kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

feat: enforce tenant isolation for audit logs and enhance user list filtering for multi-tenant admins

Browse Source
This commit is contained in:
조찬영
2026-03-04 14:12:39 +09:00
parent 9da97554ce
commit 39b41a4c42
7 changed files with 78 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
backend/internal/handler/user_handler.go
View File

@@ -70,10 +70,8 @@ type userListResponse struct {
func (h *UserHandler) ListUsers(c *fiber.Ctx) error {
// [New] Get requester profile from middleware
var requesterRole string
var requesterCompany string
if profile, ok := c.Locals("user_profile").(*domain.UserProfileResponse); ok {
requesterRole = profile.Role
requesterCompany = profile.CompanyCode
}
limit := c.QueryInt("limit", 50)
@@ -88,6 +86,21 @@ func (h *UserHandler) ListUsers(c *fiber.Ctx) error {
offset = 0
}
// [New] Manageable Tenants Map for efficient lookup
manageableSlugs := make(map[string]bool)
if requesterRole == domain.RoleTenantAdmin {
profile, _ := c.Locals("user_profile").(*domain.UserProfileResponse)
if profile != nil {
for _, t := range profile.ManageableTenants {
manageableSlugs[strings.ToLower(t.Slug)] = true
}
// Include primary tenant slug if not already there
if profile.CompanyCode != "" {
manageableSlugs[strings.ToLower(profile.CompanyCode)] = true
}
}
}
// 1. Try Kratos First
identities, err := h.KratosAdmin.ListIdentities(c.Context())
if err == nil {
@@ -97,11 +110,11 @@ func (h *UserHandler) ListUsers(c *fiber.Ctx) error {
for _, identity := range identities {
email := strings.ToLower(extractTraitString(identity.Traits, "email"))
name := strings.ToLower(extractTraitString(identity.Traits, "name"))
compCode := extractTraitString(identity.Traits, "companyCode")
compCode := strings.ToLower(extractTraitString(identity.Traits, "companyCode"))
// Tenant Admin filtering
if requesterRole == domain.RoleTenantAdmin {
if requesterCompany == "" || !strings.EqualFold(compCode, requesterCompany) {
if !manageableSlugs[compCode] {
continue
}
}