osolit-research/weeklyreport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

권한, 사용자, 메뉴 등에 대한 기능 업데이트

Browse Source
This commit is contained in:
Hyoseong Jo
2026-01-10 16:54:06 +09:00
parent 134a68d9db
commit ef7914d5c6
34 changed files with 2678 additions and 650 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
backend/api/admin/user/[id]/roles.put.ts Normal file
View File

@@ -0,0 +1,55 @@
import { query, queryOne, execute } from '../../../../utils/db'
import { requireAdmin } from '../../../../utils/session'
/**
* 사용자 권한 변경
* PUT /api/admin/user/[id]/roles
*
* Body: { roleIds: number[] }
*/
export default defineEventHandler(async (event) => {
await requireAdmin(event)
const employeeId = getRouterParam(event, 'id')
if (!employeeId) {
throw createError({ statusCode: 400, message: '사용자 ID가 필요합니다.' })
}
const body = await readBody<{ roleIds: number[] }>(event)
const roleIds = body.roleIds || []
// 사용자 존재 확인
const user = await queryOne<any>(`
SELECT employee_id, employee_email FROM wr_employee_info WHERE employee_id = $1
`, [employeeId])
if (!user) {
throw createError({ statusCode: 404, message: '사용자를 찾을 수 없습니다.' })
}
// 기존 권한 모두 삭제
await execute(`DELETE FROM wr_employee_role WHERE employee_id = $1`, [employeeId])
// 새 권한 추가
for (const roleId of roleIds) {
await execute(`
INSERT INTO wr_employee_role (employee_id, role_id)
VALUES ($1, $2)
ON CONFLICT (employee_id, role_id) DO NOTHING
`, [employeeId, roleId])
}
// 변경된 권한 조회
const updatedRoles = await query<any>(`
SELECT r.role_id, r.role_code, r.role_name
FROM wr_employee_role er
JOIN wr_role r ON er.role_id = r.role_id
WHERE er.employee_id = $1
`, [employeeId])
return {
success: true,
employeeId: parseInt(employeeId as string),
roles: updatedRoles
}
})

70
backend/api/admin/user/[id]/toggle-role.post.ts Normal file
View File

@@ -0,0 +1,70 @@
import { queryOne, execute } from '../../../../utils/db'
import { requireAdmin } from '../../../../utils/session'
/**
* 사용자 개별 권한 토글 (추가/제거)
* POST /api/admin/user/[id]/toggle-role
*
* Body: { roleId: number }
*/
export default defineEventHandler(async (event) => {
await requireAdmin(event)
const employeeId = getRouterParam(event, 'id')
if (!employeeId) {
throw createError({ statusCode: 400, message: '사용자 ID가 필요합니다.' })
}
const body = await readBody<{ roleId: number }>(event)
if (!body.roleId) {
throw createError({ statusCode: 400, message: '권한 ID가 필요합니다.' })
}
// 사용자 존재 확인
const user = await queryOne<any>(`
SELECT employee_id FROM wr_employee_info WHERE employee_id = $1
`, [employeeId])
if (!user) {
throw createError({ statusCode: 404, message: '사용자를 찾을 수 없습니다.' })
}
// 권한 존재 확인
const role = await queryOne<any>(`
SELECT role_id, role_code FROM wr_role WHERE role_id = $1
`, [body.roleId])
if (!role) {
throw createError({ statusCode: 404, message: '권한을 찾을 수 없습니다.' })
}
// 현재 권한 보유 여부 확인
const existing = await queryOne<any>(`
SELECT employee_role_id FROM wr_employee_role
WHERE employee_id = $1 AND role_id = $2
`, [employeeId, body.roleId])
let added: boolean
if (existing) {
// 권한 제거
await execute(`
DELETE FROM wr_employee_role WHERE employee_id = $1 AND role_id = $2
`, [employeeId, body.roleId])
added = false
} else {
// 권한 추가
await execute(`
INSERT INTO wr_employee_role (employee_id, role_id) VALUES ($1, $2)
`, [employeeId, body.roleId])
added = true
}
return {
success: true,
employeeId: parseInt(employeeId as string),
roleId: body.roleId,
roleCode: role.role_code,
added
}
})

110
backend/api/admin/user/list.get.ts Normal file
View File

@@ -0,0 +1,110 @@
import { query } from '../../../utils/db'
import { requireAdmin } from '../../../utils/session'
/**
* 사용자 목록 조회 (권한 정보 + 최근 로그인 포함)
* GET /api/admin/user/list
*/
export default defineEventHandler(async (event) => {
await requireAdmin(event)
const queryParams = getQuery(event)
const company = queryParams.company as string || ''
const name = queryParams.name as string || ''
const email = queryParams.email as string || ''
const phone = queryParams.phone as string || ''
const status = queryParams.status as string || 'active' // 기본값: 활성
// 1. 사용자 목록 조회 (최근 로그인 포함)
let userQuery = `
SELECT
e.employee_id,
e.employee_name,
e.employee_email,
e.employee_phone,
e.employee_position,
e.company,
e.join_date,
e.is_active,
e.created_at,
(
SELECT MAX(login_at)
FROM wr_login_history
WHERE employee_id = e.employee_id
) as last_login_at
FROM wr_employee_info e
WHERE 1=1
`
const params: any[] = []
// 소속사 검색
if (company) {
params.push(`%${company}%`)
userQuery += ` AND e.company ILIKE $${params.length}`
}
// 이름 검색
if (name) {
params.push(`%${name}%`)
userQuery += ` AND e.employee_name ILIKE $${params.length}`
}
// 이메일 검색
if (email) {
params.push(`%${email}%`)
userQuery += ` AND e.employee_email ILIKE $${params.length}`
}
// 전화번호 검색
if (phone) {
params.push(`%${phone}%`)
userQuery += ` AND e.employee_phone ILIKE $${params.length}`
}
// 상태 검색
if (status === 'active') {
userQuery += ` AND e.is_active = true`
} else if (status === 'inactive') {
userQuery += ` AND e.is_active = false`
}
// status === 'all' 이면 조건 없음
userQuery += ` ORDER BY e.company, e.employee_position, e.employee_name`
const users = await query<any>(userQuery, params)
// 2. 모든 권한 목록 조회
const roles = await query<any>(`
SELECT role_id, role_code, role_name, sort_order
FROM wr_role
WHERE is_active = true
ORDER BY sort_order
`)
// 3. 사용자별 권한 매핑 조회
const userRoles = await query<any>(`
SELECT employee_id, role_id
FROM wr_employee_role
`)
// 4. 사용자별 권한 배열 생성
const userRoleMap = new Map<number, number[]>()
for (const ur of userRoles) {
if (!userRoleMap.has(ur.employee_id)) {
userRoleMap.set(ur.employee_id, [])
}
userRoleMap.get(ur.employee_id)!.push(ur.role_id)
}
// 5. 사용자 데이터에 권한 정보 추가
const usersWithRoles = users.map(u => ({
...u,
roleIds: userRoleMap.get(u.employee_id) || []
}))
return {
users: usersWithRoles,
roles,
total: users.length
}
})