삭제된 사용자 RP 관계 정리

2026-05-28 09:50:15 +09:00
parent f8d0cf411a
commit 041b0724be
7 changed files with 434 additions and 25 deletions
--- a/backend/internal/repository/keto_outbox_repository.go
+++ b/backend/internal/repository/keto_outbox_repository.go
@@ -12,6 +12,7 @@ type KetoOutboxRepository interface {
 	Create(ctx context.Context, entry *domain.KetoOutbox) error
 	CreateWithTx(tx *gorm.DB, entry *domain.KetoOutbox) error
 	FindPending(ctx context.Context, limit int) ([]domain.KetoOutbox, error)
+	ListCurrentBySubject(ctx context.Context, namespace, subject string) ([]domain.KetoOutbox, error)
 	UpdateStatus(ctx context.Context, id string, status string, retryCount int, lastError string) error
 	MarkProcessed(ctx context.Context, id string) error
 }
@@ -42,6 +43,32 @@ func (r *ketoOutboxRepository) FindPending(ctx context.Context, limit int) ([]do
 	return entries, err
 }

+func (r *ketoOutboxRepository) ListCurrentBySubject(ctx context.Context, namespace, subject string) ([]domain.KetoOutbox, error) {
+	var entries []domain.KetoOutbox
+	if err := r.db.WithContext(ctx).
+		Where("namespace = ? AND subject = ? AND status <> ?", namespace, subject, domain.KetoOutboxStatusFailed).
+		Order("created_at desc").
+		Order("updated_at desc").
+		Find(&entries).Error; err != nil {
+		return nil, err
+	}
+
+	current := make([]domain.KetoOutbox, 0, len(entries))
+	seen := make(map[string]struct{}, len(entries))
+	for _, entry := range entries {
+		key := entry.Namespace + "\x00" + entry.Object + "\x00" + entry.Relation + "\x00" + entry.Subject
+		if _, exists := seen[key]; exists {
+			continue
+		}
+		seen[key] = struct{}{}
+		if entry.Action == domain.KetoOutboxActionCreate {
+			current = append(current, entry)
+		}
+	}
+
+	return current, nil
+}
+
 func (r *ketoOutboxRepository) UpdateStatus(ctx context.Context, id string, status string, retryCount int, lastError string) error {
 	return r.db.WithContext(ctx).Model(&domain.KetoOutbox{}).Where("id = ?", id).Updates(map[string]interface{}{
 		"status":      status,
--- a/backend/internal/repository/keto_outbox_repository_test.go
+++ b/backend/internal/repository/keto_outbox_repository_test.go
@@ -0,0 +1,68 @@
+package repository
+
+import (
+	"baron-sso-backend/internal/domain"
+	"context"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func TestKetoOutboxRepository_ListCurrentBySubject(t *testing.T) {
+	repo := NewKetoOutboxRepository(testDB)
+	ctx := context.Background()
+
+	require.NoError(t, testDB.Exec("DELETE FROM keto_outbox").Error)
+
+	entries := []domain.KetoOutbox{
+		{
+			Namespace: "RelyingParty",
+			Object:    "client-1",
+			Relation:  "admins",
+			Subject:   "User:user-1",
+			Action:    domain.KetoOutboxActionCreate,
+			Status:    domain.KetoOutboxStatusProcessed,
+		},
+		{
+			Namespace: "RelyingParty",
+			Object:    "client-1",
+			Relation:  "admins",
+			Subject:   "User:user-1",
+			Action:    domain.KetoOutboxActionDelete,
+			Status:    domain.KetoOutboxStatusProcessed,
+		},
+		{
+			Namespace: "RelyingParty",
+			Object:    "client-2",
+			Relation:  "config_editor",
+			Subject:   "User:user-1",
+			Action:    domain.KetoOutboxActionCreate,
+			Status:    domain.KetoOutboxStatusProcessed,
+		},
+		{
+			Namespace: "RelyingParty",
+			Object:    "client-3",
+			Relation:  "audit_viewer",
+			Subject:   "User:user-1",
+			Action:    domain.KetoOutboxActionCreate,
+			Status:    domain.KetoOutboxStatusFailed,
+		},
+		{
+			Namespace: "Tenant",
+			Object:    "tenant-1",
+			Relation:  "members",
+			Subject:   "User:user-1",
+			Action:    domain.KetoOutboxActionCreate,
+			Status:    domain.KetoOutboxStatusProcessed,
+		},
+	}
+	for i := range entries {
+		require.NoError(t, repo.Create(ctx, &entries[i]))
+	}
+
+	current, err := repo.ListCurrentBySubject(ctx, "RelyingParty", "User:user-1")
+	require.NoError(t, err)
+	require.Len(t, current, 1)
+	require.Equal(t, "client-2", current[0].Object)
+	require.Equal(t, "config_editor", current[0].Relation)
+}
--- a/backend/internal/repository/main_test.go
+++ b/backend/internal/repository/main_test.go
@@ -63,7 +63,7 @@ func TestMain(m *testing.M) {
 	}

 	// Auto-migrate
-	err = db.AutoMigrate(&domain.Tenant{}, &domain.TenantDomain{}, &domain.User{}, &domain.UserLoginID{}, &domain.UserProjectionState{}, &domain.ClientConsent{}, &domain.RPUserMetadata{}, &domain.RPUsageEvent{})
+	err = db.AutoMigrate(&domain.Tenant{}, &domain.TenantDomain{}, &domain.User{}, &domain.UserLoginID{}, &domain.UserProjectionState{}, &domain.ClientConsent{}, &domain.RPUserMetadata{}, &domain.RPUsageEvent{}, &domain.KetoOutbox{})
 	if err != nil {
 		log.Fatalf("failed to migrate database: %s", err)
 	}