adminfront 및 백엔드: 전 메뉴 및 탭 수준 ReBAC 기반 접근 제어(Admin Control) 기능 추가 구현 완료

2026-06-12 11:40:56 +09:00
parent d0bdc54286
commit a70755e993
15 changed files with 360 additions and 84 deletions
--- a/adminfront/src/features/users/UserListPage.tsx
+++ b/adminfront/src/features/users/UserListPage.tsx
@@ -320,6 +320,7 @@ function UserListPage() {
    queryFn: fetchMe,
  });
  const profileRole = normalizeAdminRole(profile?.role);
+  const isWritable = profileRole === "super_admin" || !!profile?.systemPermissions?.manage_users;

  const { data: tenantsData } = useQuery({
    queryKey: ["tenants", "all"],
@@ -720,8 +721,9 @@ function UserListPage() {
                <DropdownMenuSeparator />
                <DropdownMenuItem
                  onSelect={() => {
-                    setBulkUploadOpen(true);
+                    if (isWritable) setBulkUploadOpen(true);
                  }}
+                  disabled={!isWritable}
                  className="cursor-pointer"
                >
                  <Upload size={16} className="mr-2 opacity-50" />
@@ -813,12 +815,19 @@ function UserListPage() {
                </DialogFooter>
              </DialogContent>
            </Dialog>
-            <Button asChild size="sm" className="h-9">
-              <Link to="/users/new">
+            {isWritable ? (
+              <Button asChild size="sm" className="h-9">
+                <Link to="/users/new">
+                  <Plus size={16} />
+                  {t("ui.admin.users.list.add", "사용자 추가")}
+                </Link>
+              </Button>
+            ) : (
+              <Button size="sm" className="h-9" disabled>
                <Plus size={16} />
                {t("ui.admin.users.list.add", "사용자 추가")}
-              </Link>
-            </Button>
+              </Button>
+            )}
          </>
        }
      />
@@ -1095,7 +1104,8 @@ function UserListPage() {
                              }
                              disabled={
                                statusMutation.isPending ||
-                                user.id === profile?.id
+                                user.id === profile?.id ||
+                                !isWritable
                              }
                            >
                              <SelectTrigger
@@ -1278,7 +1288,8 @@ function UserListPage() {
                  }}
                  disabled={
                    (!selectedBulkStatus && !selectedBulkPermission) ||
-                    bulkUpdateMutation.isPending
+                    bulkUpdateMutation.isPending ||
+                    !isWritable
                  }
                  data-testid="bulk-apply-btn"
                >
@@ -1291,6 +1302,7 @@ function UserListPage() {
                  size="sm"
                  className="text-destructive-foreground hover:bg-destructive/20 h-8 gap-1.5"
                  onClick={handleBulkDelete}
+                  disabled={!isWritable}
                  data-testid="bulk-delete-btn"
                >
                  <Trash2 size={14} />