- UpdateUser: Implement 'Preserve & Merge' logic to fetch existing joined
tenants from Keto and merge them with UI requests, preventing the
loss of multi-tenant affiliations.
- Keto Sync: Expand the self-healing background job to iterate over all
companyCodes, ensuring 'members' relations are created for every
joined tenant (fixes#554).
- AuthHandler: Update extractFirstString to gracefully handle numeric
JSON types, fixing an issue where Kratos login codes were lost during
Courier webhook processing.
This commit includes:
- Added SharedLink data model and Keto-bypassed public API for orgchart view
- Configured 'orgfront' as a new OAuth2 client in hydra
- Applied MH Dashboard premium beige theme to OrgChart
- Implemented user lookup fallback to company code
Adjusts parameter matching on mockSvc.ListTenants to use mock.Anything and mockUserRepo methods, ensuring the test safely covers the newly added allTenants internal sub-query flow without fragile strict args.
Changes the /v1/admin/tenants endpoint to be accessible by all authenticated users (requireAnyUser). In the handler, it dynamically resolves the user's affiliations and filters the response to return the complete hierarchical tree (root, parent, child, sibling nodes) for any tenant they belong to.
Allows users and tenant admins to view users across all tenants within their hierarchy (both parent and child organizations) instead of just their direct tenant.
Changes the /users endpoint to allow RoleUser access and securely restricts the returned data to only users within their affiliated tenants. Removes the unnecessary back button from the Org Chart view since it's now a top-level nav item.
- MockKratosAdminService 및 MockTenantService에 새로 추가된 인터페이스 메소드(CreateUser, ListIdentitySessions 등) 구현 추가
- 회원가입 테스트(auth_handler_signup_test.go) 시, isAffiliateTenant 검증 과정에서 TenantService가 nil일 때 발생하는 segfault 방지 로직 보강
- Mock 객체 반환값 타입 불일치 및 testify/mock 매개변수 에러 등 테스트 의존성 전반 수정
- 조직도 렌더링 시 너비 동적 계산 및 스크롤 문제 해결
- 하위 조직(Leaf)을 부모 박스 내부에 임베딩하여 2열로 깔끔하게 표시되도록 조직도 UI 전면 개편
- 사용자 생성/수정 및 CSV 업로드 시 직급(Position)과 직무(JobTitle)가 정상적으로 Kratos 및 로컬 DB에 동기화되도록 백엔드 API 수정
- CSV 조직도 업로드 시 계층 구분을 '/' 대신 ' > '로 변경하여 이름에 '/'가 포함된 부서(예: 평면/셀)가 분리되지 않도록 보호
- 잘못 입력된 과거 직책 데이터(팀장, 그룹장 등)를 'user' 권한으로 일괄 초기화하고, 이후 'role' 필드에 시스템 권한(user, tenant_admin, super_admin) 외의 값이 들어오지 않도록 백엔드 정규화 로직 강화
- 사용자 목록 페이지의 페이지네이션 제한을 50명에서 1000명으로 상향 조정
- 테넌트 목록 페이지에 이름/슬러그 기반 검색 기능 추가
- 관리자 UI 전반에서 불필요한 배지(Admin only, System 등) 제거 및 테넌트 상세 페이지의 미사용 '외부 연동' 탭 삭제
- Refactor `GetActiveTenants` to filter dynamically based on the email domain, removing hardcoded affiliate slugs.
- Update `Signup` to require an explicit `CompanyCode` choice for internal domains, removing automatic provisioning and implicit tenant assignment.
- Add markdown diagram detailing the revised, secure B2B2B dynamic provisioning and inheritance flow.
- Resolve 'noDelete' by using undefined assignment in TenantSchemaPage
- Resolve React list key warning by using client_id in UserDetailPage
- Run biome formatter across modified components
- Database: Add user_login_ids table for 1:N identifier mapping and remove legacy login_id column
- Kratos: Update identity schema to use custom_login_ids array instead of a single id trait
- Backend: Implement syncCustomLoginIDs to collect isLoginId fields across tenant schemas
- Backend: Add backtracking logic to auto-assign session tenant based on used login identifier
- Backend: Add 409 Conflict exception handling for Create/Update operations
- AdminFront: Refactor UserDetailPage to a tabbed grid layout (Info, Tenants, Security)
- AdminFront: Show '로그인 ID' badge on tenant schema fields used for authentication
- UserFront: Remove legacy optional 'Login ID' input from signup flow
- Tests: Add multi-identifier repository tests and update handler tests
- resolve headless audience against BACKEND_PUBLIC_URL first
- keep forwarded header support for https absolute audiences
- add regression tests for https success and http mismatch rejection
- write BACKEND_PUBLIC_URL into staging workflow env generation
- return the full RSA n value in parsedKeys responses
- render parsed key fields with labels and multiline key material in DevFront
- lock the behavior with backend and Playwright regression tests
