kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

일반 사용자 연동 앱 추가 버튼 노출 방지

Browse Source
This commit is contained in:
김용연
2026-05-26 15:38:01 +09:00
parent a010bd44c0
commit 7fe86e8aa4
3 changed files with 28 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
devfront/src/features/clients/ClientsPage.tsx
View File

@@ -97,6 +97,14 @@ function ClientsPage() {
enabled: hasAccessToken, enabled: hasAccessToken,
}); });
const { data: me, isLoading: isLoadingMe } = useQuery({
queryKey: ["userMe"],
queryFn: fetchMe,
enabled: hasAccessToken,
});
const profileRole = me?.role?.trim() || role;
const { const {
data: requestStatus, data: requestStatus,
isLoading: isLoadingRequest, isLoading: isLoadingRequest,
@@ -104,21 +112,16 @@ function ClientsPage() {
} = useQuery({ } = useQuery({
queryKey: ["developer-request", tenantId], queryKey: ["developer-request", tenantId],
queryFn: () => fetchDeveloperRequestStatus(tenantId), queryFn: () => fetchDeveloperRequestStatus(tenantId),
enabled: hasAccessToken && (role === "user" || role === "tenant_member"), enabled: hasAccessToken && (profileRole === "user" || profileRole === "tenant_member"),
}); });
const { data: tenants } = useQuery({ const { data: tenants } = useQuery({
queryKey: ["myTenants"], queryKey: ["myTenants"],
queryFn: fetchMyTenants, queryFn: fetchMyTenants,
enabled: hasAccessToken, enabled: hasAccessToken,
}); });
const { data: me } = useQuery({
queryKey: ["userMe"],
queryFn: fetchMe,
enabled: hasAccessToken,
});
const createAccessState = resolveClientCreateAccess({ const createAccessState = resolveClientCreateAccess({
role, role: profileRole,
requestStatus: requestStatus?.status, requestStatus: requestStatus?.status,
}); });
const canCreateClient = createAccessState === "can_create"; const canCreateClient = createAccessState === "can_create";
@@ -193,7 +196,6 @@ function ClientsPage() {
(userProfile?.phone as string | undefined) || (userProfile?.phone as string | undefined) ||
(userProfile?.phone_number as string | undefined) || (userProfile?.phone_number as string | undefined) ||
""; "";
const profileRole = me?.role || role;
const profileRoleLabel = t(`ui.admin.role.${profileRole}`, profileRole); const profileRoleLabel = t(`ui.admin.role.${profileRole}`, profileRole);
type StatTone = "up" | "down" | "stable"; type StatTone = "up" | "down" | "stable";
@@ -236,7 +238,11 @@ function ClientsPage() {
}, },
]; ];
const isLoading = isLoadingClients || isLoadingStats || isLoadingRequest; const isLoading =
isLoadingClients ||
isLoadingStats ||
isLoadingRequest ||
(hasAccessToken && !profileRole && isLoadingMe);
const requestSort = (key: ClientSortKey) => { const requestSort = (key: ClientSortKey) => {
setSortConfig((current) => toggleSort(current, key)); setSortConfig((current) => toggleSort(current, key));

9
devfront/src/features/clients/clientCreateAccess.test.ts
View File

@@ -19,6 +19,15 @@ describe("client create access", () => {
).toBe("request_required"); ).toBe("request_required");
}); });
it("treats unresolved roles as request required instead of allowing creation", () => {
expect(
resolveClientCreateAccess({
role: "",
requestStatus: undefined,
}),
).toBe("request_required");
});
it("shows pending state while a developer request is under review", () => { it("shows pending state while a developer request is under review", () => {
expect( expect(
resolveClientCreateAccess({ resolveClientCreateAccess({

4
devfront/src/features/clients/clientCreateAccess.ts
View File

@@ -19,6 +19,10 @@ export function resolveClientCreateAccess({
role, role,
requestStatus, requestStatus,
}: ResolveClientCreateAccessParams): ClientCreateAccessState { }: ResolveClientCreateAccessParams): ClientCreateAccessState {
if (!role.trim()) {
return "request_required";
}
if (!canSelfRequestDeveloperAccess(role)) { if (!canSelfRequestDeveloperAccess(role)) {
return "can_create"; return "can_create";
} }