1
0
forked from baron/baron-sso

feat: 테넌트 그룹 기반 권한 상속 고도화 및 개발자 포털 보안 강화 #239

This commit is contained in:
2026-02-11 12:41:03 +09:00
parent dc0d1a8e63
commit afaac1781c
11 changed files with 282 additions and 34 deletions

View File

@@ -80,6 +80,7 @@ type UserProfileResponse struct {
RelyingPartyID *string `json:"relyingPartyId,omitempty"` // 추가
Metadata map[string]any `json:"metadata,omitempty"`
Tenant *Tenant `json:"tenant,omitempty"`
ManageableTenants []Tenant `json:"manageableTenants,omitempty"` // 추가: 관리 가능한 테넌트 목록
}
type UpdateUserRequest struct {

View File

@@ -36,6 +36,28 @@ func (t *Tenant) IsActive() bool {
return t.Status == TenantStatusActive
}
// GetMergedConfig merges the group-level config with tenant-level config.
// Tenant config takes precedence.
func (t *Tenant) GetMergedConfig() JSONMap {
merged := make(JSONMap)
// 1. Apply Group Config (Base)
if t.TenantGroup != nil && t.TenantGroup.Config != nil {
for k, v := range t.TenantGroup.Config {
merged[k] = v
}
}
// 2. Apply Tenant Config (Overrides)
if t.Config != nil {
for k, v := range t.Config {
merged[k] = v
}
}
return merged
}
// BeforeCreate hook to generate UUID if not present.
func (t *Tenant) BeforeCreate(tx *gorm.DB) (err error) {
if t.ID == "" {