feat: add schema tab access control and user password generator

adminfront/src/features/tenants/routes/TenantDetailPage.tsx

@@ -2,7 +2,7 @@ import { useQuery } from "@tanstack/react-query";
 import { ArrowLeft } from "lucide-react";
 import { Link, Outlet, useLocation, useParams } from "react-router-dom";
 import { Badge } from "../../../components/ui/badge";
-import { fetchTenant } from "../../../lib/adminApi";
+import { fetchMe, fetchTenant } from "../../../lib/adminApi";
 import { t } from "../../../lib/i18n";
 
 function TenantDetailPage() {
@@ -16,6 +16,14 @@ function TenantDetailPage() {
     enabled: tenantId.length > 0,
   });
 
+  const { data: profile } = useQuery({
+    queryKey: ["me"],
+    queryFn: fetchMe,
+  });
+
+  const canAccessSchema =
+    profile?.role === "super_admin" || profile?.role === "tenant_admin";
+
   const isFederationTab = location.pathname.includes("/federation");
   const isPermissionsTab = location.pathname.includes("/permissions");
   const isOrganizationTab = location.pathname.includes("/organization");
@@ -98,16 +106,18 @@ function TenantDetailPage() {
         >
           {t("ui.admin.tenants.detail.tab_organization", "조직 관리")}
         </Link>
-        <Link
-          to={`/tenants/${tenantId}/schema`}
-          className={`px-6 py-3 text-sm font-medium transition-colors relative ${
-            location.pathname.includes("/schema")
-              ? "text-primary border-b-2 border-primary"
-              : "text-muted-foreground hover:text-foreground"
-          }`}
-        >
-          {t("ui.admin.tenants.detail.tab_schema", "사용자 스키마")}
-        </Link>
+        {canAccessSchema && (
+          <Link
+            to={`/tenants/${tenantId}/schema`}
+            className={`px-6 py-3 text-sm font-medium transition-colors relative ${
+              location.pathname.includes("/schema")
+                ? "text-primary border-b-2 border-primary"
+                : "text-muted-foreground hover:text-foreground"
+            }`}
+          >
+            {t("ui.admin.tenants.detail.tab_schema", "사용자 스키마")}
+          </Link>
+        )}
       </div>
 
       {/* Outlet for nested routes */}

adminfront/src/features/tenants/routes/TenantSchemaPage.tsx

@@ -14,7 +14,7 @@ import {
 } from "../../../components/ui/card";
 import { Input } from "../../../components/ui/input";
 import { Label } from "../../../components/ui/label";
-import { fetchTenant, updateTenant } from "../../../lib/adminApi";
+import { fetchMe, fetchTenant, updateTenant } from "../../../lib/adminApi";
 import { t } from "../../../lib/i18n";
 
 type SchemaFieldType = "text" | "number" | "boolean" | "date";
@@ -40,6 +40,38 @@ export function TenantSchemaPage() {
   const { tenantId } = useParams<{ tenantId: string }>();
   const queryClient = useQueryClient();
 
+  const { data: profile, isLoading: isProfileLoading } = useQuery({
+    queryKey: ["me"],
+    queryFn: fetchMe,
+  });
+
+  const canAccess =
+    profile?.role === "super_admin" || profile?.role === "tenant_admin";
+
+  if (isProfileLoading) {
+    return (
+      <div className="p-8 text-center animate-pulse text-muted-foreground">
+        {t("msg.common.loading", "로딩 중...")}
+      </div>
+    );
+  }
+
+  if (!canAccess) {
+    return (
+      <div className="p-12 text-center space-y-4 bg-destructive/5 rounded-2xl border border-destructive/20 mt-6">
+        <h3 className="text-xl font-bold text-destructive">
+          {t("msg.common.forbidden", "접근 권한이 없습니다.")}
+        </h3>
+        <p className="text-muted-foreground">
+          {t(
+            "msg.admin.tenants.schema.forbidden_desc",
+            "사용자 스키마 설정은 관리자만 접근할 수 있습니다.",
+          )}
+        </p>
+      </div>
+    );
+  }
+
   if (!tenantId) {
     return (
       <div className="p-8 text-center text-muted-foreground">