kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

조직도 M2M조회 추가, 자동로그인 보완

Browse Source
This commit is contained in:
admin-bot
2026-05-13 13:44:30 +09:00
parent 72288f1d39
commit 8c2b2f71ef
29 changed files with 2985 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/internal/middleware/api_key_auth.go
View File

@@ -84,6 +84,10 @@ func validateScope(method, path string, rawScopes string) bool {
scopeMap[s] = true
}
if strings.Contains(path, "/integrations/org-context") {
return method == fiber.MethodGet && scopeMap["org-context:read"]
}
// 1. 감사 로그 관련 (audit:*)
if strings.Contains(path, "/admin/audit") || strings.Contains(path, "/v1/audit") {
if method == fiber.MethodGet {

15
backend/internal/middleware/api_key_auth_test.go Normal file
View File

@@ -0,0 +1,15 @@
package middleware
import (
"testing"
"github.com/gofiber/fiber/v2"
"github.com/stretchr/testify/require"
)
func TestValidateScope_AllowsOrgContextReadOnly(t *testing.T) {
require.True(t, validateScope(fiber.MethodGet, "/api/v1/integrations/org-context", "org-context:read"))
require.False(t, validateScope(fiber.MethodPost, "/api/v1/integrations/org-context", "org-context:read"))
require.False(t, validateScope(fiber.MethodGet, "/api/v1/integrations/org-context", "tenant:read"))
require.False(t, validateScope(fiber.MethodGet, "/api/v1/orgfront/org-context", "org-context:read"))
}