권한, 사용자, 메뉴 등에 대한 기능 업데이트

2026-01-10 16:54:06 +09:00
parent 134a68d9db
commit ef7914d5c6
34 changed files with 2678 additions and 650 deletions
--- a/backend/api/admin/role/[id]/delete.delete.ts
+++ b/backend/api/admin/role/[id]/delete.delete.ts
@@ -0,0 +1,46 @@
+import { queryOne, execute } from '../../../../utils/db'
+import { requireAdmin } from '../../../../utils/session'
+
+/**
+ * 권한 삭제
+ * DELETE /api/admin/role/[id]/delete
+ */
+export default defineEventHandler(async (event) => {
+  await requireAdmin(event)
+  
+  const roleId = getRouterParam(event, 'id')
+  if (!roleId) {
+    throw createError({ statusCode: 400, message: '권한 ID가 필요합니다.' })
+  }
+  
+  // 존재 여부 확인
+  const existing = await queryOne<any>(`
+    SELECT role_id, role_code FROM wr_role WHERE role_id = $1
+  `, [roleId])
+  
+  if (!existing) {
+    throw createError({ statusCode: 404, message: '권한을 찾을 수 없습니다.' })
+  }
+  
+  // 기본 권한은 삭제 불가
+  const protectedCodes = ['ROLE_ADMIN', 'ROLE_MANAGER', 'ROLE_USER']
+  if (protectedCodes.includes(existing.role_code)) {
+    throw createError({ statusCode: 400, message: '기본 권한은 삭제할 수 없습니다.' })
+  }
+  
+  // 사용 중인 권한인지 확인
+  const usageCount = await queryOne<any>(`
+    SELECT COUNT(*) as cnt FROM wr_employee_role WHERE role_id = $1
+  `, [roleId])
+  
+  if (parseInt(usageCount.cnt) > 0) {
+    throw createError({ 
+      statusCode: 400, 
+      message: `${usageCount.cnt}명의 사용자가 이 권한을 사용 중입니다. 먼저 권한을 해제해주세요.` 
+    })
+  }
+  
+  await execute(`DELETE FROM wr_role WHERE role_id = $1`, [roleId])
+  
+  return { success: true }
+})
--- a/backend/api/admin/role/[id]/update.put.ts
+++ b/backend/api/admin/role/[id]/update.put.ts
@@ -0,0 +1,54 @@
+import { queryOne, execute } from '../../../../utils/db'
+import { requireAdmin } from '../../../../utils/session'
+
+/**
+ * 권한 수정
+ * PUT /api/admin/role/[id]/update
+ */
+export default defineEventHandler(async (event) => {
+  await requireAdmin(event)
+  
+  const roleId = getRouterParam(event, 'id')
+  if (!roleId) {
+    throw createError({ statusCode: 400, message: '권한 ID가 필요합니다.' })
+  }
+  
+  const body = await readBody<{
+    roleName?: string
+    roleDescription?: string
+    isInternalIpOnly?: boolean
+    sortOrder?: number
+    isActive?: boolean
+  }>(event)
+  
+  // 존재 여부 확인
+  const existing = await queryOne<any>(`
+    SELECT role_id, role_code FROM wr_role WHERE role_id = $1
+  `, [roleId])
+  
+  if (!existing) {
+    throw createError({ statusCode: 404, message: '권한을 찾을 수 없습니다.' })
+  }
+  
+  await execute(`
+    UPDATE wr_role SET
+      role_name = COALESCE($2, role_name),
+      role_description = COALESCE($3, role_description),
+      is_internal_ip_only = COALESCE($4, is_internal_ip_only),
+      sort_order = COALESCE($5, sort_order),
+      is_active = COALESCE($6, is_active),
+      updated_at = NOW()
+    WHERE role_id = $1
+  `, [
+    roleId,
+    body.roleName,
+    body.roleDescription,
+    body.isInternalIpOnly,
+    body.sortOrder,
+    body.isActive
+  ])
+  
+  const updated = await queryOne<any>(`SELECT * FROM wr_role WHERE role_id = $1`, [roleId])
+  
+  return { success: true, role: updated }
+})