4단계 역할 정규화 및 dev 권한 스코프 검증 강화

backend/internal/domain/user.go

@@ -1,6 +1,7 @@
 package domain
 
 import (
+	"strings"
 	"time"
 
 	"github.com/google/uuid"
@@ -15,6 +16,20 @@ const (
 	RoleUser        = "user"         // 일반 사용자
 )
 
+// NormalizeRole maps legacy/synonym role values to canonical role keys.
+func NormalizeRole(role string) string {
+	normalized := strings.ToLower(strings.TrimSpace(role))
+	switch normalized {
+	case "tenant_member":
+		return RoleUser
+	case "admin":
+		// Legacy admin is treated as tenant admin for least-privilege compatibility.
+		return RoleTenantAdmin
+	default:
+		return normalized
+	}
+}
+
 // User represents the user model stored in PostgreSQL
 type User struct {
 	ID              string         `gorm:"primaryKey;type:uuid;default:gen_random_uuid()" json:"id"`

backend/internal/domain/user_test.go

@@ -0,0 +1,29 @@
+package domain
+
+import "testing"
+
+func TestNormalizeRole(t *testing.T) {
+	tests := []struct {
+		name string
+		in   string
+		want string
+	}{
+		{name: "super admin unchanged", in: "super_admin", want: RoleSuperAdmin},
+		{name: "tenant admin unchanged", in: "tenant_admin", want: RoleTenantAdmin},
+		{name: "rp admin unchanged", in: "rp_admin", want: RoleRPAdmin},
+		{name: "user unchanged", in: "user", want: RoleUser},
+		{name: "legacy admin", in: "admin", want: RoleTenantAdmin},
+		{name: "legacy tenant member", in: "tenant_member", want: RoleUser},
+		{name: "trim and lower", in: "  ADMIN  ", want: RoleTenantAdmin},
+		{name: "unknown role pass-through", in: "custom_role", want: "custom_role"},
+		{name: "empty", in: "   ", want: ""},
+	}
+
+	for _, tc := range tests {
+		t.Run(tc.name, func(t *testing.T) {
+			if got := NormalizeRole(tc.in); got != tc.want {
+				t.Fatalf("NormalizeRole(%q)=%q, want %q", tc.in, got, tc.want)
+			}
+		})
+	}
+}