권한, 사용자, 메뉴 등에 대한 기능 업데이트

backend/api/admin/role/[id]/delete.delete.ts

@@ -0,0 +1,46 @@
+import { queryOne, execute } from '../../../../utils/db'
+import { requireAdmin } from '../../../../utils/session'
+
+/**
+ * 권한 삭제
+ * DELETE /api/admin/role/[id]/delete
+ */
+export default defineEventHandler(async (event) => {
+  await requireAdmin(event)
+  
+  const roleId = getRouterParam(event, 'id')
+  if (!roleId) {
+    throw createError({ statusCode: 400, message: '권한 ID가 필요합니다.' })
+  }
+  
+  // 존재 여부 확인
+  const existing = await queryOne<any>(`
+    SELECT role_id, role_code FROM wr_role WHERE role_id = $1
+  `, [roleId])
+  
+  if (!existing) {
+    throw createError({ statusCode: 404, message: '권한을 찾을 수 없습니다.' })
+  }
+  
+  // 기본 권한은 삭제 불가
+  const protectedCodes = ['ROLE_ADMIN', 'ROLE_MANAGER', 'ROLE_USER']
+  if (protectedCodes.includes(existing.role_code)) {
+    throw createError({ statusCode: 400, message: '기본 권한은 삭제할 수 없습니다.' })
+  }
+  
+  // 사용 중인 권한인지 확인
+  const usageCount = await queryOne<any>(`
+    SELECT COUNT(*) as cnt FROM wr_employee_role WHERE role_id = $1
+  `, [roleId])
+  
+  if (parseInt(usageCount.cnt) > 0) {
+    throw createError({ 
+      statusCode: 400, 
+      message: `${usageCount.cnt}명의 사용자가 이 권한을 사용 중입니다. 먼저 권한을 해제해주세요.` 
+    })
+  }
+  
+  await execute(`DELETE FROM wr_role WHERE role_id = $1`, [roleId])
+  
+  return { success: true }
+})

backend/api/admin/role/[id]/update.put.ts

@@ -0,0 +1,54 @@
+import { queryOne, execute } from '../../../../utils/db'
+import { requireAdmin } from '../../../../utils/session'
+
+/**
+ * 권한 수정
+ * PUT /api/admin/role/[id]/update
+ */
+export default defineEventHandler(async (event) => {
+  await requireAdmin(event)
+  
+  const roleId = getRouterParam(event, 'id')
+  if (!roleId) {
+    throw createError({ statusCode: 400, message: '권한 ID가 필요합니다.' })
+  }
+  
+  const body = await readBody<{
+    roleName?: string
+    roleDescription?: string
+    isInternalIpOnly?: boolean
+    sortOrder?: number
+    isActive?: boolean
+  }>(event)
+  
+  // 존재 여부 확인
+  const existing = await queryOne<any>(`
+    SELECT role_id, role_code FROM wr_role WHERE role_id = $1
+  `, [roleId])
+  
+  if (!existing) {
+    throw createError({ statusCode: 404, message: '권한을 찾을 수 없습니다.' })
+  }
+  
+  await execute(`
+    UPDATE wr_role SET
+      role_name = COALESCE($2, role_name),
+      role_description = COALESCE($3, role_description),
+      is_internal_ip_only = COALESCE($4, is_internal_ip_only),
+      sort_order = COALESCE($5, sort_order),
+      is_active = COALESCE($6, is_active),
+      updated_at = NOW()
+    WHERE role_id = $1
+  `, [
+    roleId,
+    body.roleName,
+    body.roleDescription,
+    body.isInternalIpOnly,
+    body.sortOrder,
+    body.isActive
+  ])
+  
+  const updated = await queryOne<any>(`SELECT * FROM wr_role WHERE role_id = $1`, [roleId])
+  
+  return { success: true, role: updated }
+})

backend/api/admin/role/create.post.ts

@@ -0,0 +1,45 @@
+import { queryOne } from '../../../utils/db'
+import { requireAdmin } from '../../../utils/session'
+
+/**
+ * 권한 생성
+ * POST /api/admin/role/create
+ */
+export default defineEventHandler(async (event) => {
+  await requireAdmin(event)
+  
+  const body = await readBody<{
+    roleCode: string
+    roleName: string
+    roleDescription?: string
+    isInternalIpOnly?: boolean
+    sortOrder?: number
+  }>(event)
+  
+  if (!body.roleCode || !body.roleName) {
+    throw createError({ statusCode: 400, message: '권한코드와 권한명은 필수입니다.' })
+  }
+  
+  // 코드 중복 체크
+  const existing = await queryOne<any>(`
+    SELECT role_id FROM wr_role WHERE role_code = $1
+  `, [body.roleCode])
+  
+  if (existing) {
+    throw createError({ statusCode: 400, message: '이미 존재하는 권한코드입니다.' })
+  }
+  
+  const role = await queryOne<any>(`
+    INSERT INTO wr_role (role_code, role_name, role_description, is_internal_ip_only, sort_order)
+    VALUES ($1, $2, $3, $4, $5)
+    RETURNING *
+  `, [
+    body.roleCode,
+    body.roleName,
+    body.roleDescription || null,
+    body.isInternalIpOnly || false,
+    body.sortOrder || 0
+  ])
+  
+  return { success: true, role }
+})

backend/api/admin/role/list.get.ts

@@ -0,0 +1,34 @@
+import { query } from '../../../utils/db'
+import { requireAdmin } from '../../../utils/session'
+
+/**
+ * 권한 목록 조회
+ * GET /api/admin/role/list
+ */
+export default defineEventHandler(async (event) => {
+  // 관리자 권한 체크
+  await requireAdmin(event)
+  
+  const roles = await query<any>(`
+    SELECT 
+      r.role_id,
+      r.role_code,
+      r.role_name,
+      r.role_description,
+      r.is_internal_ip_only,
+      r.sort_order,
+      r.is_active,
+      r.created_at,
+      r.updated_at,
+      COUNT(DISTINCT er.employee_id) as user_count
+    FROM wr_role r
+    LEFT JOIN wr_employee_role er ON r.role_id = er.role_id
+    GROUP BY r.role_id
+    ORDER BY r.sort_order, r.role_id
+  `)
+  
+  return {
+    roles,
+    total: roles.length
+  }
+})