멀티 테넌트 멤버 집계 해결

2026-05-07 18:05:24 +09:00
parent f6cf261fd5
commit 074c3e30d1
4 changed files with 95 additions and 18 deletions
--- a/backend/internal/handler/user_handler.go
+++ b/backend/internal/handler/user_handler.go
@@ -276,24 +276,56 @@ func (h *UserHandler) ListUsers(c *fiber.Ctx) error {
 			name := strings.ToLower(extractTraitString(identity.Traits, "name"))
 			compCode := strings.ToLower(extractTraitString(identity.Traits, "companyCode"))
 			tID := strings.ToLower(extractTraitString(identity.Traits, "tenant_id"))
+			secondaryCodes := extractTraitStringArray(identity.Traits, "companyCodes")

 			// Tenant Admin & Member filtering
 			if requesterRole == domain.RoleTenantAdmin || requesterRole == domain.RoleUser || requesterRole == domain.RoleRPAdmin {
-				if !manageableSlugs[compCode] && !manageableSlugs[tID] {
+				hasAccess := manageableSlugs[compCode] || manageableSlugs[tID]
+				if !hasAccess && len(secondaryCodes) > 0 {
+					for _, code := range secondaryCodes {
+						if manageableSlugs[strings.ToLower(code)] {
+							hasAccess = true
+							break
+						}
+					}
+				}
+				if !hasAccess {
 					continue
 				}
 			}

 			// Dedicated tenantSlug filter
-			if tenantSlug != "" && !strings.EqualFold(compCode, tenantSlug) && tID != targetTenantID {
-				continue
+			if tenantSlug != "" {
+				matches := strings.EqualFold(compCode, tenantSlug) || tID == targetTenantID
+				if !matches && len(secondaryCodes) > 0 {
+					for _, code := range secondaryCodes {
+						if strings.EqualFold(code, tenantSlug) {
+							matches = true
+							break
+						}
+					}
+				}
+				if !matches {
+					continue
+				}
 			}

 			// Search filtering (Keyword search in email, name, or companyCode)
 			if search != "" {
-				if !strings.Contains(email, searchLower) &&
-					!strings.Contains(name, searchLower) &&
-					!strings.Contains(strings.ToLower(compCode), searchLower) {
+				matchesSearch := strings.Contains(email, searchLower) ||
+					strings.Contains(name, searchLower) ||
+					strings.Contains(strings.ToLower(compCode), searchLower)
+
+				if !matchesSearch && len(secondaryCodes) > 0 {
+					for _, code := range secondaryCodes {
+						if strings.Contains(strings.ToLower(code), searchLower) {
+							matchesSearch = true
+							break
+						}
+					}
+				}
+
+				if !matchesSearch {
 					continue
 				}
 			}
@@ -2155,6 +2187,27 @@ func extractTraitString(traits map[string]interface{}, key string) string {
 	return ""
 }

+func extractTraitStringArray(traits map[string]interface{}, key string) []string {
+	if traits == nil {
+		return nil
+	}
+	if raw, ok := traits[key]; ok {
+		if slice, ok := raw.([]interface{}); ok {
+			var result []string
+			for _, v := range slice {
+				if s, ok := v.(string); ok {
+					result = append(result, s)
+				}
+			}
+			return result
+		}
+		if slice, ok := raw.([]string); ok {
+			return slice
+		}
+	}
+	return nil
+}
+
 func resolvePasswordLoginID(traits map[string]interface{}) string {
 	// First check custom_login_ids (array)
 	if raw, ok := traits["custom_login_ids"]; ok {