custom claim 권한체크 확인

2026-06-11 08:29:25 +09:00
parent 839ca9d407
commit 4d77060b5d
79 changed files with 4268 additions and 670 deletions
--- a/orgfront/tests/orgchart-picker.spec.ts
+++ b/orgfront/tests/orgchart-picker.spec.ts
@@ -178,6 +178,10 @@ async function installOrgPickerApiMock(
    }),
    user("user-sales", "Sales User", "sales"),
  ];
+  const orgChartSnapshot = {
+    tenants,
+    users,
+  };

  await page.route("**/api/v1/admin/tenants**", async (route) => {
    await route.fulfill({
@@ -202,6 +206,20 @@ async function installOrgPickerApiMock(
      }),
    });
  });
+
+  await page.route("**/api/v1/admin/orgchart/snapshot**", async (route) => {
+    await route.fulfill({
+      contentType: "application/json",
+      body: JSON.stringify(orgChartSnapshot),
+    });
+  });
+
+  await page.route("**/api/v1/public/orgchart**", async (route) => {
+    await route.fulfill({
+      contentType: "application/json",
+      body: JSON.stringify({ ...orgChartSnapshot, sharedWith: "playwright" }),
+    });
+  });
 }

 test.beforeEach(async ({ page }) => {
@@ -294,6 +312,18 @@ test("picker defaults to the hanmac-family company-group when no tenant id is su
      }),
    });
  });
+  await page.route("**/api/v1/admin/orgchart/snapshot**", async (route) => {
+    await route.fulfill({
+      contentType: "application/json",
+      body: JSON.stringify({ tenants, users: [] }),
+    });
+  });
+  await page.route("**/api/v1/public/orgchart**", async (route) => {
+    await route.fulfill({
+      contentType: "application/json",
+      body: JSON.stringify({ tenants, users: [], sharedWith: "playwright" }),
+    });
+  });

  await page.goto(withShareToken("/picker"));

@@ -351,6 +381,18 @@ test("embed preview picker orders hanmac-family tenants by the shared policy", a
      }),
    });
  });
+  await page.route("**/api/v1/admin/orgchart/snapshot**", async (route) => {
+    await route.fulfill({
+      contentType: "application/json",
+      body: JSON.stringify({ tenants, users: [] }),
+    });
+  });
+  await page.route("**/api/v1/public/orgchart**", async (route) => {
+    await route.fulfill({
+      contentType: "application/json",
+      body: JSON.stringify({ tenants, users: [], sharedWith: "playwright" }),
+    });
+  });

  await page.goto(withShareToken("/embed-preview?select=tenant"));

@@ -644,6 +686,25 @@ test("embed picker posts a single user selection with type, id, and name", async
  await expect(output).not.toContainText("tenantId");
 });

+test("embed picker lets user-only multi selection check tenants but posts descendant users only", async ({
+  page,
+}) => {
+  await page.goto(withShareToken("/embed-preview?mode=multiple&select=user"));
+
+  const picker = page.frameLocator("iframe");
+  await picker.getByLabel("Engineering 선택", { exact: true }).check();
+  await expect(
+    picker.getByLabel("Platform User 책임 선택", { exact: true }),
+  ).toBeChecked();
+  await picker.getByRole("button", { name: "선택 완료" }).click();
+
+  const output = page.getByTestId("embed-preview-output");
+  await expect(output).toContainText('"id": "user-eng"');
+  await expect(output).toContainText('"id": "user-platform"');
+  await expect(output).not.toContainText('"id": "dept-eng"');
+  await expect(output).not.toContainText('"id": "team-platform"');
+});
+
 test("embed picker single selection counts only the selected node without descendants", async ({
  page,
 }) => {