devfront ReBAC 전환 테스트

2026-04-15 17:22:23 +09:00
parent 8d0982b89c
commit 034789b8cb
12 changed files with 198 additions and 10 deletions
--- a/devfront/tests/helpers/devfront-fixtures.ts
+++ b/devfront/tests/helpers/devfront-fixtures.ts
@@ -53,6 +53,13 @@ export type Consent = {
  tenantName: string;
 };

+export type ClientRelation = {
+  relation: string;
+  subject: string;
+  subjectType: string;
+  subjectId: string;
+};
+
 export type AuditLog = {
  event_id: string;
  timestamp: string;
@@ -67,6 +74,7 @@ export type AuditLog = {
 export type DevApiMockState = {
  clients: Client[];
  consents: Consent[];
+  relations?: Record<string, ClientRelation[]>;
  auditLogsByCursor?: Record<
    string,
    { items: AuditLog[]; next_cursor?: string }
@@ -292,6 +300,68 @@ export async function installDevApiMock(page: Page, state: DevApiMockState) {
      });
    }

+    if (
+      pathname.startsWith("/api/v1/dev/clients/") &&
+      pathname.endsWith("/relations") &&
+      method === "GET"
+    ) {
+      const clientId = pathname.split("/")[5] ?? "";
+      return json(route, {
+        items: state.relations?.[clientId] ?? [],
+      });
+    }
+
+    if (
+      pathname.startsWith("/api/v1/dev/clients/") &&
+      pathname.endsWith("/relations") &&
+      method === "POST"
+    ) {
+      const clientId = pathname.split("/")[5] ?? "";
+      const payload = (request.postDataJSON() as {
+        relation?: string;
+        subject?: string;
+        userId?: string;
+      }) || { relation: "config_editor" };
+      const subject =
+        payload.subject ||
+        (payload.userId ? `User:${payload.userId}` : "User:playwright-user");
+      const subjectId = subject.startsWith("User:")
+        ? subject.slice("User:".length)
+        : subject;
+      const created: ClientRelation = {
+        relation: payload.relation ?? "config_editor",
+        subject,
+        subjectType: "User",
+        subjectId,
+      };
+      if (!state.relations) {
+        state.relations = {};
+      }
+      if (!state.relations[clientId]) {
+        state.relations[clientId] = [];
+      }
+      state.relations[clientId].push(created);
+      appendAuditLog("CLIENT_RELATION_CREATE", "ADD_RELATION", clientId);
+      return json(route, created, 201);
+    }
+
+    if (
+      pathname.startsWith("/api/v1/dev/clients/") &&
+      pathname.endsWith("/relations") &&
+      method === "DELETE"
+    ) {
+      const clientId = pathname.split("/")[5] ?? "";
+      const relation = searchParams.get("relation") || "";
+      const subject = searchParams.get("subject") || "";
+      if (state.relations?.[clientId]) {
+        state.relations[clientId] = state.relations[clientId].filter(
+          (item) => !(item.relation === relation && item.subject === subject),
+        );
+      }
+      appendAuditLog("CLIENT_RELATION_DELETE", "REMOVE_RELATION", clientId);
+      return route.fulfill({ status: 204 });
+    }
+
    if (
      pathname.startsWith("/api/v1/dev/clients/") &&
      pathname.endsWith("/status") &&