code-check 및 사용자 상세 claim 관련 오류 수정

adminfront/tests/users.spec.ts

@@ -315,7 +315,7 @@ test.describe("User Management", () => {
     await expect(page.getByText(/저장/i).first()).toBeVisible();
   });
 
-  test("should manage global custom claim permissions in user detail", async ({
+  test("should manage global custom claim values in user detail", async ({
     page,
   }) => {
     let updatePayload: Record<string, unknown> | undefined;
@@ -375,19 +375,14 @@ test.describe("User Management", () => {
       .getByRole("tab", { name: /전역 Custom Claims|Custom Claims/i })
       .click();
 
-    await expect(
+    await expect(page.getByText("contract_date")).toBeVisible();
-      page.getByTestId("global-custom-claim-key-contract_date"),
+    const valueInput = page.getByTestId(
-    ).toHaveValue("contract_date");
+      "global-custom-claim-value-contract_date",
-    await expect(
+    );
-      page.getByTestId("global-custom-claim-read-permission-contract_date"),
+    await expect(valueInput).toHaveValue("2026-06-09");
-    ).toHaveValue("user_and_admin");
+    await expect(valueInput).toHaveAttribute("type", "date");
-    await expect(
-      page.getByTestId("global-custom-claim-write-permission-contract_date"),
-    ).toHaveValue("admin_only");
 
-    await page
+    await valueInput.fill("2026-07-01");
-      .getByTestId("global-custom-claim-write-permission-contract_date")
-      .selectOption("user_and_admin");
 
     await page.screenshot({
       path: "test-results/adminfront-global-custom-claim-permissions.png",
@@ -403,15 +398,15 @@ test.describe("User Management", () => {
       .toMatchObject({
         metadata: {
           global_custom_claims: {
-            contract_date: "2026-06-09",
+            contract_date: "2026-07-01",
           },
           global_custom_claim_types: {
             contract_date: "date",
           },
           global_custom_claim_permissions: {
             contract_date: {
-              readPermission: "user_and_admin",
+              readPermission: "admin_only",
-              writePermission: "user_and_admin",
+              writePermission: "admin_only",
             },
           },
         },

backend/internal/handler/dev_handler.go

@@ -49,9 +49,10 @@ type DevHandler struct {
 
 type developerRequestService interface {
 	RequestAccess(ctx context.Context, req domain.DeveloperRequest) error
-	GetRequestStatus(ctx context.Context, userID, tenantID string) (*domain.DeveloperRequest, error)
+	GetRequestStatus(ctx context.Context, userID, tenantID string) (*domain.DeveloperAccessStatus, error)
 	GetRequestByID(ctx context.Context, id uint) (*domain.DeveloperRequest, error)
-	ListRequests(ctx context.Context, userID, status string) ([]domain.DeveloperRequest, error)
+	ListRequests(ctx context.Context, userID, status, tenantID string) ([]domain.DeveloperRequest, error)
+	CreateGrant(ctx context.Context, req domain.DeveloperRequest) error
 	ApproveRequest(ctx context.Context, id uint, adminNotes string) error
 	RejectRequest(ctx context.Context, id uint, adminNotes string) error
 	CancelApprovedRequest(ctx context.Context, id uint, adminNotes string) error
@@ -505,9 +506,7 @@ func (h *DevHandler) hasApprovedDeveloperRequest(c *fiber.Ctx, profile *domain.U
 	if err != nil || status == nil {
 		return false
 	}
-	return status.Status == domain.DeveloperRequestStatusApproved &&
+	return status.Status == domain.DeveloperRequestStatusApproved
-		strings.TrimSpace(status.UserID) == userID &&
-		strings.TrimSpace(status.TenantID) == tenantID
 }
 
 func (h *DevHandler) canOperateClientByPermit(c *fiber.Ctx, profile *domain.UserProfileResponse, summary clientSummary, relation string) bool {

backend/internal/handler/dev_handler_test.go

@@ -71,10 +71,10 @@ func (m *devMockDeveloperService) RequestAccess(ctx context.Context, req domain.
 	return args.Error(0)
 }
 
-func (m *devMockDeveloperService) GetRequestStatus(ctx context.Context, userID, tenantID string) (*domain.DeveloperRequest, error) {
+func (m *devMockDeveloperService) GetRequestStatus(ctx context.Context, userID, tenantID string) (*domain.DeveloperAccessStatus, error) {
 	args := m.Called(ctx, userID, tenantID)
-	if req, ok := args.Get(0).(*domain.DeveloperRequest); ok {
+	if status, ok := args.Get(0).(*domain.DeveloperAccessStatus); ok {
-		return req, args.Error(1)
+		return status, args.Error(1)
 	}
 	return nil, args.Error(1)
 }
@@ -87,14 +87,19 @@ func (m *devMockDeveloperService) GetRequestByID(ctx context.Context, id uint) (
 	return nil, args.Error(1)
 }
 
-func (m *devMockDeveloperService) ListRequests(ctx context.Context, userID, status string) ([]domain.DeveloperRequest, error) {
+func (m *devMockDeveloperService) ListRequests(ctx context.Context, userID, status, tenantID string) ([]domain.DeveloperRequest, error) {
-	args := m.Called(ctx, userID, status)
+	args := m.Called(ctx, userID, status, tenantID)
 	if requests, ok := args.Get(0).([]domain.DeveloperRequest); ok {
 		return requests, args.Error(1)
 	}
 	return nil, args.Error(1)
 }
 
+func (m *devMockDeveloperService) CreateGrant(ctx context.Context, req domain.DeveloperRequest) error {
+	args := m.Called(ctx, req)
+	return args.Error(0)
+}
+
 func (m *devMockDeveloperService) ApproveRequest(ctx context.Context, id uint, adminNotes string) error {
 	args := m.Called(ctx, id, adminNotes)
 	return args.Error(0)