merge: integrate origin dev into dev

Includes Worksmobile SSOT sync comparison updates, UUID import conflict resolution, and Playwright route mock stabilization.

adminfront/tests/users_bulk_secondary.spec.ts

@@ -112,7 +112,7 @@ test.describe("Users Bulk Upload Secondary Emails", () => {
 
     await page.getByTestId("bulk-start-btn").click();
 
-    await expect(page.getByText(/성공|Success/i)).toBeVisible();
+    await expect(page.getByText(/성공|Success/i).first()).toBeVisible();
 
     expect(bulkPayload).not.toBeNull();
     expect(bulkPayload.users).toHaveLength(1);

adminfront/tests/users_bulk_uuid.spec.ts

@@ -0,0 +1,139 @@
+import { expect, test } from "@playwright/test";
+
+test.describe("Users Bulk Upload UUID Import Policy", () => {
+  test.beforeEach(async ({ page }) => {
+    await page.addInitScript(() => {
+      window.localStorage.setItem("locale", "ko");
+      window.localStorage.setItem("admin_session", "fake-token");
+      (
+        window as Window & typeof globalThis & { _IS_TEST_MODE?: boolean }
+      )._IS_TEST_MODE = true;
+
+      const authority = "http://localhost:5000/oidc";
+      const client_id = "adminfront";
+      const key = `oidc.user:${authority}:${client_id}`;
+      const authData = {
+        access_token: "fake-token",
+        token_type: "Bearer",
+        profile: { sub: "admin-user", name: "Admin", role: "super_admin" },
+        expires_at: Math.floor(Date.now() / 1000) + 36000,
+      };
+      window.localStorage.setItem(key, JSON.stringify(authData));
+    });
+
+    await page.route("**/api/v1/**", async (route) => {
+      const url = route.request().url();
+      const headers = { "Access-Control-Allow-Origin": "*" };
+
+      if (url.includes("/user/me")) {
+        return route.fulfill({
+          json: {
+            id: "admin-user",
+            name: "Admin",
+            role: "super_admin",
+            manageableTenants: [],
+          },
+          headers,
+        });
+      }
+      if (url.includes("/admin/users") && !url.includes("/bulk")) {
+        return route.fulfill({
+          json: { items: [], total: 0, limit: 50, offset: 0 },
+          headers,
+        });
+      }
+      if (url.includes("/admin/tenants")) {
+        return route.fulfill({
+          json: { items: [], total: 0, limit: 100, offset: 0 },
+          headers,
+        });
+      }
+      return route.fulfill({ json: { items: [], total: 0 }, headers });
+    });
+
+    await page.route("**/oidc/**", async (route) => {
+      await route.fulfill({ json: { issuer: "http://localhost:5000/oidc" } });
+    });
+  });
+
+  test("should not include exported user_id or uuid in bulk upload payload", async ({
+    page,
+  }) => {
+    let bulkPayload = "";
+    const testUuid = "550e8400-e29b-41d4-a716-446655440000";
+
+    await page.route("**/api/v1/admin/users/bulk", async (route) => {
+      bulkPayload = route.request().postData() ?? "";
+      return route.fulfill({
+        json: {
+          results: [
+            { email: "uuid@test.com", success: true, userId: "kratos-id" },
+          ],
+        },
+        headers: { "Access-Control-Allow-Origin": "*" },
+      });
+    });
+
+    await page.goto("/users");
+    await page.getByTestId("user-data-mgmt-btn").click();
+    await page
+      .getByRole("menuitem", { name: /일괄 임포트|Bulk Import/i })
+      .click();
+
+    await page.locator('input[type="file"]').setInputFiles({
+      name: "users_uuid.csv",
+      mimeType: "text/csv",
+      buffer: Buffer.from(
+        `user_id,email,name,uuid\n${testUuid},uuid@test.com,UUID User,${testUuid}\n`,
+      ),
+    });
+
+    await page.getByTestId("bulk-start-btn").click();
+    await expect(page.getByText("uuid@test.com")).toBeVisible();
+
+    const payload = JSON.parse(bulkPayload);
+    expect(payload.users[0]).not.toHaveProperty("userId");
+    expect(payload.users[0]).not.toHaveProperty("uuid");
+    expect(payload.users[0]).not.toHaveProperty("id");
+  });
+
+  test("should treat id column as login id, not UUID import", async ({
+    page,
+  }) => {
+    let bulkPayload = "";
+    const testUuid = "550e8400-e29b-41d4-a716-446655440001";
+
+    await page.route("**/api/v1/admin/users/bulk", async (route) => {
+      bulkPayload = route.request().postData() ?? "";
+      return route.fulfill({
+        json: {
+          results: [
+            { email: "id-uuid@test.com", success: true, userId: "kratos-id" },
+          ],
+        },
+        headers: { "Access-Control-Allow-Origin": "*" },
+      });
+    });
+
+    await page.goto("/users");
+    await page.getByTestId("user-data-mgmt-btn").click();
+    await page
+      .getByRole("menuitem", { name: /일괄 임포트|Bulk Import/i })
+      .click();
+
+    await page.locator('input[type="file"]').setInputFiles({
+      name: "users_id.csv",
+      mimeType: "text/csv",
+      buffer: Buffer.from(
+        `email,name,id\nid-uuid@test.com,ID UUID User,${testUuid}\n`,
+      ),
+    });
+
+    await page.getByTestId("bulk-start-btn").click();
+
+    const payload = JSON.parse(bulkPayload);
+    expect(payload.users[0]).not.toHaveProperty("uuid");
+    expect(payload.users[0].loginId).toBe(testUuid);
+    expect(payload.users[0].metadata.naverworks_id).toBe(testUuid);
+  });
+});

adminfront/tests/worksmobile.spec.ts

@@ -94,6 +94,15 @@ test.describe("Worksmobile tenant management", () => {
         });
       }
 
+      if (
+        url.pathname.endsWith(
+          "/admin/tenants/hanmac-family-id/worksmobile/credential-batches",
+        ) &&
+        method === "GET"
+      ) {
+        return route.fulfill({ json: [], headers });
+      }
+
       if (
         url.pathname.endsWith(
           "/admin/tenants/hanmac-family-id/worksmobile/comparison",
@@ -361,6 +370,15 @@ test.describe("Worksmobile tenant management", () => {
         });
       }
 
+      if (
+        url.pathname.endsWith(
+          "/admin/tenants/hanmac-family-id/worksmobile/credential-batches",
+        ) &&
+        method === "GET"
+      ) {
+        return route.fulfill({ json: [], headers });
+      }
+
       if (
         url.pathname.endsWith(
           "/admin/tenants/hanmac-family-id/worksmobile/comparison",
@@ -467,6 +485,15 @@ test.describe("Worksmobile tenant management", () => {
         });
       }
 
+      if (
+        url.pathname.endsWith(
+          "/admin/tenants/hanmac-family-id/worksmobile/credential-batches",
+        ) &&
+        method === "GET"
+      ) {
+        return route.fulfill({ json: [], headers });
+      }
+
       if (
         url.pathname.endsWith(
           "/admin/tenants/hanmac-family-id/worksmobile/comparison",
@@ -614,6 +641,30 @@ test.describe("Worksmobile tenant management", () => {
         });
       }
 
+      if (
+        url.pathname.endsWith(
+          "/admin/tenants/hanmac-family-id/worksmobile/credential-batches",
+        ) &&
+        method === "GET"
+      ) {
+        return route.fulfill({
+          json: [
+            {
+              batchId: "batch-1",
+              operation: "worksmobile_user_sync",
+              userCount: 1,
+              processedCount: 1,
+              pendingCount: 0,
+              processingCount: 0,
+              failedCount: 0,
+              hasPasswords: true,
+              createdAt: "2026-05-01T00:00:00Z",
+            },
+          ],
+          headers,
+        });
+      }
+
       if (
         url.pathname.endsWith(
           "/admin/tenants/hanmac-family-id/worksmobile/comparison",
@@ -691,7 +742,9 @@ test.describe("Worksmobile tenant management", () => {
     await expect(page.getByText("Worksmobile 연동")).toBeVisible();
 
     const download = page.waitForEvent("download");
-    await page.getByRole("button", { name: "초기 비밀번호 CSV" }).click();
+    await page
+      .getByRole("button", { name: "batch-1 비밀번호 CSV 다운로드" })
+      .click();
     const passwordCsv = await download;
     expect(passwordCsv.suggestedFilename()).toBe("worksmobile-passwords.csv");
     const passwordCsvPath = await passwordCsv.path();