kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

fix(backend): allow role mocking via query parameter for CSV export downloads

Browse Source
This commit is contained in:
조찬영
2026-03-04 15:59:00 +09:00
parent 9720b77898
commit 5649ba2a76
1 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
backend/internal/handler/user_handler.go
View File

@@ -548,7 +548,22 @@ func (h *UserHandler) ExportUsersCSV(c *fiber.Ctx) error {
var requesterRole string var requesterRole string
var manageableSlugs []string var manageableSlugs []string
if profile, ok := c.Locals("user_profile").(*domain.UserProfileResponse); ok {
profile, _ := c.Locals("user_profile").(*domain.UserProfileResponse)
// [New] Support Role Mocking for Download (which doesn't have custom headers)
if profile == nil {
appEnv := strings.ToLower(os.Getenv("APP_ENV"))
isDev := appEnv == "dev" || appEnv == "development" || appEnv == ""
mockRole := c.Query("x-test-role")
if isDev && mockRole != "" {
slog.Info("🔑 [AUTH] Using mock role from query for export", "role", mockRole)
requesterRole = mockRole
// For tenant_admin, we might need more data, but let's assume super_admin for full export in dev
} else {
return errorJSON(c, fiber.StatusUnauthorized, "invalid session (trace:export_profile)")
}
} else {
requesterRole = profile.Role requesterRole = profile.Role
if requesterRole == domain.RoleTenantAdmin { if requesterRole == domain.RoleTenantAdmin {
for _, t := range profile.ManageableTenants { for _, t := range profile.ManageableTenants {