조직 연동 오류 해결

2026-05-20 11:17:31 +09:00
parent 42b49674cc
commit fd82dd9bdd
15 changed files with 592 additions and 30 deletions
--- a/backend/internal/service/worksmobile_sync_service.go
+++ b/backend/internal/service/worksmobile_sync_service.go
@@ -736,6 +736,9 @@ func isWorksmobileOrgUnitTenant(tenant domain.Tenant, tenantByID map[string]doma
 	if tenant.Type == domain.TenantTypeOrganization {
 		return true
 	}
+	if tenant.Type == domain.TenantTypeUserGroup {
+		return true
+	}
 	if tenant.Type == domain.TenantTypeCompany {
 		return isWorksmobileBarongroupChildCompany(tenant, tenantByID)
 	}
@@ -749,7 +752,7 @@ func isWorksmobileUserScopeTenant(tenant domain.Tenant) bool {
 func worksmobileDomainClassificationTenant(tenant domain.Tenant, tenantByID map[string]domain.Tenant) domain.Tenant {
 	current := tenant
 	for {
-		if current.Type == domain.TenantTypeCompany || len(current.Domains) > 0 {
+		if isWorksmobileDomainRootTenant(current) {
 			return current
 		}
 		parentID := worksmobileTenantParentID(current)
@@ -764,6 +767,25 @@ func worksmobileDomainClassificationTenant(tenant domain.Tenant, tenantByID map[
 	}
 }

+func isWorksmobileDomainRootTenant(tenant domain.Tenant) bool {
+	slug := strings.ToLower(strings.TrimSpace(tenant.Slug))
+	switch slug {
+	case "saman", "hanmac", "gpdtdc", "baron-group":
+		return true
+	}
+	if tenantHasDomain(tenant, "samaneng.com") ||
+		tenantHasDomain(tenant, "hanmaceng.co.kr") ||
+		tenantHasDomain(tenant, "baroncs.co.kr") ||
+		tenantHasDomain(tenant, "brsw.kr") {
+		return true
+	}
+	name := strings.TrimSpace(tenant.Name)
+	return name == "삼안" ||
+		name == "한맥기술" ||
+		name == "총괄기획&기술개발센터" ||
+		name == "바론그룹"
+}
+
 func isWorksmobileBarongroupChildCompany(tenant domain.Tenant, tenantByID map[string]domain.Tenant) bool {
 	if tenant.Type != domain.TenantTypeCompany || tenant.Slug == "baron-group" {
 		return false
@@ -972,14 +994,14 @@ func worksmobileUserPrimaryOrgSlug(user domain.User, localTenants map[string]dom
 }

 func compareWorksmobileGroups(localTenants []domain.Tenant, remoteGroups []WorksmobileRemoteGroup, includeMatched bool) []WorksmobileComparisonItem {
-	remoteByExternalID := map[string]WorksmobileRemoteGroup{}
+	remoteByExternalID := map[string][]WorksmobileRemoteGroup{}
 	remoteByID := map[string]WorksmobileRemoteGroup{}
 	for _, remote := range remoteGroups {
 		if remote.ID != "" {
 			remoteByID[remote.ID] = remote
 		}
 		if remote.ExternalID != "" {
-			remoteByExternalID[remote.ExternalID] = remote
+			remoteByExternalID[remote.ExternalID] = append(remoteByExternalID[remote.ExternalID], remote)
 		}
 	}
 	tenantByID := worksmobileTenantByID(localTenants)
@@ -993,11 +1015,7 @@ func compareWorksmobileGroups(localTenants []domain.Tenant, remoteGroups []Works
 			continue
 		}
 		localByID[tenant.ID] = tenant
-		remote, matched := remoteByExternalID[tenant.ID]
-		if matched && !includeMatched {
-			matchedRemoteIDs[remote.ID] = true
-			continue
-		}
+		remote, matched := matchingWorksmobileRemoteGroupForTenant(tenant, remoteByExternalID[tenant.ID], tenantByID)
 		item := WorksmobileComparisonItem{
 			ResourceType:    "GROUP",
 			BaronID:         tenant.ID,
@@ -1018,7 +1036,13 @@ func compareWorksmobileGroups(localTenants []domain.Tenant, remoteGroups []Works
 			item.WorksmobileDomainName = remote.DomainName
 			item.WorksmobileParentID = remote.ParentID
 			item.WorksmobileParentName = remote.ParentName
-			if parentRemote, ok := remoteByExternalID[item.BaronParentID]; ok {
+			if parent, ok := tenantByID[item.BaronParentID]; ok {
+				if parentRemote, ok := matchingWorksmobileRemoteGroupForTenant(parent, remoteByExternalID[item.BaronParentID], tenantByID); ok {
+					item.BaronParentWorksmobileID = parentRemote.ID
+					item.BaronParentWorksmobileName = parentRemote.DisplayName
+					item.BaronParentWorksmobileEmail = parentRemote.Email
+				}
+			} else if parentRemote, ok := firstWorksmobileRemoteGroup(remoteByExternalID[item.BaronParentID]); ok {
 				item.BaronParentWorksmobileID = parentRemote.ID
 				item.BaronParentWorksmobileName = parentRemote.DisplayName
 				item.BaronParentWorksmobileEmail = parentRemote.Email
@@ -1031,8 +1055,14 @@ func compareWorksmobileGroups(localTenants []domain.Tenant, remoteGroups []Works
 				item.WorksmobileParentExternalKey = parentRemote.ExternalID
 			}
 			item = fillWorksmobileParentFromBaronParentMatch(item)
+			if worksmobileGroupNeedsUpdate(tenant, remote, remoteByID, remoteByExternalID, tenantByID) {
+				item.Status = "needs_update"
+			}
 			matchedRemoteIDs[remote.ID] = true
 		}
+		if matched && item.Status == "matched" && !includeMatched {
+			continue
+		}
 		result = append(result, item)
 	}
 	for _, remote := range remoteGroups {
@@ -1091,6 +1121,79 @@ func compareWorksmobileGroups(localTenants []domain.Tenant, remoteGroups []Works
 	return result
 }

+func matchingWorksmobileRemoteGroupForTenant(tenant domain.Tenant, remotes []WorksmobileRemoteGroup, tenantByID map[string]domain.Tenant) (WorksmobileRemoteGroup, bool) {
+	if len(remotes) == 0 {
+		return WorksmobileRemoteGroup{}, false
+	}
+	expectedDomainID, hasExpectedDomainID := expectedWorksmobileDomainIDForTenant(tenant, tenantByID)
+	if !hasExpectedDomainID {
+		return remotes[0], true
+	}
+	var unknownDomain WorksmobileRemoteGroup
+	hasUnknownDomain := false
+	for i := range remotes {
+		remote := remotes[i]
+		if remote.DomainID == expectedDomainID {
+			return remote, true
+		}
+		if remote.DomainID == 0 && !hasUnknownDomain {
+			unknownDomain = remote
+			hasUnknownDomain = true
+		}
+	}
+	if hasUnknownDomain {
+		return unknownDomain, true
+	}
+	return WorksmobileRemoteGroup{}, false
+}
+
+func firstWorksmobileRemoteGroup(remotes []WorksmobileRemoteGroup) (WorksmobileRemoteGroup, bool) {
+	if len(remotes) == 0 {
+		return WorksmobileRemoteGroup{}, false
+	}
+	return remotes[0], true
+}
+
+func expectedWorksmobileDomainIDForTenant(tenant domain.Tenant, tenantByID map[string]domain.Tenant) (int64, bool) {
+	domainTenant := worksmobileDomainClassificationTenant(tenant, tenantByID)
+	domainID, err := ResolveWorksmobileDomainIDFromTenant(domainTenant, nil)
+	if err != nil || domainID <= 0 {
+		return 0, false
+	}
+	return domainID, true
+}
+
+func worksmobileGroupNeedsUpdate(tenant domain.Tenant, remote WorksmobileRemoteGroup, remoteByID map[string]WorksmobileRemoteGroup, remoteByExternalID map[string][]WorksmobileRemoteGroup, tenantByID map[string]domain.Tenant) bool {
+	if strings.TrimSpace(tenant.Name) != strings.TrimSpace(remote.DisplayName) {
+		return true
+	}
+
+	expectedParentExternalKey := expectedWorksmobileParentExternalKey(tenant, remoteByExternalID, tenantByID)
+	actualParentExternalKey := ""
+	if remote.ParentID != "" {
+		actualParentExternalKey = strings.TrimSpace(remoteByID[remote.ParentID].ExternalID)
+	}
+	return expectedParentExternalKey != actualParentExternalKey
+}
+
+func expectedWorksmobileParentExternalKey(tenant domain.Tenant, remoteByExternalID map[string][]WorksmobileRemoteGroup, tenantByID map[string]domain.Tenant) string {
+	parentID := worksmobileTenantParentID(tenant)
+	if parentID == "" {
+		return ""
+	}
+	if parent, ok := tenantByID[parentID]; ok && parent.Slug == "baron-group" {
+		return ""
+	}
+	parent, ok := tenantByID[parentID]
+	if !ok {
+		return ""
+	}
+	if _, ok := matchingWorksmobileRemoteGroupForTenant(parent, remoteByExternalID[parentID], tenantByID); !ok {
+		return ""
+	}
+	return parentID
+}
+
 func fillWorksmobileParentFromBaronParentMatch(item WorksmobileComparisonItem) WorksmobileComparisonItem {
 	if item.WorksmobileParentID == "" || item.WorksmobileParentID != item.BaronParentWorksmobileID {
 		return item