- Added missing i18n keys for integrity and tenant profile pages to root and adminfront locales.
- Corrected i18n section structure in template.toml.
- Fixed Hanmac email policy test by improving tenant hierarchy mocking and ensuring correct CompanyCode propagation.
- Resolved various backend test failures by updating expectations for normalized roles and fixing undefined variables.
- Simplified RBAC system to two roles: super_admin and user.
- Removed tenant_admin and rp_admin roles across backend and frontend.
- Removed Dev Role Switcher feature from adminfront.
- Updated all handlers, middlewares, and navigation to reflect the new role model.
- Fixed backend build errors and updated tests.
- Added support for fixed UUIDs during bulk registration (Search-first + ExternalID mapping)
- Implemented idempotency and visibility restoration for soft-deleted users
- Enhanced bulk upload UI to show 'New/Updated/Unchanged' status and modified fields
- Added logic to reclaim identifiers (login_id) from colliding records
- Added frontend E2E and backend unit tests for UUID integrity and conflict handling
- Fixed i18n, formatting, and mock tests to satisfy code-check
- Applied 'go fix' for 'omitzero' tags and general Go standards
- `secondary_emails` 대신 `sub_email`을 키값으로 사용하도록 전면 수정
- 관리자 화면의 수동 사용자 생성(Create) 및 수정(Detail) 폼에 `sub_email` 입력 필드 추가
- CSV 템플릿의 컬럼명을 `sub_email`로 변경
- 백엔드의 Kratos Traits 조회 및 배열 추출 로직을 `sub_email` 기준으로 업데이트
- E2E 테스트(`users_bulk.spec.ts`, `users_bulk_secondary.spec.ts`)에서 `sub_email` 검증하도록 수정 및 통과 확인
- `adminfront` CSV 템플릿 헤더에 `secondary_emails` 추가 및 예시 반영
- `adminfront` CSV 파서(`csvParser.ts`)에서 `secondary_emails` 추출 로직 보강
- `backend` 에서 `BulkCreateUsers`, `UpdateUser` 실행 시 보조 이메일을 포함한 모든 이메일에 대해 식별자 유효성(ValidateLoginID) 검사 수행
- `domain.ValidateLoginID`의 파라미터를 복수 이메일 처리를 위해 `[]string`으로 변경
- Playwright E2E 테스트 `users_bulk_secondary.spec.ts` 신규 작성 및 테스트 패스 확인
- adminfront: Update removeMutation to correctly pass 'isRemoveTenant: true' and the specific tenant slug instead of empty string
- backend: Fix 'Move' operation (Normal Update) in UpdateUser to correctly remove the old primary company code from the 'companyCodes' array and sync the deletion to Keto, ensuring accurate member count aggregation
- Add multi-tenant support (isAddTenant, isRemoveTenant) to backend UpdateUser API.
- Update UserRepository to support searching in company_codes array.
- Implement table sorting and align search bar layout in adminfront.
- Add 'Assign Existing Member' and 'Exclude from Organization' features to TenantUsersPage.
- Auto-populate tenantSlug in UserCreatePage via query parameters.
- Add necessary localization keys for new UI elements.
Resolves#644, #639, #642, #641
- UpdateUser: Implement 'Preserve & Merge' logic to fetch existing joined
tenants from Keto and merge them with UI requests, preventing the
loss of multi-tenant affiliations.
- Keto Sync: Expand the self-healing background job to iterate over all
companyCodes, ensuring 'members' relations are created for every
joined tenant (fixes#554).
- AuthHandler: Update extractFirstString to gracefully handle numeric
JSON types, fixing an issue where Kratos login codes were lost during
Courier webhook processing.
Allows users and tenant admins to view users across all tenants within their hierarchy (both parent and child organizations) instead of just their direct tenant.
Changes the /users endpoint to allow RoleUser access and securely restricts the returned data to only users within their affiliated tenants. Removes the unnecessary back button from the Org Chart view since it's now a top-level nav item.
- Database: Add user_login_ids table for 1:N identifier mapping and remove legacy login_id column
- Kratos: Update identity schema to use custom_login_ids array instead of a single id trait
- Backend: Implement syncCustomLoginIDs to collect isLoginId fields across tenant schemas
- Backend: Add backtracking logic to auto-assign session tenant based on used login identifier
- Backend: Add 409 Conflict exception handling for Create/Update operations
- AdminFront: Refactor UserDetailPage to a tabbed grid layout (Info, Tenants, Security)
- AdminFront: Show '로그인 ID' badge on tenant schema fields used for authentication
- UserFront: Remove legacy optional 'Login ID' input from signup flow
- Tests: Add multi-identifier repository tests and update handler tests
