From 6e610c553f33468caa43246523db07aeaee71f57 Mon Sep 17 00:00:00 2001 From: chan Date: Fri, 29 May 2026 10:39:24 +0900 Subject: [PATCH] =?UTF-8?q?feat:=20=EC=82=AC=EC=9A=A9=EC=9E=90=20=EB=B2=8C?= =?UTF-8?q?=ED=81=AC=20CSV=20=EB=93=B1=EB=A1=9D=20=EC=8B=9C=20=EB=B3=B4?= =?UTF-8?q?=EC=A1=B0=20=EC=9D=B4=EB=A9=94=EC=9D=BC=20=EC=A7=80=EC=9B=90=20?= =?UTF-8?q?(#917)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - `adminfront` CSV 템플릿 헤더에 `secondary_emails` 추가 및 예시 반영 - `adminfront` CSV 파서(`csvParser.ts`)에서 `secondary_emails` 추출 로직 보강 - `backend` 에서 `BulkCreateUsers`, `UpdateUser` 실행 시 보조 이메일을 포함한 모든 이메일에 대해 식별자 유효성(ValidateLoginID) 검사 수행 - `domain.ValidateLoginID`의 파라미터를 복수 이메일 처리를 위해 `[]string`으로 변경 - Playwright E2E 테스트 `users_bulk_secondary.spec.ts` 신규 작성 및 테스트 패스 확인 --- .../users/components/UserBulkUploadModal.tsx | 4 +- .../src/features/users/utils/csvParser.ts | 2 - adminfront/tests/users_bulk_secondary.spec.ts | 95 +++++++++++++++++++ backend/internal/domain/user.go | 8 +- backend/internal/domain/user_validate_test.go | 35 +++---- backend/internal/handler/auth_handler.go | 6 +- backend/internal/handler/user_handler.go | 34 ++++++- 7 files changed, 154 insertions(+), 30 deletions(-) create mode 100644 adminfront/tests/users_bulk_secondary.spec.ts diff --git a/adminfront/src/features/users/components/UserBulkUploadModal.tsx b/adminfront/src/features/users/components/UserBulkUploadModal.tsx index a4bf3adb..45506a10 100644 --- a/adminfront/src/features/users/components/UserBulkUploadModal.tsx +++ b/adminfront/src/features/users/components/UserBulkUploadModal.tsx @@ -297,9 +297,9 @@ export function UserBulkUploadModal({ const downloadTemplate = () => { const headers = - "email,name,phone,role,tenant_slug,department,grade,position,jobTitle,employee_id,tenant_slug1,department1,grade1,position1,jobTitle1,employee_id1"; + "email,secondary_emails,name,phone,role,tenant_slug,department,grade,position,jobTitle,employee_id,tenant_slug1,department1,grade1,position1,jobTitle1,employee_id1"; const example = - "user1@example.com,홍길동,010-1234-5678,user,tenant-slug,개발팀,수석,팀장,프론트엔드,EMP001,second-tenant,센터,책임,,Architecture,EMP002"; + "user1@example.com,sub1@test.com;sub2@test.com,홍길동,010-1234-5678,user,tenant-slug,개발팀,수석,팀장,프론트엔드,EMP001,second-tenant,센터,책임,,Architecture,EMP002"; const blob = new Blob([`${headers}\n${example}`], { type: "text/csv;charset=utf-8;", }); diff --git a/adminfront/src/features/users/utils/csvParser.ts b/adminfront/src/features/users/utils/csvParser.ts index a20975f4..ca8e65e5 100644 --- a/adminfront/src/features/users/utils/csvParser.ts +++ b/adminfront/src/features/users/utils/csvParser.ts @@ -350,12 +350,10 @@ function applySecondaryEmailMetadata( value: string, ) { const emails = splitEmailTokens(value); - item.metadata.sub_email = value; item.metadata.secondary_emails = uniqueEmails([ ...metadataEmailList(item.metadata.secondary_emails), ...emails, ]); - addWorksmobileAliasEmails(item, emails); } function splitOrganizationPath(value: string) { diff --git a/adminfront/tests/users_bulk_secondary.spec.ts b/adminfront/tests/users_bulk_secondary.spec.ts new file mode 100644 index 00000000..4488bc30 --- /dev/null +++ b/adminfront/tests/users_bulk_secondary.spec.ts @@ -0,0 +1,95 @@ +import { expect, test } from "@playwright/test"; + +test.describe("Users Bulk Upload Secondary Emails", () => { + test.beforeEach(async ({ page }) => { + await page.addInitScript(() => { + window.localStorage.setItem("locale", "ko"); + window.localStorage.setItem("admin_session", "fake-token"); + (window as Window & typeof globalThis & { _IS_TEST_MODE?: boolean })._IS_TEST_MODE = true; + + const authData = { + access_token: "fake-token", + token_type: "Bearer", + profile: { sub: "admin-user", name: "Admin", role: "super_admin" }, + expires_at: Math.floor(Date.now() / 1000) + 36000, + }; + window.localStorage.setItem("oidc.user:http://localhost:5000/oidc:adminfront", JSON.stringify(authData)); + }); + + await page.route("**/api/v1/user/me", async (route) => { + return route.fulfill({ + json: { id: "admin-user", name: "Admin", role: "super_admin", manageableTenants: [] }, + headers: { "Access-Control-Allow-Origin": "*" }, + }); + }); + + await page.route("**/api/v1/admin/tenants*", async (route) => { + return route.fulfill({ + json: { items: [], total: 0, limit: 100, offset: 0 }, + headers: { "Access-Control-Allow-Origin": "*" }, + }); + }); + + await page.route("**/api/v1/admin/users*", async (route) => { + if(route.request().url().includes("/bulk")) { + return route.continue(); + } + return route.fulfill({ + json: { items: [], total: 0, limit: 50, offset: 0 }, + headers: { "Access-Control-Allow-Origin": "*" }, + }); + }); + + await page.route("**/oidc/**", async (route) => { + await route.fulfill({ json: { issuer: "http://localhost:5000/oidc" } }); + }); + }); + + test("should parse secondary_emails and send to backend", async ({ page }) => { + let bulkPayload: any = null; + + await page.route("**/api/v1/admin/users/bulk", async (route) => { + if (route.request().method() === "POST") { + bulkPayload = route.request().postDataJSON(); + return route.fulfill({ + json: { results: [{ email: "test@example.com", success: true, userId: "u-1" }] }, + headers: { "Access-Control-Allow-Origin": "*" }, + }); + } + return route.continue(); + }); + + await page.goto("/users"); + await expect(page.getByTestId("page-title")).toContainText(/사용자|Users/i, { timeout: 20000 }); + + await page.getByTestId("user-data-mgmt-btn").click(); + await page.getByRole("menuitem", { name: /일괄 임포트|일괄 등록|Bulk Import/i }).click(); + + // Create a mock CSV with secondary_emails + const csvContent = `email,secondary_emails,name,phone,role,tenant_slug\ntest@example.com,sub1@test.com;sub2@test.com,홍길동,010-1234-5678,user,tenant-slug`; + + const fileChooserPromise = page.waitForEvent('filechooser'); + await page.getByText(/파일 선택|Change file|Select file/i).click(); + const fileChooser = await fileChooserPromise; + + await fileChooser.setFiles({ + name: 'users_with_secondary.csv', + mimeType: 'text/csv', + buffer: Buffer.from(csvContent), + }); + + await expect(page.getByText(/파싱 중/)).not.toBeVisible(); + await expect(page.getByTestId("bulk-start-btn")).toBeEnabled(); + + await page.getByTestId("bulk-start-btn").click(); + + await expect(page.getByText(/성공|Success/i)).toBeVisible(); + + expect(bulkPayload).not.toBeNull(); + expect(bulkPayload.users).toHaveLength(1); + + // The most important check - does it parse to the metadata + expect(bulkPayload.users[0].metadata.secondary_emails).toContain("sub1@test.com"); + expect(bulkPayload.users[0].metadata.secondary_emails).toContain("sub2@test.com"); + }); +}); \ No newline at end of file diff --git a/backend/internal/domain/user.go b/backend/internal/domain/user.go index 9195a3a5..83a7eb63 100644 --- a/backend/internal/domain/user.go +++ b/backend/internal/domain/user.go @@ -156,7 +156,7 @@ func (u *User) BeforeCreate(tx *gorm.DB) (err error) { } // ValidateLoginID checks if the loginID violates any collision, length, or security rules. -func ValidateLoginID(loginID, email, phone string) error { +func ValidateLoginID(loginID string, emails []string, phone string) error { loginID = strings.TrimSpace(loginID) if loginID == "" { return nil @@ -170,8 +170,10 @@ func ValidateLoginID(loginID, email, phone string) error { return fmt.Errorf("ID cannot be an email format") } - if email != "" && strings.EqualFold(loginID, email) { - return fmt.Errorf("ID cannot be the same as the email address") + for _, email := range emails { + if email != "" && strings.EqualFold(loginID, email) { + return fmt.Errorf("ID cannot be the same as the email address") + } } if phone != "" { diff --git a/backend/internal/domain/user_validate_test.go b/backend/internal/domain/user_validate_test.go index 9bf977d0..02117912 100644 --- a/backend/internal/domain/user_validate_test.go +++ b/backend/internal/domain/user_validate_test.go @@ -8,30 +8,31 @@ func TestValidateLoginID(t *testing.T) { tests := []struct { name string loginID string - email string + emails []string phone string wantErr bool }{ - {"Empty", "", "test@email.com", "01012345678", false}, - {"Valid alphanumeric", "user123", "test@email.com", "01012345678", false}, - {"Too short", "us", "test@email.com", "01012345678", true}, - {"Too long", "thisisaverylongloginidthatiswayoverthirtycharacters", "test@email.com", "01012345678", true}, - {"Email format", "user@domain.com", "test@email.com", "01012345678", true}, - {"Exact email match", "Test@Email.Com", "test@email.com", "01012345678", true}, - {"Phone number match", "010-1234-5678", "test@email.com", "01012345678", true}, - {"Phone number match +82", "+821012345678", "test@email.com", "01012345678", true}, - {"Phone number match digits", "01012345678", "test@email.com", "01012345678", true}, - {"Phone format (11 digits)", "01098765432", "test@email.com", "01012345678", true}, - {"Valid pure digits (employee ID)", "20230001", "test@email.com", "01012345678", false}, - {"Valid pure digits long", "123456789", "test@email.com", "01012345678", false}, - {"Valid pure digits 10 chars", "1234567890", "test@email.com", "01012345678", false}, - {"Reserved word admin", "ADMIN", "test@email.com", "01012345678", true}, - {"Reserved word root", "root", "test@email.com", "01012345678", true}, + {"Empty", "", []string{"test@email.com"}, "01012345678", false}, + {"Valid alphanumeric", "user123", []string{"test@email.com"}, "01012345678", false}, + {"Too short", "us", []string{"test@email.com"}, "01012345678", true}, + {"Too long", "thisisaverylongloginidthatiswayoverthirtycharacters", []string{"test@email.com"}, "01012345678", true}, + {"Email format", "user@domain.com", []string{"test@email.com"}, "01012345678", true}, + {"Exact email match", "Test@Email.Com", []string{"test@email.com"}, "01012345678", true}, + {"Secondary email match", "sub@test.com", []string{"test@email.com", "sub@test.com"}, "01012345678", true}, + {"Phone number match", "010-1234-5678", []string{"test@email.com"}, "01012345678", true}, + {"Phone number match +82", "+821012345678", []string{"test@email.com"}, "01012345678", true}, + {"Phone number match digits", "01012345678", []string{"test@email.com"}, "01012345678", true}, + {"Phone format (11 digits)", "01098765432", []string{"test@email.com"}, "01012345678", true}, + {"Valid pure digits (employee ID)", "20230001", []string{"test@email.com"}, "01012345678", false}, + {"Valid pure digits long", "123456789", []string{"test@email.com"}, "01012345678", false}, + {"Valid pure digits 10 chars", "1234567890", []string{"test@email.com"}, "01012345678", false}, + {"Reserved word admin", "ADMIN", []string{"test@email.com"}, "01012345678", true}, + {"Reserved word root", "root", []string{"test@email.com"}, "01012345678", true}, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - err := ValidateLoginID(tt.loginID, tt.email, tt.phone) + err := ValidateLoginID(tt.loginID, tt.emails, tt.phone) if (err != nil) != tt.wantErr { t.Errorf("ValidateLoginID() error = %v, wantErr %v", err, tt.wantErr) } diff --git a/backend/internal/handler/auth_handler.go b/backend/internal/handler/auth_handler.go index 6ae4c895..05ecfd9b 100644 --- a/backend/internal/handler/auth_handler.go +++ b/backend/internal/handler/auth_handler.go @@ -374,7 +374,7 @@ func (h *AuthHandler) CheckLoginID(c *fiber.Ctx) error { } // Basic validation via our ValidateLoginID helper (without email/phone since we just check format & collision with reserved words) - if err := domain.ValidateLoginID(req.LoginID, "", ""); err != nil { + if err := domain.ValidateLoginID(req.LoginID, []string{}, ""); err != nil { return c.JSON(fiber.Map{"available": false, "message": err.Error()}) } @@ -801,7 +801,7 @@ func (h *AuthHandler) Signup(c *fiber.Ctx) error { // Validate all collected LoginIDs if collectedIDs, ok := attributes["custom_login_ids"].([]string); ok { for _, lid := range collectedIDs { - if err := domain.ValidateLoginID(lid, req.Email, normalizedPhone); err != nil { + if err := domain.ValidateLoginID(lid, []string{req.Email}, normalizedPhone); err != nil { return errorJSON(c, fiber.StatusBadRequest, "Invalid LoginID ("+lid+"): "+err.Error()) } } @@ -7953,7 +7953,7 @@ func (h *AuthHandler) UpdateMe(c *fiber.Ctx) error { userPhone := extractTraitString(traits, "phone_number") if collectedIDs, ok := traits["custom_login_ids"].([]string); ok { for _, lid := range collectedIDs { - if err := domain.ValidateLoginID(lid, userEmail, userPhone); err != nil { + if err := domain.ValidateLoginID(lid, []string{userEmail}, userPhone); err != nil { return errorJSON(c, fiber.StatusBadRequest, "Invalid LoginID ("+lid+"): "+err.Error()) } } diff --git a/backend/internal/handler/user_handler.go b/backend/internal/handler/user_handler.go index b2cdf848..3e0b2644 100644 --- a/backend/internal/handler/user_handler.go +++ b/backend/internal/handler/user_handler.go @@ -757,7 +757,7 @@ func (h *UserHandler) CreateUser(c *fiber.Ctx) error { // Validate all collected LoginIDs if collectedIDs, ok := attributes["custom_login_ids"].([]string); ok { for _, lid := range collectedIDs { - if err := domain.ValidateLoginID(lid, email, normalizePhoneNumber(req.Phone)); err != nil { + if err := domain.ValidateLoginID(lid, []string{email}, normalizePhoneNumber(req.Phone)); err != nil { return errorJSON(c, fiber.StatusBadRequest, "Invalid LoginID ("+lid+"): "+err.Error()) } } @@ -1224,8 +1224,22 @@ func (h *UserHandler) BulkCreateUsers(c *fiber.Ctx) error { // Validate all collected LoginIDs if collectedIDs, ok := attributes["custom_login_ids"].([]string); ok { valid := true + // Collect all emails + allEmails := []string{userEmail} + if secondaryRaw, exists := item.Metadata["secondary_emails"]; exists { + if secondaryEmails, ok := secondaryRaw.([]interface{}); ok { + for _, se := range secondaryEmails { + if seStr, ok := se.(string); ok { + allEmails = append(allEmails, seStr) + } + } + } else if secondaryEmails, ok := secondaryRaw.([]string); ok { + allEmails = append(allEmails, secondaryEmails...) + } + } + for _, lid := range collectedIDs { - if err := domain.ValidateLoginID(lid, userEmail, userPhone); err != nil { + if err := domain.ValidateLoginID(lid, allEmails, userPhone); err != nil { results = append(results, bulkUserResult{Email: userEmail, OriginalEmail: emailEvaluation.OriginalEmail, SuggestedEmail: emailEvaluation.SuggestedEmail, Status: emailEvaluation.Status, Warnings: emailEvaluation.Warnings, Success: false, Message: "Invalid LoginID (" + lid + "): " + err.Error()}) valid = false break @@ -2036,9 +2050,23 @@ func (h *UserHandler) UpdateUser(c *fiber.Ctx) error { // Validate all collected LoginIDs userEmail := extractTraitString(traits, "email") userPhone := extractTraitString(traits, "phone_number") + + allEmails := []string{userEmail} + if secondaryRaw, exists := traits["secondary_emails"]; exists { + if secondaryEmails, ok := secondaryRaw.([]interface{}); ok { + for _, se := range secondaryEmails { + if seStr, ok := se.(string); ok { + allEmails = append(allEmails, seStr) + } + } + } else if secondaryEmails, ok := secondaryRaw.([]string); ok { + allEmails = append(allEmails, secondaryEmails...) + } + } + if collectedIDs, ok := traits["custom_login_ids"].([]string); ok { for _, lid := range collectedIDs { - if err := domain.ValidateLoginID(lid, userEmail, userPhone); err != nil { + if err := domain.ValidateLoginID(lid, allEmails, userPhone); err != nil { return errorJSON(c, fiber.StatusBadRequest, "Invalid LoginID ("+lid+"): "+err.Error()) } }