- UpdateUser: Implement 'Preserve & Merge' logic to fetch existing joined
tenants from Keto and merge them with UI requests, preventing the
loss of multi-tenant affiliations.
- Keto Sync: Expand the self-healing background job to iterate over all
companyCodes, ensuring 'members' relations are created for every
joined tenant (fixes#554).
- AuthHandler: Update extractFirstString to gracefully handle numeric
JSON types, fixing an issue where Kratos login codes were lost during
Courier webhook processing.
Allows users and tenant admins to view users across all tenants within their hierarchy (both parent and child organizations) instead of just their direct tenant.
Changes the /users endpoint to allow RoleUser access and securely restricts the returned data to only users within their affiliated tenants. Removes the unnecessary back button from the Org Chart view since it's now a top-level nav item.
- Database: Add user_login_ids table for 1:N identifier mapping and remove legacy login_id column
- Kratos: Update identity schema to use custom_login_ids array instead of a single id trait
- Backend: Implement syncCustomLoginIDs to collect isLoginId fields across tenant schemas
- Backend: Add backtracking logic to auto-assign session tenant based on used login identifier
- Backend: Add 409 Conflict exception handling for Create/Update operations
- AdminFront: Refactor UserDetailPage to a tabbed grid layout (Info, Tenants, Security)
- AdminFront: Show '로그인 ID' badge on tenant schema fields used for authentication
- UserFront: Remove legacy optional 'Login ID' input from signup flow
- Tests: Add multi-identifier repository tests and update handler tests
- Add `ValidateLoginID` to enforce ID collision and security rules (prevents phone number collision, email format usage, and reserved words).
- Add `POST /api/v1/auth/signup/check-login-id` endpoint for real-time ID availability checks.
- Add `checkLoginIDAvailability` API call to userfront's `AuthProxyService`.
- Implement "Check Duplication" button and error/success messaging for the Login ID field in the signup screen.
- Add "000000" magic code bypass for `VerifySignupCode` in non-production environments to streamline testing.
- Revert the removal of loginId from adminfront and backend.
- Prevent phone normalization logic from mangling custom employee ID login fields.
- Add an explicit 'loginId' optional input field to the userfront signup UI.
- Update AuthProxyService.signup and backend AuthHandler.Signup to transmit and map the 'loginId' parameter properly.
- Centralize LoginID sync logic in syncLoginID helper
- Support namespaced metadata in CreateUser, UpdateUser, and BulkCreateUsers
- Ensure UpdateUser and UpdateMe always sync LoginID from configured field even if not in update request
- Add phone number normalization consistency for custom LoginIDs
- Add unit tests for namespaced metadata LoginID sync
- 사용자 정보 수정(UpdateUser) 시 메타데이터(커스텀 필드)를 명시적 loginId 값보다 우선하여 동기화하도록 로직 순서 변경
- Admin UI 사용자 상세의 비밀번호 초기화 기능이 즉시 폼에 덮어씌워지는 문제 해결을 위해, 별도의 확인 절차 후 즉각 독립적인 API 호출을 통해 재설정되도록 개선
- Kratos Identity 스키마에 로그인 전용 `id` 속성 추가
- 테넌트 Config의 `loginIdField` 설정에 따라 User의 `login_id` 및 Kratos `traits.id` 동기화 로직 구현
- Admin UI 테넌트 스키마 설정 내 '로그인 ID로 사용' 체크박스 추가
- Admin UI 사용자 생성/수정/조회 화면에 로그인 ID 관리 필드 및 컬럼 반영
- Userfront 로그인 화면 접속 시 테넌트 설정에 따라 동적 로그인 ID 라벨 적용
- 관련 다국어(ko/en) 번역 추가 및 로그인 ID 설계 문서 업데이트
