MENTOR_APPLICATION_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "멘토 지원서가 존재하지 않습니다."),
+    REPORT_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "신고 내역이 존재하지 않습니다."),
 
     // auth
     USER_ALREADY_SIGN_OUT(HttpStatus.UNAUTHORIZED.value(), "로그아웃 되었습니다."),
@@ -149,6 +150,11 @@ public enum ErrorCode {
     // chat
     INVALID_CHAT_ROOM_STATE(HttpStatus.BAD_REQUEST.value(), "잘못된 채팅방 상태입니다."),
 
+    // ban
+    ALREADY_BANNED_USER(HttpStatus.CONFLICT.value(), "이미 차단된 사용자입니다."),
+    NOT_BANNED_USER(HttpStatus.BAD_REQUEST.value(), "차단되지 않은 사용자입니다."),
+    BANNED_USER_ACCESS_DENIED(HttpStatus.FORBIDDEN.value(), "차단된 사용자는 커뮤니티 및 채팅을 이용할 수 없습니다."),
+
     // database
     DATA_INTEGRITY_VIOLATION(HttpStatus.CONFLICT.value(), "데이터베이스 무결성 제약조건 위반이 발생했습니다."),
 

@@ -0,0 +1,37 @@
+package com.example.solidconnection.common.interceptor;
+
+import static com.example.solidconnection.common.exception.ErrorCode.BANNED_USER_ACCESS_DENIED;
+
+import com.example.solidconnection.common.exception.CustomException;
+import com.example.solidconnection.security.userdetails.SiteUserDetails;
+import com.example.solidconnection.siteuser.domain.SiteUser;
+import com.example.solidconnection.siteuser.domain.UserStatus;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+@Component
+public class BannedUserInterceptor implements HandlerInterceptor {
+
+    @Override
+    public boolean preHandle(
+            HttpServletRequest request,
+            HttpServletResponse response,
+            Object handler
+    ) {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+        if (authentication != null && authentication.getPrincipal() instanceof SiteUserDetails) {
+            SiteUserDetails userDetails = (SiteUserDetails) authentication.getPrincipal();
+            SiteUser siteUser = userDetails.getSiteUser();
+
+            if (siteUser.getUserStatus() == UserStatus.BANNED) {
+                throw new CustomException(BANNED_USER_ACCESS_DENIED);
+            }
+        }
+        return true;
+    }
+}
@@ -18,11 +18,13 @@
 import lombok.Getter;
 import lombok.NoArgsConstructor;
 import org.hibernate.annotations.BatchSize;
+import org.hibernate.annotations.Where;
 
 @Entity
 @Getter
 @NoArgsConstructor
 @EqualsAndHashCode(of = "id")
+@Where(clause = "is_deleted = false")
 public class Post extends BaseEntity {
 
     @Id
@@ -50,6 +52,8 @@ public class Post extends BaseEntity {
     @Column
     private long siteUserId;
 
+    @Column(name = "is_deleted", columnDefinition = "boolean default false", nullable = false)
+    private boolean isDeleted = false;
 
     @BatchSize(size = 20)
     @OneToMany(mappedBy = "post", cascade = CascadeType.ALL, orphanRemoval = true)