정합성 위반사항 확인 및 조치기능 추가

2026-05-14 09:04:33 +09:00
parent 9ca73e8774
commit df543d6203
17 changed files with 988 additions and 78 deletions
--- a/backend/internal/handler/user_handler.go
+++ b/backend/internal/handler/user_handler.go
@@ -210,6 +210,14 @@ func roleFromTraits(traits map[string]interface{}) string {
 	return domain.RoleUser
 }

+func normalizeAssignableSystemRole(value string) (string, bool) {
+	role, ok := domain.NormalizeRoleAlias(value)
+	if !ok {
+		return "", false
+	}
+	return role, role == domain.RoleSuperAdmin || role == domain.RoleUser
+}
+
 func gradeFromTraits(traits map[string]interface{}) string {
 	value := strings.TrimSpace(extractTraitString(traits, "grade"))
 	if value == "" {
@@ -661,9 +669,19 @@ func (h *UserHandler) CreateUser(c *fiber.Ctx) error {
 		}
 	}

-	role := domain.NormalizeRole(req.Role)
-	if role == "" {
-		role = domain.RoleUser
+	role := domain.RoleUser
+	if strings.TrimSpace(req.Role) != "" {
+		normalizedRole, ok := normalizeAssignableSystemRole(req.Role)
+		if !ok {
+			return errorJSON(c, fiber.StatusBadRequest, "invalid role")
+		}
+		if normalizedRole == domain.RoleSuperAdmin {
+			requester, _ := c.Locals("user_profile").(*domain.UserProfileResponse)
+			if requester == nil || domain.NormalizeRole(requester.Role) != domain.RoleSuperAdmin {
+				return errorJSON(c, fiber.StatusForbidden, "forbidden: only super admin can assign super admin role")
+			}
+		}
+		role = normalizedRole
 	}

 	attributes := map[string]interface{}{
@@ -1532,7 +1550,7 @@ func (h *UserHandler) BulkUpdateUsers(c *fiber.Ctx) error {
 		if domain.NormalizeRole(requester.Role) != domain.RoleSuperAdmin {
 			return errorJSON(c, fiber.StatusForbidden, "forbidden: only super admin can change user role")
 		}
-		role, ok := domain.NormalizeRoleAlias(*req.Role)
+		role, ok := normalizeAssignableSystemRole(*req.Role)
 		if !ok {
 			return errorJSON(c, fiber.StatusBadRequest, "invalid role")
 		}
@@ -1841,7 +1859,7 @@ func (h *UserHandler) UpdateUser(c *fiber.Ctx) error {
 		if requester == nil || domain.NormalizeRole(requester.Role) != domain.RoleSuperAdmin {
 			return errorJSON(c, fiber.StatusForbidden, "forbidden: only super admin can change user role")
 		}
-		role, ok := domain.NormalizeRoleAlias(*req.Role)
+		role, ok := normalizeAssignableSystemRole(*req.Role)
 		if !ok {
 			return errorJSON(c, fiber.StatusBadRequest, "invalid role")
 		}