dev 브런치 반영 code-check 오류 수정

backend/internal/handler/dev_handler_test.go

@@ -1519,7 +1519,7 @@ func TestRevokeHeadlessJWKSCache_DeletesCachedState(t *testing.T) {
 	assert.Nil(t, stored)
 }
 
-func TestListAuditLogs_TenantMemberForbidden(t *testing.T) {
+func TestListAuditLogs_TenantMemberWithoutAuditPermissionReturnsEmpty(t *testing.T) {
 	h := &DevHandler{
 		Hydra:     &service.HydraAdminService{AdminURL: "http://hydra.test"},
 		AuditRepo: &mockAuditRepo{},
@@ -1540,7 +1540,11 @@ func TestListAuditLogs_TenantMemberForbidden(t *testing.T) {
 
 	req := httptest.NewRequest(http.MethodGet, "/api/v1/dev/audit-logs", nil)
 	resp, _ := app.Test(req, -1)
-	assert.Equal(t, http.StatusForbidden, resp.StatusCode)
+	assert.Equal(t, http.StatusOK, resp.StatusCode)
+
+	var result devAuditListResponse
+	_ = json.NewDecoder(resp.Body).Decode(&result)
+	assert.Empty(t, result.Items)
 }
 
 func TestListAuditLogs_RPAdminScope(t *testing.T) {
@@ -1915,6 +1919,20 @@ func TestRemoveClientRelation_RPAdminAllowedByManagePermission(t *testing.T) {
 }
 
 func TestSearchUsers_RPAdminSearchByNameOrEmailWithinTenantScope(t *testing.T) {
+	transport := roundTripFunc(func(r *http.Request) (*http.Response, error) {
+		if r.Method == http.MethodGet && r.URL.Path == "/clients/client-1" {
+			return httpJSONAny(r, http.StatusOK, map[string]any{
+				"client_id":   "client-1",
+				"client_name": "App One",
+				"metadata": map[string]any{
+					"tenant_id": "tenant-1",
+					"status":    "active",
+				},
+			}), nil
+		}
+		return httpJSONAny(r, http.StatusNotFound, nil), nil
+	})
+
 	mockKratos := new(devMockKratosAdmin)
 	mockKratos.On("ListIdentities", mock.Anything).Return([]service.KratosIdentity{
 		{
@@ -1938,6 +1956,10 @@ func TestSearchUsers_RPAdminSearchByNameOrEmailWithinTenantScope(t *testing.T) {
 	}, nil)
 
 	h := &DevHandler{
+		Hydra: &service.HydraAdminService{
+			AdminURL:   "http://hydra.test",
+			HTTPClient: &http.Client{Transport: transport},
+		},
 		KratosAdmin: mockKratos,
 	}
 
@@ -1951,21 +1973,25 @@ func TestSearchUsers_RPAdminSearchByNameOrEmailWithinTenantScope(t *testing.T) {
 			ManageableTenants: []domain.Tenant{
 				{ID: "tenant-1", Slug: "tenant-one"},
 			},
+			Metadata: map[string]any{
+				"managed_client_ids": []any{"client-1"},
+			},
 		})
 		return c.Next()
 	})
 	app.Get("/api/v1/dev/users", h.SearchUsers)
 
-	req := httptest.NewRequest(http.MethodGet, "/api/v1/dev/users?search=alice", nil)
+	req := httptest.NewRequest(http.MethodGet, "/api/v1/dev/users?clientId=client-1&search=alice", nil)
 	resp, _ := app.Test(req, -1)
 
 	assert.Equal(t, http.StatusOK, resp.StatusCode)
 	var result devUserListResponse
 	_ = json.NewDecoder(resp.Body).Decode(&result)
-	assert.Len(t, result.Items, 1)
-	assert.Equal(t, "user-1", result.Items[0].ID)
-	assert.Equal(t, "Alice Kim", result.Items[0].Name)
-	assert.Equal(t, "alice@example.com", result.Items[0].Email)
+	if assert.Len(t, result.Items, 1) {
+		assert.Equal(t, "user-1", result.Items[0].ID)
+		assert.Equal(t, "Alice Kim", result.Items[0].Name)
+		assert.Equal(t, "alice@example.com", result.Items[0].Email)
+	}
 	mockKratos.AssertExpectations(t)
 }