Merge origin/dev into dev

2026-06-15 20:05:47 +09:00
parent 4d468cd39f 50ce44c236
commit 202c783920
67 changed files with 6933 additions and 3919 deletions
--- a/adminfront/src/lib/adminApi.ts
+++ b/adminfront/src/lib/adminApi.ts
@@ -33,6 +33,19 @@ export type TenantSummary = {
  config?: Record<string, unknown>;
  memberCount: number; // 해당 테넌트 직접 소속 인원
  totalMemberCount?: number; // 하위 테넌트 포함 전체 인원
+  userPermissions?: {
+    view: boolean;
+    manage: boolean;
+    manage_admins: boolean;
+    view_profile?: boolean;
+    manage_profile?: boolean;
+    view_permissions?: boolean;
+    manage_permissions?: boolean;
+    view_organization?: boolean;
+    manage_organization?: boolean;
+    view_schema?: boolean;
+    manage_schema?: boolean;
+  };
  createdAt: string;
  updatedAt: string;
 };
@@ -469,6 +482,61 @@ export async function removeTenantOwner(tenantId: string, userId: string) {
  await apiClient.delete(`/v1/admin/tenants/${tenantId}/owners/${userId}`);
 }

+export type TenantRelation = {
+  userId: string;
+  name: string;
+  email: string;
+  relations: string[];
+};
+
+export async function fetchTenantRelations(tenantId: string) {
+  const { data } = await apiClient.get<{ items: TenantRelation[] }>(
+    `/v1/admin/tenants/${tenantId}/relations`,
+  );
+  return data.items;
+}
+
+export async function addTenantRelation(
+  tenantId: string,
+  userId: string,
+  relation: string,
+) {
+  await apiClient.post(`/v1/admin/tenants/${tenantId}/relations`, {
+    userId,
+    relation,
+  });
+}
+
+export async function removeTenantRelation(
+  tenantId: string,
+  userId: string,
+  relation: string,
+) {
+  await apiClient.delete(`/v1/admin/tenants/${tenantId}/relations`, {
+    data: { userId, relation },
+  });
+}
+
+export async function fetchSystemRelations() {
+  const { data } = await apiClient.get<{ items: TenantRelation[] }>(
+    `/v1/admin/system/relations`,
+  );
+  return data.items;
+}
+
+export async function addSystemRelation(userId: string, relation: string) {
+  await apiClient.post(`/v1/admin/system/relations`, {
+    userId,
+    relation,
+  });
+}
+
+export async function removeSystemRelation(userId: string, relation: string) {
+  await apiClient.delete(`/v1/admin/system/relations`, {
+    data: { userId, relation },
+  });
+}
+
 // Group Management
 export type GroupMember = {
  id: string;
@@ -1192,6 +1260,32 @@ export async function fetchUserRpHistory(userId: string) {
  return data;
 }

+export type SystemPermissions = {
+  overview: boolean;
+  tenants: boolean;
+  org_chart: boolean;
+  worksmobile: boolean;
+  ory_ssot: boolean;
+  data_integrity: boolean;
+  users: boolean;
+  permissions_direct: boolean;
+  auth_guard: boolean;
+  api_keys: boolean;
+  audit_logs: boolean;
+
+  manage_overview?: boolean;
+  manage_tenants?: boolean;
+  manage_org_chart?: boolean;
+  manage_worksmobile?: boolean;
+  manage_ory_ssot?: boolean;
+  manage_data_integrity?: boolean;
+  manage_users?: boolean;
+  manage_permissions_direct?: boolean;
+  manage_auth_guard?: boolean;
+  manage_api_keys?: boolean;
+  manage_audit_logs?: boolean;
+};
+
 export type UserProfileResponse = {
  id: string;
  email: string;
@@ -1205,6 +1299,7 @@ export type UserProfileResponse = {
  metadata?: Record<string, unknown>;
  tenant?: TenantSummary;
  manageableTenants?: TenantSummary[];
+  systemPermissions?: SystemPermissions;
 };

 export async function fetchMe() {