기능구현중

server/api/admin/user/[id]/roles.put.ts

@@ -0,0 +1,55 @@
+import { query, queryOne, execute } from '../../../../utils/db'
+import { requireAdmin } from '../../../../utils/session'
+
+/**
+ * 사용자 권한 변경
+ * PUT /api/admin/user/[id]/roles
+ * 
+ * Body: { roleIds: number[] }
+ */
+export default defineEventHandler(async (event) => {
+  await requireAdmin(event)
+  
+  const employeeId = getRouterParam(event, 'id')
+  if (!employeeId) {
+    throw createError({ statusCode: 400, message: '사용자 ID가 필요합니다.' })
+  }
+  
+  const body = await readBody<{ roleIds: number[] }>(event)
+  const roleIds = body.roleIds || []
+  
+  // 사용자 존재 확인
+  const user = await queryOne<any>(`
+    SELECT employee_id, employee_email FROM wr_employee_info WHERE employee_id = $1
+  `, [employeeId])
+  
+  if (!user) {
+    throw createError({ statusCode: 404, message: '사용자를 찾을 수 없습니다.' })
+  }
+  
+  // 기존 권한 모두 삭제
+  await execute(`DELETE FROM wr_employee_role WHERE employee_id = $1`, [employeeId])
+  
+  // 새 권한 추가
+  for (const roleId of roleIds) {
+    await execute(`
+      INSERT INTO wr_employee_role (employee_id, role_id)
+      VALUES ($1, $2)
+      ON CONFLICT (employee_id, role_id) DO NOTHING
+    `, [employeeId, roleId])
+  }
+  
+  // 변경된 권한 조회
+  const updatedRoles = await query<any>(`
+    SELECT r.role_id, r.role_code, r.role_name
+    FROM wr_employee_role er
+    JOIN wr_role r ON er.role_id = r.role_id
+    WHERE er.employee_id = $1
+  `, [employeeId])
+  
+  return {
+    success: true,
+    employeeId: parseInt(employeeId as string),
+    roles: updatedRoles
+  }
+})

server/api/admin/user/[id]/toggle-role.post.ts

@@ -0,0 +1,70 @@
+import { queryOne, execute } from '../../../../utils/db'
+import { requireAdmin } from '../../../../utils/session'
+
+/**
+ * 사용자 개별 권한 토글 (추가/제거)
+ * POST /api/admin/user/[id]/toggle-role
+ * 
+ * Body: { roleId: number }
+ */
+export default defineEventHandler(async (event) => {
+  await requireAdmin(event)
+  
+  const employeeId = getRouterParam(event, 'id')
+  if (!employeeId) {
+    throw createError({ statusCode: 400, message: '사용자 ID가 필요합니다.' })
+  }
+  
+  const body = await readBody<{ roleId: number }>(event)
+  if (!body.roleId) {
+    throw createError({ statusCode: 400, message: '권한 ID가 필요합니다.' })
+  }
+  
+  // 사용자 존재 확인
+  const user = await queryOne<any>(`
+    SELECT employee_id FROM wr_employee_info WHERE employee_id = $1
+  `, [employeeId])
+  
+  if (!user) {
+    throw createError({ statusCode: 404, message: '사용자를 찾을 수 없습니다.' })
+  }
+  
+  // 권한 존재 확인
+  const role = await queryOne<any>(`
+    SELECT role_id, role_code FROM wr_role WHERE role_id = $1
+  `, [body.roleId])
+  
+  if (!role) {
+    throw createError({ statusCode: 404, message: '권한을 찾을 수 없습니다.' })
+  }
+  
+  // 현재 권한 보유 여부 확인
+  const existing = await queryOne<any>(`
+    SELECT employee_role_id FROM wr_employee_role 
+    WHERE employee_id = $1 AND role_id = $2
+  `, [employeeId, body.roleId])
+  
+  let added: boolean
+  
+  if (existing) {
+    // 권한 제거
+    await execute(`
+      DELETE FROM wr_employee_role WHERE employee_id = $1 AND role_id = $2
+    `, [employeeId, body.roleId])
+    added = false
+  } else {
+    // 권한 추가
+    await execute(`
+      INSERT INTO wr_employee_role (employee_id, role_id) VALUES ($1, $2)
+    `, [employeeId, body.roleId])
+    added = true
+  }
+  
+  return {
+    success: true,
+    employeeId: parseInt(employeeId as string),
+    roleId: body.roleId,
+    roleCode: role.role_code,
+    added
+  }
+})

server/api/admin/user/list.get.ts

@@ -0,0 +1,110 @@
+import { query } from '../../../utils/db'
+import { requireAdmin } from '../../../utils/session'
+
+/**
+ * 사용자 목록 조회 (권한 정보 + 최근 로그인 포함)
+ * GET /api/admin/user/list
+ */
+export default defineEventHandler(async (event) => {
+  await requireAdmin(event)
+  
+  const queryParams = getQuery(event)
+  const company = queryParams.company as string || ''
+  const name = queryParams.name as string || ''
+  const email = queryParams.email as string || ''
+  const phone = queryParams.phone as string || ''
+  const status = queryParams.status as string || 'active'  // 기본값: 활성
+  
+  // 1. 사용자 목록 조회 (최근 로그인 포함)
+  let userQuery = `
+    SELECT 
+      e.employee_id,
+      e.employee_name,
+      e.employee_email,
+      e.employee_phone,
+      e.employee_position,
+      e.company,
+      e.join_date,
+      e.is_active,
+      e.created_at,
+      (
+        SELECT MAX(login_at) 
+        FROM wr_login_history 
+        WHERE employee_id = e.employee_id
+      ) as last_login_at
+    FROM wr_employee_info e
+    WHERE 1=1
+  `
+  const params: any[] = []
+  
+  // 소속사 검색
+  if (company) {
+    params.push(`%${company}%`)
+    userQuery += ` AND e.company ILIKE $${params.length}`
+  }
+  
+  // 이름 검색
+  if (name) {
+    params.push(`%${name}%`)
+    userQuery += ` AND e.employee_name ILIKE $${params.length}`
+  }
+  
+  // 이메일 검색
+  if (email) {
+    params.push(`%${email}%`)
+    userQuery += ` AND e.employee_email ILIKE $${params.length}`
+  }
+  
+  // 전화번호 검색
+  if (phone) {
+    params.push(`%${phone}%`)
+    userQuery += ` AND e.employee_phone ILIKE $${params.length}`
+  }
+  
+  // 상태 검색
+  if (status === 'active') {
+    userQuery += ` AND e.is_active = true`
+  } else if (status === 'inactive') {
+    userQuery += ` AND e.is_active = false`
+  }
+  // status === 'all' 이면 조건 없음
+  
+  userQuery += ` ORDER BY e.company, e.employee_position, e.employee_name`
+  
+  const users = await query<any>(userQuery, params)
+  
+  // 2. 모든 권한 목록 조회
+  const roles = await query<any>(`
+    SELECT role_id, role_code, role_name, sort_order
+    FROM wr_role
+    WHERE is_active = true
+    ORDER BY sort_order
+  `)
+  
+  // 3. 사용자별 권한 매핑 조회
+  const userRoles = await query<any>(`
+    SELECT employee_id, role_id
+    FROM wr_employee_role
+  `)
+  
+  // 4. 사용자별 권한 배열 생성
+  const userRoleMap = new Map<number, number[]>()
+  for (const ur of userRoles) {
+    if (!userRoleMap.has(ur.employee_id)) {
+      userRoleMap.set(ur.employee_id, [])
+    }
+    userRoleMap.get(ur.employee_id)!.push(ur.role_id)
+  }
+  
+  // 5. 사용자 데이터에 권한 정보 추가
+  const usersWithRoles = users.map(u => ({
+    ...u,
+    roleIds: userRoleMap.get(u.employee_id) || []
+  }))
+  
+  return {
+    users: usersWithRoles,
+    roles,
+    total: users.length
+  }
+})

server/api/admin/user/reset-password.post.ts

@@ -0,0 +1,58 @@
+import { query, execute } from '../../../utils/db'
+import { hashPassword, generateTempPassword } from '../../../utils/password'
+import { getClientIp } from '../../../utils/ip'
+import { requireAuth } from '../../../utils/session'
+
+interface AdminResetPasswordBody {
+  employeeId: number
+}
+
+/**
+ * 관리자 비밀번호 초기화
+ * POST /api/admin/user/reset-password
+ */
+export default defineEventHandler(async (event) => {
+  const currentUserId = await requireAuth(event)
+  
+  // TODO: 관리자 권한 체크 (현재는 모든 로그인 사용자 허용)
+  
+  const body = await readBody<AdminResetPasswordBody>(event)
+  const clientIp = getClientIp(event)
+  
+  if (!body.employeeId) {
+    throw createError({ statusCode: 400, message: '사용자 ID가 필요합니다.' })
+  }
+  
+  // 대상 사용자 조회
+  const employees = await query<any>(`
+    SELECT employee_id, employee_name, employee_email 
+    FROM wr_employee_info 
+    WHERE employee_id = $1
+  `, [body.employeeId])
+  
+  if (employees.length === 0) {
+    throw createError({ statusCode: 404, message: '사용자를 찾을 수 없습니다.' })
+  }
+  
+  const employee = employees[0]
+  
+  // 임시 비밀번호 생성
+  const tempPassword = generateTempPassword()
+  const hash = await hashPassword(tempPassword)
+  
+  // 비밀번호 업데이트
+  await execute(`
+    UPDATE wr_employee_info 
+    SET password_hash = $1, 
+        updated_at = NOW(), 
+        updated_ip = $2
+    WHERE employee_id = $3
+  `, [hash, clientIp, body.employeeId])
+  
+  return {
+    success: true,
+    message: '비밀번호가 초기화되었습니다.',
+    tempPassword,
+    employeeName: employee.employee_name
+  }
+})