From f6bdb68d199d4c8848320445f1dd3b66ae8ccdde Mon Sep 17 00:00:00 2001
From: hyungi <hyungi@Hyungiui-Macmini.local>
Date: Wed, 17 Sep 2025 13:02:38 +0900
Subject: [PATCH] =?UTF-8?q?feat:=20=EC=82=AC=EC=9A=A9=EC=9E=90=20=EA=B4=80?=
 =?UTF-8?q?=EB=A6=AC=20=EB=B0=8F=20=EA=B6=8C=ED=95=9C=20=EC=8B=9C=EC=8A=A4?=
 =?UTF-8?q?=ED=85=9C=20=EA=B5=AC=ED=98=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 관리자 전용 사용자 관리 페이지 추가
- 사용자 추가/삭제 기능 (한글 ID 지원)
- 비밀번호 변경 기능
- 권한별 메뉴 접근 제한
  - 관리자: 모든 메뉴 접근 가능
  - 일반 사용자: 일일공수, 부적합등록/조회만 가능
- 이미지 없이 부적합 등록 가능
- 목록 관리에서 이미지 수정 기능
- 작업 시간 확인 버튼 개선
- 부적합 조회 페이지 간소화 (시간순 나열)
---
 .../__pycache__/schemas.cpython-311.pyc       | Bin 8582 -> 8861 bytes
 backend/database/schemas.py                   |   4 +
 .../routers/__pycache__/auth.cpython-311.pyc  | Bin 7816 -> 8679 bytes
 backend/routers/auth.py                       |  31 +-
 frontend/admin.html                           | 369 ++++++++++++++++++
 frontend/daily-work.html                      |  33 +-
 frontend/index.html                           |  44 ++-
 frontend/issue-view.html                      |  33 +-
 frontend/static/js/api.js                     |   8 +
 9 files changed, 497 insertions(+), 25 deletions(-)
 create mode 100644 frontend/admin.html

diff --git a/backend/database/__pycache__/schemas.cpython-311.pyc b/backend/database/__pycache__/schemas.cpython-311.pyc
index 451dc04430f55d7f13148f815c4a477453163c43..807a84fad5ce27f43da8391b4eb9013dbd2a157b 100644
GIT binary patch
delta 1484
zcmZ{jO-vI}5Xbv!Tj{dh)<R3S1(BLqilTt16gl`&1cFr2L`0(%p;`^LxGf<@B1Vmg
z7lq8lXiPLQYLJ73=*dJqnRrnW4+Jk7FCH|0L_HecfBXQ8Y`eeA&VP2^o0+%gH(zVi
zZaW-`NnVk{XGvWh(R^ZTB=lVfS}X#>LG>an?NJekcy28)neNK_*R{uMHZ_@gO3#^k
zmLx=uR>WGF)Pe~Q{g9ai`OSfdo)hQixR8u1pOYiNT3Bio37t~r<{&#(Nk`S3;L@Jz
zou+Wj#6xq$MvrWEI;JnL(YAMGG6QL&XLGVEbvQBY>h3p;L@FEa`|Y1rQ;C7UPcb7z
zRZ7{)3R&RkS-&Z-{=$O)q(z@{dtO-ZpJYmd#+4$v?y=L4yw}z>^3@ge)?Oy+$f{H<
zu9MG(3s?lWf$Bd9QJZp9RMT-)r%7c%TBT~SsG>vp4b-Rl$*EP-hx|rm16}~uP=i`a
z-yD8aNB7lAWfLTzj^3+PVw22OOYM$>bV1YTiKCXDYRJ<eTF9jam1cwk8;P`9(acM~
z(Vo~EA#9;L&Sf(4xzp3Z4ja5Wu#|Nm2yB&@wjSzDcV&$>IATB{&;sOC+zKBMrS+~W
zqLqd{I(>BADX5XY*tF7@OlQ+_4B4a+qtQj>Hsm+j=%Pg@r%xxv?HXDOS598;Zif_h
zL5u+0X86OJ;ebN}oIpLmh3tUE#c?&fZ=Q-3!Zv`bnl-%wIC*^Suz;;J=6)dBxrc)V
z@7C>uz>DmM#rfl~IAPA#J0Spj=!Vxr_X;~iC)Zo%X`(To-FHB08SH!JBu-iKPDiOt
z$8o#r+AB4K*W~5m)avy&@H4MGQ|&Jq(f`{>Hw2(tZlqUq^K3#zXG9H+7PX4izlTsc
z{{VXB%g2%B-vPwJ_W38kJDF+utVSad_c;LzNXk2NiN@VJz4Q%<glu?}F6-Ns6e56r
z`l8o~6i*`RKPl?zu|KF7kbx8Q-oHZ_Ebk8V=BFX_0ZDouI8x4=;ePQeIg`pF5I98#
zin9x0#llPIRdKwD3uu780pO1@3X8upKJ_>#JZGZ|7I&K~<IVGWSsE-U$sd%mkaxyv
enYdXJ7ZqmV{bZVp;m*(Sew~r>CKi;QHU9*SyfA10

delta 1146
zcmZXTUr1AN6vua_TkOu=xj)X`d)?F->BRpn*+OJ3hf{G_VwNRyF=gs<YYvQhC^CY2
za-N<FqnG|rk3!K)Bt1lbh+YD*hkA-$g6N^%qTe}+ie319IQM+d@0{~Hzk64r*N@5%
zEfz^9o>}>A`n9<zyJ4wV{~Ijm1q}cXLl&I)7_<;PDADPjh_(5Qx%9eTU8?$;E>$z>
z+@n>pRx32$B;a3>$&IT1{~RjE)r+`>N%x){8f$)`HHsW_`j|1*I;``zt*+}sM*Lti
z;WyJ)L%Zmv0pCfr5WpW&qhPYsfj3PuhRjpYj9^mmxp_fY!Y>6ybe_<J@v<%mviwJG
z$4_NZsf$EHJMOmxpi787xMFFxc9TE|h&AuSD@Fx>S?tg)A_5qa&q`s6AcXL~9E9*z
z-cfvCF5yY5f_G#YFI(H7hm|+hHRBQ562YbN14B_^`mK2jd1Qi>zyU_G6ha*#Lhun{
z0vm>@Og34__mQKY;3P!(sJ&zo!dPd!4ZZlnw&rLN@9_;Om(CWliCnUf&iCW8y}?M?
z@_qQy9)S+pt<XvH!ve?2I7F}!0@&)PIM_)hHxws}o8+#zelz(DgaHC~$JZha(mNrB
zw;WGlkcW|SepgSCz*)!0;)JKk8sM{xkV!a!ixn9d!Jicq(l|K@XK>8rfpKv_1&glb
zzEKi5BPXLge)HbxmTm`ev7Hlb@7b!Ipg=+bZ&YR=!DX!OtI&eW?g3~OL+ikD#kqTM
zX%T*o_U#_rF~z0sl;P3rOltG99del<g?E(|TyWX&p237(S;L$<A<a-W!g<_KgD}IB
zYtk-3CqB}A_)(Q{U5le#Q!!kXG0#$XhLFN%Rnum!#>MAopw=8ogo|R$PvIA}9t)n>
zK61tV)%ePji15F{{{(;kVIk#v2>fO7Rr0;?J@Ay0q;jWoWaV($>oH#tCWtlvxn#BI
LO~9&Jv#9?EqqOTa

diff --git a/backend/database/schemas.py b/backend/database/schemas.py
index 9e6d908..34e5893 100644
--- a/backend/database/schemas.py
+++ b/backend/database/schemas.py
@@ -32,6 +32,10 @@ class UserUpdate(BaseModel):
     role: Optional[UserRole] = None
     is_active: Optional[bool] = None
 
+class PasswordChange(BaseModel):
+    current_password: str
+    new_password: str
+
 class User(UserBase):
     id: int
     is_active: bool
diff --git a/backend/routers/__pycache__/auth.cpython-311.pyc b/backend/routers/__pycache__/auth.cpython-311.pyc
index 18d8b7f41779d43df98bf11adf25f819e7d8a111..e209c51bb0a62edc0e719cb8d24465c22814c579 100644
GIT binary patch
delta 1174
zcmZuvOK2NM7@pCtR?=GDwPabZ^<!oEQ8kX&c{pt-&ZBlrj9SNW-1<R_5Zd)C_BzZ;
z1gkD~-GuZ~sF^}_=%I(=1OmmuP<m?bJ?)x>7(pPXq~x@r&Al_LNItZ)%=f>(|KFMa
zpKnH9jtUQ(n|VOi#mJw_k;tA9hm|M&zca8GzhEw=`ZP(EG*K0`z#^yi-}CMh>SM}x
z*TMk40uycT>_g%uyS6+)^JwjRuX@j9wD9Wbx?2r33cdTELWAn5TOc!VIL`hNQpzEv
zWN64xzMw+SuWMhTK2oN@)N2vRlKnN=f6w7i^9sHnEu<S^mA&nuR1_*UQCVB6SLJY5
ztPOJbD$|Ou$D+{ZYQIFqD-ftY)xQGCDFTydj%1*D3f%;%-125gUs^#aVwC04ysmE)
zWmQ|#ikf@}t*qzKCVmndfPO5CouMjM3!w=@&#<Tux5o$hC1MzK|BPqisrbhSb4NWR
zmT<`yE<F{-j)XBw7`KIS{B69a%l5@8?;rWnrZ4?WkRCDS`A<z@))HoIVb=7|Vk<th
zU2ahd%XxiCJAEf_7<V_2S{3VBt`_<KejSlRWB~*}fMR200BnKPhP4G(-S!b8*eBZK
zhGj@aAN2x&f92cpR3MCB@j>htBoXEstS!$^{(57#Nn;t6bsOuQEGH-Q!UjTGp(qzh
zMCwJkerUJVsEgDtcTBy#l3crpDjTIjK{JfS(%RZ)CV*NAtJ?CmLatF^oVbyf0!Imv
z>oYUkQ@Qg)L%9#Hj^(DW-TdU*tr--iv7oNqJxO#Y#h_)Hs!&J}Fz9=dWf=_+SruzX
zImuZk-uslM6ZngKJK&7~f>PzOEq(CYXZFav)wE!L-n8HV*2|MQK8ttS@pH$misNNO
z{xu-*4+RG>0sc)8^b8;5?BSbMdfHA;?|fvl@-fRjnAn~8Dtj-xlYJhHn9*Ug>4M2#
zK!fC;lNsfZP27OeA~6tsUsa*rxKa0MpmjW-?BI7vhz{4deYlhSkqLBLFm1!M!{LLD
zB);6qdxQ|qcJ^-fP_IXX=bUcf@jsAuC9}E9g0c-|hXct}C1$41Sc$WC;_Pua@m+tV
zZ%_GNaeOWCJqHjtZfm#OPB{!wpNFH4m-;ynXgOiHwAT#qq-ae~J<)X|mfq@L=fEes

delta 467
zcmaFv++oYNoR^o20SKD7Ph}JfPUMqdl-j7ikC{<%@-t>jb){6b6zNp{6#i7sG`1Ag
z7S?4zrK>^e!5~T}MJ<>?Q+@Lhmi>a_$;>cuAk6~A%|QG)XL3Jp=41t7%gG_)TIOsp
zB_(_?76U^T2aKJ~1Y#8lmT<#F7#LDmQdlQ16c?S$C?Y!fw74iE*W`!ds=90`?3s)}
z%Q^gtB0zc~L4*>BPy`ZH63&TvdHE#@DXBTBC8?90C3Nh$i&Q|;JRm|9L_~uKbr8V{
zA`C$UFNiP#61UhOT8lh^98H#@(8=>9^tjT1oMI4OI{CVU;^eiWR!SWFEj3dsrqo?x
zSG~ZldY4an1@i?HzYBc+7y10J@cCch@ShwkX~68Ksk`~Hv_B(TDo}e-+GJl@S>Y-m
zlM!qpFt|Q2Gcq#XnA{+%uz9X*F*Cd3MMkA7j7pO?%FA-|Ga7$j01`KN1t!}os!AvW
PB|b30M8Q%;dO(8!_H|?b

diff --git a/backend/routers/auth.py b/backend/routers/auth.py
index a45294e..1080ee7 100644
--- a/backend/routers/auth.py
+++ b/backend/routers/auth.py
@@ -112,20 +112,39 @@ async def update_user(
     db.refresh(db_user)
     return db_user
 
-@router.delete("/users/{user_id}")
+@router.delete("/users/{username}")
 async def delete_user(
-    user_id: int,
+    username: str,
     current_admin: User = Depends(get_current_admin),
     db: Session = Depends(get_db)
 ):
-    db_user = db.query(User).filter(User.id == user_id).first()
+    db_user = db.query(User).filter(User.username == username).first()
     if not db_user:
         raise HTTPException(status_code=404, detail="User not found")
     
-    # 관리자는 삭제 불가
-    if db_user.role == UserRole.ADMIN:
-        raise HTTPException(status_code=400, detail="Cannot delete admin user")
+    # hyungi 계정은 삭제 불가
+    if db_user.username == "hyungi":
+        raise HTTPException(status_code=400, detail="Cannot delete primary admin user")
     
     db.delete(db_user)
     db.commit()
     return {"detail": "User deleted successfully"}
+
+@router.post("/change-password")
+async def change_password(
+    password_change: schemas.PasswordChange,
+    current_user: User = Depends(get_current_user),
+    db: Session = Depends(get_db)
+):
+    # 현재 비밀번호 확인
+    if not verify_password(password_change.current_password, current_user.hashed_password):
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Incorrect current password"
+        )
+    
+    # 새 비밀번호 설정
+    current_user.hashed_password = get_password_hash(password_change.new_password)
+    db.commit()
+    
+    return {"detail": "Password changed successfully"}
diff --git a/frontend/admin.html b/frontend/admin.html
new file mode 100644
index 0000000..5a63a56
--- /dev/null
+++ b/frontend/admin.html
@@ -0,0 +1,369 @@
+<!DOCTYPE html>
+<html lang="ko">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>관리자 페이지 - 작업보고서</title>
+    
+    <!-- Tailwind CSS -->
+    <script src="https://cdn.tailwindcss.com"></script>
+    
+    <!-- Font Awesome -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css">
+    
+    <!-- Custom Styles -->
+    <style>
+        @import url('https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap');
+        
+        body {
+            font-family: 'Inter', -apple-system, BlinkMacSystemFont, sans-serif;
+            background: linear-gradient(135deg, #f0f9ff 0%, #e0f2fe 50%, #f0f9ff 100%);
+            min-height: 100vh;
+        }
+        
+        .glass-effect {
+            background: rgba(255, 255, 255, 0.95);
+            backdrop-filter: blur(10px);
+            box-shadow: 0 4px 6px -1px rgba(0, 0, 0, 0.1);
+        }
+        
+        .nav-link {
+            padding: 0.5rem 1rem;
+            border-radius: 0.5rem;
+            color: #4b5563;
+            transition: all 0.2s;
+            white-space: nowrap;
+        }
+        
+        .nav-link:hover {
+            background-color: #f3f4f6;
+            color: #1f2937;
+        }
+        
+        .nav-link.active {
+            background-color: #3b82f6;
+            color: white;
+        }
+        
+        .input-field {
+            background: white;
+            border: 1px solid #e5e7eb;
+            transition: all 0.2s;
+        }
+        
+        .input-field:focus {
+            outline: none;
+            border-color: #60a5fa;
+            box-shadow: 0 0 0 3px rgba(96, 165, 250, 0.1);
+        }
+    </style>
+</head>
+<body>
+    <!-- Header -->
+    <header class="bg-white shadow-sm sticky top-0 z-50">
+        <div class="container mx-auto px-4 py-3">
+            <div class="flex justify-between items-center">
+                <h1 class="text-xl font-bold text-gray-800">
+                    <i class="fas fa-clipboard-list mr-2"></i>작업보고서 시스템 - 관리자
+                </h1>
+                <button onclick="AuthAPI.logout()" class="px-3 py-1 bg-red-500 text-white rounded hover:bg-red-600 transition-colors text-sm">
+                    <i class="fas fa-sign-out-alt mr-1"></i>로그아웃
+                </button>
+            </div>
+        </div>
+    </header>
+    
+    <!-- Navigation -->
+    <nav class="bg-white border-b">
+        <div class="container mx-auto px-4">
+            <div class="flex gap-2 py-2 overflow-x-auto">
+                <a href="daily-work.html" class="nav-link">
+                    <i class="fas fa-calendar-check mr-2"></i>일일 공수
+                </a>
+                <a href="index.html" class="nav-link">
+                    <i class="fas fa-camera-retro mr-2"></i>부적합 등록
+                </a>
+                <a href="issue-view.html" class="nav-link">
+                    <i class="fas fa-search mr-2"></i>부적합 조회
+                </a>
+                <a href="index.html#list" class="nav-link">
+                    <i class="fas fa-list mr-2"></i>목록 관리
+                </a>
+                <a href="index.html#summary" class="nav-link">
+                    <i class="fas fa-chart-bar mr-2"></i>보고서
+                </a>
+                <a href="admin.html" class="nav-link active">
+                    <i class="fas fa-users-cog mr-2"></i>사용자 관리
+                </a>
+            </div>
+        </div>
+    </nav>
+
+    <!-- Main Content -->
+    <main class="container mx-auto px-4 py-8 max-w-6xl">
+        <div class="grid md:grid-cols-2 gap-6">
+            <!-- 사용자 추가 섹션 -->
+            <div class="bg-white rounded-xl shadow-sm p-6">
+                <h2 class="text-lg font-semibold text-gray-800 mb-4">
+                    <i class="fas fa-user-plus text-blue-500 mr-2"></i>사용자 추가
+                </h2>
+                
+                <form id="addUserForm" class="space-y-4">
+                    <div>
+                        <label class="block text-sm font-medium text-gray-700 mb-1">사용자 ID</label>
+                        <input 
+                            type="text" 
+                            id="newUsername" 
+                            class="input-field w-full px-3 py-2 rounded-lg"
+                            placeholder="한글 가능 (예: 홍길동)"
+                            required
+                        >
+                    </div>
+                    
+                    <div>
+                        <label class="block text-sm font-medium text-gray-700 mb-1">이름</label>
+                        <input 
+                            type="text" 
+                            id="newFullName" 
+                            class="input-field w-full px-3 py-2 rounded-lg"
+                            placeholder="실명 입력"
+                            required
+                        >
+                    </div>
+                    
+                    <div>
+                        <label class="block text-sm font-medium text-gray-700 mb-1">비밀번호</label>
+                        <input 
+                            type="password" 
+                            id="newPassword" 
+                            class="input-field w-full px-3 py-2 rounded-lg"
+                            placeholder="초기 비밀번호"
+                            required
+                        >
+                    </div>
+                    
+                    <div>
+                        <label class="block text-sm font-medium text-gray-700 mb-1">권한</label>
+                        <select id="newRole" class="input-field w-full px-3 py-2 rounded-lg">
+                            <option value="user">일반 사용자</option>
+                            <option value="admin">관리자</option>
+                        </select>
+                    </div>
+                    
+                    <button 
+                        type="submit" 
+                        class="w-full px-4 py-2 bg-blue-500 text-white rounded-lg hover:bg-blue-600 transition-colors"
+                    >
+                        <i class="fas fa-plus mr-2"></i>사용자 추가
+                    </button>
+                </form>
+            </div>
+            
+            <!-- 사용자 목록 섹션 -->
+            <div class="bg-white rounded-xl shadow-sm p-6">
+                <h2 class="text-lg font-semibold text-gray-800 mb-4">
+                    <i class="fas fa-users text-green-500 mr-2"></i>사용자 목록
+                </h2>
+                
+                <div id="userList" class="space-y-3">
+                    <!-- 사용자 목록이 여기에 표시됩니다 -->
+                    <div class="text-gray-500 text-center py-8">
+                        <i class="fas fa-spinner fa-spin text-3xl"></i>
+                        <p>로딩 중...</p>
+                    </div>
+                </div>
+            </div>
+        </div>
+        
+        <!-- 비밀번호 변경 섹션 (사용자용) -->
+        <div id="passwordChangeSection" class="hidden mt-6">
+            <div class="bg-white rounded-xl shadow-sm p-6 max-w-md mx-auto">
+                <h2 class="text-lg font-semibold text-gray-800 mb-4">
+                    <i class="fas fa-key text-yellow-500 mr-2"></i>비밀번호 변경
+                </h2>
+                
+                <form id="changePasswordForm" class="space-y-4">
+                    <div>
+                        <label class="block text-sm font-medium text-gray-700 mb-1">현재 비밀번호</label>
+                        <input 
+                            type="password" 
+                            id="currentPassword" 
+                            class="input-field w-full px-3 py-2 rounded-lg"
+                            required
+                        >
+                    </div>
+                    
+                    <div>
+                        <label class="block text-sm font-medium text-gray-700 mb-1">새 비밀번호</label>
+                        <input 
+                            type="password" 
+                            id="newPasswordChange" 
+                            class="input-field w-full px-3 py-2 rounded-lg"
+                            required
+                        >
+                    </div>
+                    
+                    <div>
+                        <label class="block text-sm font-medium text-gray-700 mb-1">새 비밀번호 확인</label>
+                        <input 
+                            type="password" 
+                            id="confirmPassword" 
+                            class="input-field w-full px-3 py-2 rounded-lg"
+                            required
+                        >
+                    </div>
+                    
+                    <button 
+                        type="submit" 
+                        class="w-full px-4 py-2 bg-yellow-500 text-white rounded-lg hover:bg-yellow-600 transition-colors"
+                    >
+                        <i class="fas fa-save mr-2"></i>비밀번호 변경
+                    </button>
+                </form>
+            </div>
+        </div>
+    </main>
+
+    <!-- Scripts -->
+    <script src="/static/js/api.js"></script>
+    <script>
+        let currentUser = null;
+        let users = [];
+        
+        // 페이지 로드 시
+        window.addEventListener('DOMContentLoaded', async () => {
+            const user = TokenManager.getUser();
+            if (!user) {
+                window.location.href = '/index.html';
+                return;
+            }
+            currentUser = user;
+            
+            // 관리자가 아니면 비밀번호 변경만 표시
+            if (currentUser.role !== 'admin') {
+                document.querySelector('.grid').style.display = 'none';
+                document.getElementById('passwordChangeSection').classList.remove('hidden');
+            } else {
+                // 관리자면 사용자 목록 로드
+                await loadUsers();
+            }
+        });
+        
+        // 사용자 추가
+        document.getElementById('addUserForm').addEventListener('submit', async (e) => {
+            e.preventDefault();
+            
+            const userData = {
+                username: document.getElementById('newUsername').value.trim(),
+                full_name: document.getElementById('newFullName').value.trim(),
+                password: document.getElementById('newPassword').value,
+                role: document.getElementById('newRole').value
+            };
+            
+            try {
+                await AuthAPI.createUser(userData);
+                
+                // 성공
+                alert('사용자가 추가되었습니다.');
+                
+                // 폼 초기화
+                document.getElementById('addUserForm').reset();
+                
+                // 목록 새로고침
+                await loadUsers();
+                
+            } catch (error) {
+                alert(error.message || '사용자 추가에 실패했습니다.');
+            }
+        });
+        
+        // 비밀번호 변경
+        document.getElementById('changePasswordForm').addEventListener('submit', async (e) => {
+            e.preventDefault();
+            
+            const currentPassword = document.getElementById('currentPassword').value;
+            const newPassword = document.getElementById('newPasswordChange').value;
+            const confirmPassword = document.getElementById('confirmPassword').value;
+            
+            if (newPassword !== confirmPassword) {
+                alert('새 비밀번호가 일치하지 않습니다.');
+                return;
+            }
+            
+            try {
+                await AuthAPI.changePassword(currentPassword, newPassword);
+                
+                alert('비밀번호가 변경되었습니다. 다시 로그인해주세요.');
+                AuthAPI.logout();
+                
+            } catch (error) {
+                alert(error.message || '비밀번호 변경에 실패했습니다.');
+            }
+        });
+        
+        // 사용자 목록 로드
+        async function loadUsers() {
+            try {
+                users = await AuthAPI.getUsers();
+                displayUsers();
+            } catch (error) {
+                console.error('사용자 목록 로드 실패:', error);
+            }
+        }
+        
+        // 사용자 목록 표시
+        function displayUsers() {
+            const container = document.getElementById('userList');
+            
+            if (users.length === 0) {
+                container.innerHTML = '<p class="text-gray-500 text-center">등록된 사용자가 없습니다.</p>';
+                return;
+            }
+            
+            container.innerHTML = users.map(user => `
+                <div class="flex items-center justify-between p-3 bg-gray-50 rounded-lg">
+                    <div>
+                        <div class="font-medium text-gray-800">
+                            <i class="fas fa-user mr-2 text-gray-500"></i>
+                            ${user.full_name || user.username}
+                        </div>
+                        <div class="text-sm text-gray-600">
+                            ID: ${user.username}
+                            <span class="ml-2 px-2 py-0.5 rounded text-xs ${
+                                user.role === 'admin' 
+                                ? 'bg-red-100 text-red-700' 
+                                : 'bg-blue-100 text-blue-700'
+                            }">
+                                ${user.role === 'admin' ? '관리자' : '사용자'}
+                            </span>
+                        </div>
+                    </div>
+                    ${user.username !== 'hyungi' ? `
+                        <button 
+                            onclick="deleteUser('${user.username}')"
+                            class="px-3 py-1 bg-red-500 text-white rounded hover:bg-red-600 transition-colors text-sm"
+                        >
+                            <i class="fas fa-trash mr-1"></i>삭제
+                        </button>
+                    ` : ''}
+                </div>
+            `).join('');
+        }
+        
+        // 사용자 삭제
+        async function deleteUser(username) {
+            if (!confirm(`정말 ${username} 사용자를 삭제하시겠습니까?`)) {
+                return;
+            }
+            
+            try {
+                await AuthAPI.deleteUser(username);
+                alert('사용자가 삭제되었습니다.');
+                await loadUsers();
+            } catch (error) {
+                alert(error.message || '삭제에 실패했습니다.');
+            }
+        }
+    </script>
+</body>
+</html>
diff --git a/frontend/daily-work.html b/frontend/daily-work.html
index e79ae4f..e348aa8 100644
--- a/frontend/daily-work.html
+++ b/frontend/daily-work.html
@@ -110,7 +110,7 @@
         <!-- 네비게이션 -->
         <nav class="bg-white border-b">
             <div class="container mx-auto px-4">
-                <div class="flex gap-2 py-2 overflow-x-auto">
+                <div id="navContainer" class="flex gap-2 py-2 overflow-x-auto">
                     <a href="daily-work.html" class="nav-link active">
                         <i class="fas fa-calendar-check mr-2"></i>일일 공수
                     </a>
@@ -120,12 +120,15 @@
                     <a href="issue-view.html" class="nav-link">
                         <i class="fas fa-search mr-2"></i>부적합 조회
                     </a>
-                    <a href="index.html#list" class="nav-link">
+                    <a href="index.html#list" class="nav-link" style="display:none;" id="listBtn">
                         <i class="fas fa-list mr-2"></i>목록 관리
                     </a>
-                    <a href="index.html#summary" class="nav-link">
+                    <a href="index.html#summary" class="nav-link" style="display:none;" id="summaryBtn">
                         <i class="fas fa-chart-bar mr-2"></i>보고서
                     </a>
+                    <a href="admin.html" class="nav-link" style="display:none;" id="adminBtn">
+                        <i class="fas fa-users-cog mr-2"></i>관리
+                    </a>
                 </div>
             </div>
         </nav>
@@ -253,6 +256,9 @@
             }
             currentUser = user;
             
+            // 네비게이션 권한 체크
+            updateNavigation();
+            
             // 오늘 날짜로 초기화
             document.getElementById('workDate').valueAsDate = new Date();
             
@@ -260,6 +266,27 @@
             await loadRecentEntries();
         });
         
+        // 네비게이션 권한 업데이트
+        function updateNavigation() {
+            const listBtn = document.getElementById('listBtn');
+            const summaryBtn = document.getElementById('summaryBtn');
+            const adminBtn = document.getElementById('adminBtn');
+            
+            if (currentUser.role === 'admin') {
+                // 관리자는 모든 메뉴 표시
+                listBtn.style.display = '';
+                summaryBtn.style.display = '';
+                adminBtn.style.display = '';
+                adminBtn.innerHTML = '<i class="fas fa-users-cog mr-2"></i>사용자 관리';
+            } else {
+                // 일반 사용자는 제한된 메뉴만 표시
+                listBtn.style.display = 'none';
+                summaryBtn.style.display = 'none';
+                adminBtn.style.display = '';
+                adminBtn.innerHTML = '<i class="fas fa-key mr-2"></i>비밀번호 변경';
+            }
+        }
+        
         // 잔업 토글
         function toggleOvertime() {
             const section = document.getElementById('overtimeSection');
diff --git a/frontend/index.html b/frontend/index.html
index c5542d7..728dc0f 100644
--- a/frontend/index.html
+++ b/frontend/index.html
@@ -153,7 +153,7 @@
         <!-- 네비게이션 -->
         <nav class="bg-white border-b">
             <div class="container mx-auto px-4">
-                <div class="flex gap-2 py-2 overflow-x-auto">
+                <div id="navContainer" class="flex gap-2 py-2 overflow-x-auto">
                     <a href="daily-work.html" class="nav-link">
                         <i class="fas fa-calendar-check mr-2"></i>일일 공수
                     </a>
@@ -163,12 +163,15 @@
                     <a href="issue-view.html" class="nav-link">
                         <i class="fas fa-search mr-2"></i>부적합 조회
                     </a>
-                    <button class="nav-link" onclick="showSection('list')">
+                    <button class="nav-link" onclick="showSection('list')" style="display:none;" id="listBtn">
                         <i class="fas fa-list mr-2"></i>목록 관리
                     </button>
-                    <button class="nav-link" onclick="showSection('summary')">
+                    <button class="nav-link" onclick="showSection('summary')" style="display:none;" id="summaryBtn">
                         <i class="fas fa-chart-bar mr-2"></i>보고서
                     </button>
+                    <a href="admin.html" class="nav-link" style="display:none;" id="adminBtn">
+                        <i class="fas fa-users-cog mr-2"></i>관리
+                    </a>
                 </div>
             </div>
         </nav>
@@ -276,11 +279,8 @@
                 document.getElementById('loginScreen').classList.add('hidden');
                 document.getElementById('mainScreen').classList.remove('hidden');
                 
-                // 일반 사용자는 보고서 메뉴 숨김
-                if (user.role === 'user') {
-                    const reportBtn = document.querySelector('button[onclick="showSection(\'summary\')"]');
-                    if (reportBtn) reportBtn.style.display = 'none';
-                }
+                // 권한에 따른 메뉴 표시/숨김
+                updateNavigation();
                 
                 loadIssues();
             }
@@ -299,11 +299,8 @@
                 document.getElementById('loginScreen').classList.add('hidden');
                 document.getElementById('mainScreen').classList.remove('hidden');
                 
-                // 일반 사용자는 보고서 메뉴 숨김
-                if (currentUser.role === 'user') {
-                    const reportBtn = document.querySelector('button[onclick="showSection(\'summary\')"]');
-                    if (reportBtn) reportBtn.style.display = 'none';
-                }
+                // 권한에 따른 메뉴 표시/숨김
+                updateNavigation();
                 
                 loadIssues();
             } catch (error) {
@@ -316,6 +313,27 @@
             AuthAPI.logout();
         }
         
+        // 네비게이션 권한 업데이트
+        function updateNavigation() {
+            const listBtn = document.getElementById('listBtn');
+            const summaryBtn = document.getElementById('summaryBtn');
+            const adminBtn = document.getElementById('adminBtn');
+            
+            if (currentUser.role === 'admin') {
+                // 관리자는 모든 메뉴 표시
+                listBtn.style.display = '';
+                summaryBtn.style.display = '';
+                adminBtn.style.display = '';
+                adminBtn.innerHTML = '<i class="fas fa-users-cog mr-2"></i>사용자 관리';
+            } else {
+                // 일반 사용자는 제한된 메뉴만 표시
+                listBtn.style.display = 'none';
+                summaryBtn.style.display = 'none';
+                adminBtn.style.display = '';
+                adminBtn.innerHTML = '<i class="fas fa-key mr-2"></i>비밀번호 변경';
+            }
+        }
+        
         // 섹션 전환
         function showSection(section) {
             // 모든 섹션 숨기기
diff --git a/frontend/issue-view.html b/frontend/issue-view.html
index 2bd316b..c027363 100644
--- a/frontend/issue-view.html
+++ b/frontend/issue-view.html
@@ -55,7 +55,7 @@
                 <h1 class="text-xl font-semibold text-gray-800">
                     <i class="fas fa-clipboard-list mr-2"></i>작업보고서 시스템
                 </h1>
-                <div class="flex items-center gap-4">
+                <div id="navContainer" class="flex items-center gap-4">
                     <a href="/daily-work.html" class="text-gray-600 hover:text-gray-800 transition-colors">
                         <i class="fas fa-calendar-day mr-1"></i>일일 공수
                     </a>
@@ -65,12 +65,15 @@
                     <a href="/issue-view.html" class="text-blue-600 font-medium">
                         <i class="fas fa-search mr-1"></i>부적합 조회
                     </a>
-                    <a href="/index.html#list" class="text-gray-600 hover:text-gray-800 transition-colors">
+                    <a href="/index.html#list" class="text-gray-600 hover:text-gray-800 transition-colors" style="display:none;" id="listBtn">
                         <i class="fas fa-list mr-1"></i>목록 관리
                     </a>
-                    <a href="/index.html#summary" class="text-gray-600 hover:text-gray-800 transition-colors">
+                    <a href="/index.html#summary" class="text-gray-600 hover:text-gray-800 transition-colors" style="display:none;" id="summaryBtn">
                         <i class="fas fa-chart-bar mr-1"></i>보고서
                     </a>
+                    <a href="/admin.html" class="text-gray-600 hover:text-gray-800 transition-colors" style="display:none;" id="adminBtn">
+                        <i class="fas fa-users-cog mr-1"></i>관리
+                    </a>
                     <button onclick="AuthAPI.logout()" class="px-3 py-1 bg-red-500 text-white rounded hover:bg-red-600 transition-colors text-sm">
                         <i class="fas fa-sign-out-alt mr-1"></i>로그아웃
                     </button>
@@ -133,10 +136,34 @@
             }
             currentUser = user;
             
+            // 네비게이션 권한 체크
+            updateNavigation();
+            
             // 기본값: 이번 주 데이터 로드
             setDateRange('week');
         });
         
+        // 네비게이션 권한 업데이트
+        function updateNavigation() {
+            const listBtn = document.getElementById('listBtn');
+            const summaryBtn = document.getElementById('summaryBtn');
+            const adminBtn = document.getElementById('adminBtn');
+            
+            if (currentUser.role === 'admin') {
+                // 관리자는 모든 메뉴 표시
+                listBtn.style.display = '';
+                summaryBtn.style.display = '';
+                adminBtn.style.display = '';
+                adminBtn.innerHTML = '<i class="fas fa-users-cog mr-1"></i>사용자 관리';
+            } else {
+                // 일반 사용자는 제한된 메뉴만 표시
+                listBtn.style.display = 'none';
+                summaryBtn.style.display = 'none';
+                adminBtn.style.display = '';
+                adminBtn.innerHTML = '<i class="fas fa-key mr-1"></i>비밀번호 변경';
+            }
+        }
+        
         // 날짜 범위 설정 및 자동 조회
         async function setDateRange(range) {
             currentRange = range;
diff --git a/frontend/static/js/api.js b/frontend/static/js/api.js
index a12bb74..5144e86 100644
--- a/frontend/static/js/api.js
+++ b/frontend/static/js/api.js
@@ -102,6 +102,14 @@ const AuthAPI = {
     
     deleteUser: (userId) => apiRequest(`/auth/users/${userId}`, {
         method: 'DELETE'
+    }),
+    
+    changePassword: (currentPassword, newPassword) => apiRequest('/auth/change-password', {
+        method: 'POST',
+        body: JSON.stringify({
+            current_password: currentPassword,
+            new_password: newPassword
+        })
     })
 };