chore: snapshot local state before dev merge

2026-06-17 21:25:42 +09:00
parent b2808759d2
commit 49560e8a8c
107 changed files with 8958 additions and 939 deletions
--- a/adminfront/tests/users.spec.ts
+++ b/adminfront/tests/users.spec.ts
@@ -754,7 +754,7 @@ test.describe("User Management", () => {
    expect(exportUrl).toContain("includeIds=false");
  });

-  test("should show contact info in one row, hide roles, and change user status", async ({
+  test("should hide role controls from the users table and change user status", async ({
    page,
  }) => {
    let updatePayload: Record<string, unknown> | undefined;
@@ -781,13 +781,311 @@ test.describe("User Management", () => {
    const table = page.locator("table");
    await expect(
      table.getByRole("columnheader", { name: /ROLE|역할/i }),
-    ).toBeVisible();
+    ).toHaveCount(0);

    await page.getByTestId("user-status-select-u-1").click();
    await page.getByRole("option", { name: /입사대기|Preboarding/ }).click();
    await expect
      .poll(() => updatePayload)
      .toMatchObject({ status: "preboarding" });
+
+    await table.locator('input[name="user-list-select-u-1"]').check();
+    await expect(page.getByTestId("bulk-permission-select")).toHaveCount(0);
+  });
+
+  test("should keep system role assignment out of the permissions screen", async ({
+    page,
+  }) => {
+    let bulkPayload: Record<string, unknown> | undefined;
+
+    await page.route(/\/admin\/system\/relations$/, async (route) => {
+      if (route.request().method() !== "GET") {
+        return route.fallback();
+      }
+      return route.fulfill({
+        json: {
+          items: [
+            {
+              userId: "u-1",
+              name: "John Doe",
+              email: "john@test.com",
+              relations: ["overview_viewers"],
+            },
+          ],
+        },
+      });
+    });
+
+    await page.route(/\/admin\/users\/bulk$/, async (route) => {
+      if (route.request().method() !== "PUT") {
+        return route.fallback();
+      }
+      bulkPayload = route.request().postDataJSON();
+      return route.fulfill({
+        json: { results: [{ userId: "u-1", success: true }] },
+      });
+    });
+
+    await page.goto("/permissions-direct");
+    await expect(
+      page.getByTestId("permission-assignment-row-u-1-overview_viewers"),
+    ).toBeVisible();
+    await expect(
+      page.getByTestId("permissions-direct-super-admin-select"),
+    ).toHaveCount(0);
+    expect(bulkPayload).toBeUndefined();
+  });
+
+  test("should support bulk page and target action grants while keeping permissions direct protected", async ({
+    page,
+  }) => {
+    const relationWrites: Array<Record<string, unknown>> = [];
+    const relationDeletes: Array<Record<string, unknown>> = [];
+
+    await page.route(/\/admin\/system\/relations$/, async (route) => {
+      const method = route.request().method();
+      if (method === "GET") {
+        return route.fulfill({
+          json: {
+            items: [
+              {
+                userId: "u-1",
+                name: "John Doe",
+                email: "john@test.com",
+                relations: ["overview_viewers"],
+              },
+              {
+                userId: "u-2",
+                name: "Jane Manager",
+                email: "jane@test.com",
+                relations: [],
+              },
+            ],
+          },
+        });
+      }
+      if (method === "POST") {
+        relationWrites.push(route.request().postDataJSON());
+        return route.fulfill({ json: { success: true } });
+      }
+      if (method === "DELETE") {
+        relationDeletes.push(route.request().postDataJSON());
+        return route.fulfill({ json: { success: true } });
+      }
+      return route.fallback();
+    });
+    await page.route(/\/admin\/tenants\/t-1\/relations$/, async (route) => {
+      const method = route.request().method();
+      if (method === "GET") {
+        return route.fulfill({
+          json: {
+            items: [
+              {
+                userId: "u-1",
+                name: "John Doe",
+                email: "john@test.com",
+                relations: ["profile_viewers"],
+              },
+            ],
+          },
+        });
+      }
+      if (method === "POST") {
+        relationWrites.push(route.request().postDataJSON());
+        return route.fulfill({ json: { success: true } });
+      }
+      if (method === "DELETE") {
+        relationDeletes.push(route.request().postDataJSON());
+        return route.fulfill({ json: { success: true } });
+      }
+      return route.fallback();
+    });
+
+    await page.goto("/permissions-direct");
+
+    await expect(page.getByRole("tab", { name: /상세 권한/ })).toBeVisible();
+    await expect(
+      page.getByRole("option", { name: /권한 부여.*수정/ }),
+    ).toHaveCount(0);
+    await expect(page.getByTestId("permission-target-org-picker-frame")).toBeVisible();
+    await expect(page.getByTestId("permission-target-org-picker-frame")).toHaveAttribute(
+      "src",
+      /rootTenantId%3Dall|rootTenantId=all/,
+    );
+    const pickerBox = await page
+      .getByTestId("permission-target-org-picker-frame")
+      .boundingBox();
+    const queueBox = await page.getByTestId("permission-target-queue").boundingBox();
+    expect(pickerBox?.x ?? Number.POSITIVE_INFINITY).toBeLessThan(
+      queueBox?.x ?? Number.NEGATIVE_INFINITY,
+    );
+
+    await page.getByTestId("bulk-relation-mode").selectOption("target-action");
+    await expect(
+      page.getByTestId("bulk-relation-operation"),
+    ).toHaveCount(0);
+    await page.getByTestId("permission-action-tenant-picker-open").click();
+    await page.getByTestId("permission-action-tenant-search").fill("Test");
+    await page.getByTestId("permission-action-tenant-result-t-1").click();
+    await expect(page.getByTestId("bulk-relation-target-tenant")).toHaveValue(
+      "t-1",
+    );
+    await expect(
+      page.getByTestId("permission-target-tenant-scope"),
+    ).toHaveCount(0);
+    await expect(
+      page.getByTestId("permission-target-org-picker-frame"),
+    ).not.toHaveAttribute("src", /tenantId%3Dt-1|tenantId=t-1/);
+    await page.evaluate(() => {
+      window.postMessage(
+        {
+          type: "orgfront:picker:confirm",
+          payload: {
+            selections: [
+              {
+                type: "user",
+                id: "u-2",
+                name: "Jane Manager",
+                email: "jane@test.com",
+                rootTenantName: "한맥가족",
+                leafTenantName: "기술기획",
+              },
+              {
+                type: "user",
+                id: "u-3",
+                name: "Org Picked User",
+                email: "picked@test.com",
+                rootTenantName: "Commercial",
+                leafTenantName: "디자인팀",
+              },
+            ],
+          },
+        },
+        "*",
+      );
+    });
+    await expect(page.getByTestId("permission-target-queue")).toContainText(
+      "Jane Manager",
+    );
+    await expect(page.getByTestId("permission-target-queue")).toContainText(
+      "Org Picked User",
+    );
+    await expect(page.getByTestId("permission-target-queue")).toContainText(
+      "한맥가족 / 기술기획",
+    );
+
+    await page.getByTestId("bulk-relation-target").selectOption("profile");
+    await page.getByTestId("bulk-relation-action").selectOption("manage");
+    await page
+      .getByRole("button", { name: /선택 사용자에게 권한 부여/ })
+      .click();
+
+    await expect.poll(() => relationWrites).toContainEqual(
+      { userId: "u-2", relation: "tenants_managers" },
+    );
+    await expect.poll(() => relationWrites).toContainEqual(
+      { userId: "u-2", relation: "profile_managers" },
+    );
+    await expect.poll(() => relationWrites).toContainEqual(
+      { userId: "u-3", relation: "profile_managers" },
+    );
+
+    await page.getByTestId("permission-assignment-search").fill("John");
+    await expect(page.getByTestId("permission-assignment-row-u-1-profile_viewers")).toBeVisible();
+    await expect(
+      page.getByTestId("permission-assignment-row-u-2-profile_managers"),
+    ).toHaveCount(0);
+    await page.getByTestId("permission-assignment-search").fill("");
+    await page.getByTestId("permission-assignment-sort").selectOption("relation");
+    await page
+      .getByTestId("permission-assignment-level-u-1-profile_viewers")
+      .selectOption("write");
+    await expect.poll(() => relationWrites).toContainEqual({
+      userId: "u-1",
+      relation: "profile_managers",
+    });
+    await page
+      .getByTestId("permission-assignment-remove-u-1-profile_viewers")
+      .click();
+    await expect.poll(() => relationDeletes).toContainEqual({
+      userId: "u-1",
+      relation: "profile_viewers",
+    });
+  });
+
+  test("should grant super admin role from the last tab only for super admins", async ({
+    page,
+  }) => {
+    let bulkPayload: Record<string, unknown> | undefined;
+
+    await page.route(/\/admin\/system\/relations$/, async (route) => {
+      if (route.request().method() !== "GET") {
+        return route.fallback();
+      }
+      return route.fulfill({
+        json: {
+          items: [
+            {
+              userId: "u-1",
+              name: "John Doe",
+              email: "john@test.com",
+              relations: ["overview_viewers"],
+            },
+          ],
+        },
+      });
+    });
+
+    await page.route(/\/admin\/users\/bulk$/, async (route) => {
+      if (route.request().method() !== "PUT") {
+        return route.fallback();
+      }
+      bulkPayload = route.request().postDataJSON();
+      return route.fulfill({
+        json: { results: [{ userId: "u-1", success: true }] },
+      });
+    });
+
+    await page.goto("/permissions-direct");
+    const tabs = page.getByRole("tab");
+    await expect(tabs.last()).toHaveText(/Super Admin 역할/);
+    await tabs.last().click();
+
+    await page.getByTestId("super-admin-role-user-u-1").check();
+    await page.getByRole("button", { name: /Super Admin 부여/ }).click();
+
+    await expect.poll(() => bulkPayload).toEqual({
+      userIds: ["u-1"],
+      role: "super_admin",
+    });
+  });
+
+  test("should hide the super admin role tab from non super admins", async ({
+    page,
+  }) => {
+    await page.route(/\/user\/me$/, async (route) => {
+      if (route.request().method() !== "GET") {
+        return route.fallback();
+      }
+      return route.fulfill({
+        json: {
+          id: "operator-user",
+          name: "Operator",
+          email: "operator@test.com",
+          role: "user",
+          manageableTenants: [],
+        },
+      });
+    });
+
+    await page.goto("/permissions-direct");
+
+    await expect(
+      page.getByRole("tab", { name: /Super Admin 역할/ }),
+    ).toHaveCount(0);
+    await expect(
+      page.getByText(/이 작업을 수행할 권한이 없습니다/),
+    ).toBeVisible();
  });

  test("should center users table loading state and use compact headers", async ({
@@ -1222,8 +1520,17 @@ test.describe("User Management", () => {
    await page.goto("/users/u-1");

    await expect(
-      page.getByRole("tab", { name: /한맥가족 구성원/i }),
+      page.getByRole("tab", { name: /^한맥가족$/i }),
    ).toHaveAttribute("data-state", "active");
+    await expect(
+      page.getByRole("tab", { name: /외부 기업 회원/i }),
+    ).toHaveCount(0);
+    await expect(
+      page.getByRole("tab", { name: /^Commercial$/i }),
+    ).toBeVisible();
+    await expect(page.getByRole("tab", { name: /^공공기관$/i })).toBeVisible();
+    await expect(page.getByRole("tab", { name: /^교육기관$/i })).toBeVisible();
+    await expect(page.getByRole("tab", { name: /^개인$/i })).toBeVisible();
    await expect(page.getByLabel(/한맥 가족 구성원으로 등록/i)).toHaveCount(0);
    await expect(page.getByTestId("detail-appointment-row-0")).toBeVisible();
    await expect(