adminfront: UserCreatePage 및 UserDetailPage에 세부 기능 권한(users / manage_users) 연동 적용하여 접근 제한 버그 해결

2026-06-12 19:50:45 +09:00
parent aca13c01a7
commit 4d5b010cbc
2 changed files with 22 additions and 18 deletions
--- a/adminfront/src/features/users/UserCreatePage.tsx
+++ b/adminfront/src/features/users/UserCreatePage.tsx
@@ -158,7 +158,7 @@ function UserCreatePage() {
    queryFn: fetchMe,
  });
  const profileRole = normalizeAdminRole(profile?.role);
-  const canManageUsers = canManageTenantScopedUsers(profile);
+  const canManageUsers = canManageTenantScopedUsers(profile) || !!profile?.systemPermissions?.manage_users;

  const {
    register,
--- a/adminfront/src/features/users/UserDetailPage.tsx
+++ b/adminfront/src/features/users/UserDetailPage.tsx
@@ -578,6 +578,8 @@ function UserDetailPage() {
  const isAdmin = profileRole === "super_admin";
  const isSelf = Boolean(profile?.id && user?.id && profile.id === user.id);
  const canManageCurrentUser = canManageUserInTenantScope({ profile, user });
+  const isWritable = isAdmin || isSelf || canManageCurrentUser || !!profile?.systemPermissions?.manage_users;
+  const canViewUser = isAdmin || isSelf || canManageCurrentUser || !!profile?.systemPermissions?.users || !!profile?.systemPermissions?.manage_users;
  const watchedStatus = watch("status");

  const [newSubEmail, setNewSubEmail] = React.useState("");
@@ -1138,7 +1140,7 @@ function UserDetailPage() {
    );
  }

-  if (!isAdmin && !isSelf && !canManageCurrentUser) {
+  if (profile && !canViewUser) {
    return (
      <div className="flex h-[50vh] flex-col items-center justify-center space-y-4">
        <ShieldAlert size={48} className="text-destructive" />
@@ -1847,22 +1849,24 @@ function UserDetailPage() {
              </CardContent>
            </Card>

-            <div className="flex justify-end pt-4">
-              <Button
-                type="submit"
-                disabled={mutation.isPending}
-                className="px-12 h-12 rounded-xl shadow-lg transition-all hover:scale-105"
-              >
-                {mutation.isPending ? (
-                  <Loader2 className="mr-2 h-5 w-5 animate-spin" />
-                ) : (
-                  <Save className="mr-2 h-5 w-5" />
-                )}
-                <span className="text-base font-bold">
-                  {t("ui.admin.users.detail.save", "저장하기")}
-                </span>
-              </Button>
-            </div>
+            {isWritable && (
+              <div className="flex justify-end pt-4">
+                <Button
+                  type="submit"
+                  disabled={mutation.isPending}
+                  className="px-12 h-12 rounded-xl shadow-lg transition-all hover:scale-105"
+                >
+                  {mutation.isPending ? (
+                    <Loader2 className="mr-2 h-5 w-5 animate-spin" />
+                  ) : (
+                    <Save className="mr-2 h-5 w-5" />
+                  )}
+                  <span className="text-base font-bold">
+                    {t("ui.admin.users.detail.save", "저장하기")}
+                  </span>
+                </Button>
+              </div>
+            )}
          </TabsContent>

          <TabsContent