From 85c2eb1690fb264778fae80f15948d3c834925f9 Mon Sep 17 00:00:00 2001 From: kyy Date: Wed, 10 Jun 2026 10:37:51 +0900 Subject: [PATCH] =?UTF-8?q?code-check=20=EB=B0=8F=20=EC=82=AC=EC=9A=A9?= =?UTF-8?q?=EC=9E=90=20=EC=83=81=EC=84=B8=20claim=20=EA=B4=80=EB=A0=A8=20?= =?UTF-8?q?=EC=98=A4=EB=A5=98=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adminfront/tests/users.spec.ts | 27 ++++++++------------ backend/internal/handler/dev_handler.go | 9 +++---- backend/internal/handler/dev_handler_test.go | 15 +++++++---- 3 files changed, 25 insertions(+), 26 deletions(-) diff --git a/adminfront/tests/users.spec.ts b/adminfront/tests/users.spec.ts index f116fb5e..3c5ac793 100644 --- a/adminfront/tests/users.spec.ts +++ b/adminfront/tests/users.spec.ts @@ -315,7 +315,7 @@ test.describe("User Management", () => { await expect(page.getByText(/저장/i).first()).toBeVisible(); }); - test("should manage global custom claim permissions in user detail", async ({ + test("should manage global custom claim values in user detail", async ({ page, }) => { let updatePayload: Record | undefined; @@ -375,19 +375,14 @@ test.describe("User Management", () => { .getByRole("tab", { name: /전역 Custom Claims|Custom Claims/i }) .click(); - await expect( - page.getByTestId("global-custom-claim-key-contract_date"), - ).toHaveValue("contract_date"); - await expect( - page.getByTestId("global-custom-claim-read-permission-contract_date"), - ).toHaveValue("user_and_admin"); - await expect( - page.getByTestId("global-custom-claim-write-permission-contract_date"), - ).toHaveValue("admin_only"); + await expect(page.getByText("contract_date")).toBeVisible(); + const valueInput = page.getByTestId( + "global-custom-claim-value-contract_date", + ); + await expect(valueInput).toHaveValue("2026-06-09"); + await expect(valueInput).toHaveAttribute("type", "date"); - await page - .getByTestId("global-custom-claim-write-permission-contract_date") - .selectOption("user_and_admin"); + await valueInput.fill("2026-07-01"); await page.screenshot({ path: "test-results/adminfront-global-custom-claim-permissions.png", @@ -403,15 +398,15 @@ test.describe("User Management", () => { .toMatchObject({ metadata: { global_custom_claims: { - contract_date: "2026-06-09", + contract_date: "2026-07-01", }, global_custom_claim_types: { contract_date: "date", }, global_custom_claim_permissions: { contract_date: { - readPermission: "user_and_admin", - writePermission: "user_and_admin", + readPermission: "admin_only", + writePermission: "admin_only", }, }, }, diff --git a/backend/internal/handler/dev_handler.go b/backend/internal/handler/dev_handler.go index e0562817..5cd69713 100644 --- a/backend/internal/handler/dev_handler.go +++ b/backend/internal/handler/dev_handler.go @@ -49,9 +49,10 @@ type DevHandler struct { type developerRequestService interface { RequestAccess(ctx context.Context, req domain.DeveloperRequest) error - GetRequestStatus(ctx context.Context, userID, tenantID string) (*domain.DeveloperRequest, error) + GetRequestStatus(ctx context.Context, userID, tenantID string) (*domain.DeveloperAccessStatus, error) GetRequestByID(ctx context.Context, id uint) (*domain.DeveloperRequest, error) - ListRequests(ctx context.Context, userID, status string) ([]domain.DeveloperRequest, error) + ListRequests(ctx context.Context, userID, status, tenantID string) ([]domain.DeveloperRequest, error) + CreateGrant(ctx context.Context, req domain.DeveloperRequest) error ApproveRequest(ctx context.Context, id uint, adminNotes string) error RejectRequest(ctx context.Context, id uint, adminNotes string) error CancelApprovedRequest(ctx context.Context, id uint, adminNotes string) error @@ -505,9 +506,7 @@ func (h *DevHandler) hasApprovedDeveloperRequest(c *fiber.Ctx, profile *domain.U if err != nil || status == nil { return false } - return status.Status == domain.DeveloperRequestStatusApproved && - strings.TrimSpace(status.UserID) == userID && - strings.TrimSpace(status.TenantID) == tenantID + return status.Status == domain.DeveloperRequestStatusApproved } func (h *DevHandler) canOperateClientByPermit(c *fiber.Ctx, profile *domain.UserProfileResponse, summary clientSummary, relation string) bool { diff --git a/backend/internal/handler/dev_handler_test.go b/backend/internal/handler/dev_handler_test.go index bdfb70e8..1aede3bd 100644 --- a/backend/internal/handler/dev_handler_test.go +++ b/backend/internal/handler/dev_handler_test.go @@ -71,10 +71,10 @@ func (m *devMockDeveloperService) RequestAccess(ctx context.Context, req domain. return args.Error(0) } -func (m *devMockDeveloperService) GetRequestStatus(ctx context.Context, userID, tenantID string) (*domain.DeveloperRequest, error) { +func (m *devMockDeveloperService) GetRequestStatus(ctx context.Context, userID, tenantID string) (*domain.DeveloperAccessStatus, error) { args := m.Called(ctx, userID, tenantID) - if req, ok := args.Get(0).(*domain.DeveloperRequest); ok { - return req, args.Error(1) + if status, ok := args.Get(0).(*domain.DeveloperAccessStatus); ok { + return status, args.Error(1) } return nil, args.Error(1) } @@ -87,14 +87,19 @@ func (m *devMockDeveloperService) GetRequestByID(ctx context.Context, id uint) ( return nil, args.Error(1) } -func (m *devMockDeveloperService) ListRequests(ctx context.Context, userID, status string) ([]domain.DeveloperRequest, error) { - args := m.Called(ctx, userID, status) +func (m *devMockDeveloperService) ListRequests(ctx context.Context, userID, status, tenantID string) ([]domain.DeveloperRequest, error) { + args := m.Called(ctx, userID, status, tenantID) if requests, ok := args.Get(0).([]domain.DeveloperRequest); ok { return requests, args.Error(1) } return nil, args.Error(1) } +func (m *devMockDeveloperService) CreateGrant(ctx context.Context, req domain.DeveloperRequest) error { + args := m.Called(ctx, req) + return args.Error(0) +} + func (m *devMockDeveloperService) ApproveRequest(ctx context.Context, id uint, adminNotes string) error { args := m.Called(ctx, id, adminNotes) return args.Error(0)