감사로그 조회 에러 수정

backend/internal/handler/dev_handler_test.go

@@ -1604,6 +1604,13 @@ func TestListAuditLogs_UserAllowedByRPAuditPermission(t *testing.T) {
 				Timestamp: time.Now().UTC(),
 				Details:   `{"target_id":"client-allowed","tenant_id":"tenant-a","action":"ROTATE_SECRET"}`,
 			},
+			{
+				EventID:   "evt-allowed-path",
+				EventType: "GET /api/v1/dev/clients/client-allowed/relations",
+				Status:    "success",
+				Timestamp: time.Now().UTC().Add(-30 * time.Second),
+				Details:   `{"request_id":"req-1"}`,
+			},
 			{
 				EventID:   "evt-denied",
 				EventType: "POST /api/v1/dev/clients/client-denied/secret/rotate",
@@ -1624,8 +1631,8 @@ func TestListAuditLogs_UserAllowedByRPAuditPermission(t *testing.T) {
 	})
 
 	mockKeto := new(devMockKetoService)
-	mockKeto.On("CheckPermission", mock.Anything, "User:user-1", "RelyingParty", "client-allowed", "view_audit_logs").Return(true, nil)
-	mockKeto.On("CheckPermission", mock.Anything, "User:user-1", "RelyingParty", "client-denied", "view_audit_logs").Return(false, nil)
+	mockKeto.On("CheckPermission", mock.Anything, "User:user-1", "RelyingParty", "client-allowed", "audit_viewer").Return(true, nil)
+	mockKeto.On("CheckPermission", mock.Anything, "User:user-1", "RelyingParty", "client-denied", "audit_viewer").Return(false, nil)
 
 	h := &DevHandler{
 		Hydra: &service.HydraAdminService{
@@ -1654,8 +1661,9 @@ func TestListAuditLogs_UserAllowedByRPAuditPermission(t *testing.T) {
 
 	var result devAuditListResponse
 	_ = json.NewDecoder(resp.Body).Decode(&result)
-	if assert.Len(t, result.Items, 1) {
+	if assert.Len(t, result.Items, 2) {
 		assert.Equal(t, "evt-allowed", result.Items[0].EventID)
+		assert.Equal(t, "evt-allowed-path", result.Items[1].EventID)
 	}
 	mockKeto.AssertExpectations(t)
 }