usergroup

2026-02-12 11:41:01 +09:00
parent 5bdb08d673
commit b9ad54d459
4 changed files with 71 additions and 3 deletions
--- a/backend/cmd/server/main.go
+++ b/backend/cmd/server/main.go
@@ -246,10 +246,12 @@ func main() {
 	// 2. Initialize Handlers
 	tenantRepo := repository.NewTenantRepository(db)
 	tenantGroupRepo := repository.NewTenantGroupRepository(db)
+	userGroupRepo := repository.NewUserGroupRepository(db)
+	userRepo := repository.NewUserRepository(db)
 	tenantService := service.NewTenantService(tenantRepo)
 	tenantGroupService := service.NewTenantGroupService(tenantGroupRepo, ketoService)
+	userGroupService := service.NewUserGroupService(userGroupRepo, userRepo, ketoService)
 	tenantService.SetKetoService(ketoService) // Keto 주입
-	userRepo := repository.NewUserRepository(db)
 	// relyingPartyRepo removed as SSOT is now Hydra+Keto
 	hydraService := service.NewHydraAdminService()
 	relyingPartyService := service.NewRelyingPartyService(hydraService, ketoService)
@@ -265,6 +267,7 @@ func main() {
 	devHandler := handler.NewDevHandler(redisService, secretRepo, consentRepo, relyingPartyService)
 	tenantHandler := handler.NewTenantHandler(db, tenantService, ketoService, kratosAdminService)
 	tenantGroupHandler := handler.NewTenantGroupHandler(tenantGroupService, kratosAdminService)
+	userGroupHandler := handler.NewUserGroupHandler(userGroupService)
 	relyingPartyHandler := handler.NewRelyingPartyHandler(relyingPartyService, kratosAdminService)
 	userHandler := handler.NewUserHandler(kratosAdminService, oryAdminProvider, tenantService, ketoService, userRepo)
 	apiKeyHandler := handler.NewApiKeyHandler(db)
@@ -585,6 +588,18 @@ func main() {
 	admin.Post("/tenant-groups/:id/admins/:userId", requireSuperAdmin, tenantGroupHandler.AddAdmin)
 	admin.Delete("/tenant-groups/:id/admins/:userId", requireSuperAdmin, tenantGroupHandler.RemoveAdmin)

+	// User Group Management (Tenant Admin/Super Admin)
+	userGroups := admin.Group("/tenants/:tenantId/user-groups", requireAdmin, middleware.RequireKetoPermission(middleware.RBACConfig{AuthHandler: authHandler, KetoService: ketoService}, "Tenant", "manage"))
+	userGroups.Get("/", userGroupHandler.List)
+	userGroups.Post("/", userGroupHandler.Create)
+	userGroups.Get("/:id", userGroupHandler.Get)
+	userGroups.Put("/:id", userGroupHandler.Update)
+	userGroups.Delete("/:id", userGroupHandler.Delete)
+	userGroups.Post("/:id/members", userGroupHandler.AddMember)
+	userGroups.Delete("/:id/members/:userId", userGroupHandler.RemoveMember)
+	userGroups.Post("/:id/roles", userGroupHandler.AssignRole)
+	userGroups.Delete("/:id/roles/:tenantId/:relation", userGroupHandler.RemoveRole)
+
 	// Relying Party Management (Global List)
 	admin.Get("/relying-parties", requireAdmin, relyingPartyHandler.ListAll)
 	admin.Get("/relying-parties/:id/owners", requireAdmin, middleware.RequireKetoPermission(middleware.RBACConfig{AuthHandler: authHandler, KetoService: ketoService}, "RelyingParty", "manage"), relyingPartyHandler.ListOwners)