fix(tksupport): 부서 페이지 권한 동작 수정 — requireAdmin/requireSupportTeam 제거, 네비게이션 권한 기반 렌더링

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

tksupport/api/routes/vacationDashboardRoutes.js

@@ -1,12 +1,12 @@
 const express = require('express');
 const router = express.Router();
-const { requireAuth, requireSupportTeam, requirePage } = require('../middleware/auth');
+const { requireAuth, requirePage } = require('../middleware/auth');
 const ctrl = require('../controllers/vacationDashboardController');
 
 router.use(requireAuth);
 
-router.get('/', requireSupportTeam, requirePage('support_vacation_dashboard'), ctrl.getDashboard);
-router.get('/yearly-overview', requireSupportTeam, requirePage('support_vacation_dashboard'), ctrl.getYearlyOverview);
-router.get('/monthly-detail', requireSupportTeam, requirePage('support_vacation_dashboard'), ctrl.getMonthlyDetail);
+router.get('/', requirePage('support_vacation_dashboard'), ctrl.getDashboard);
+router.get('/yearly-overview', requirePage('support_vacation_dashboard'), ctrl.getYearlyOverview);
+router.get('/monthly-detail', requirePage('support_vacation_dashboard'), ctrl.getMonthlyDetail);
 
 module.exports = router;

tksupport/api/routes/vacationRoutes.js

@@ -1,6 +1,6 @@
 const express = require('express');
 const router = express.Router();
-const { requireAuth, requireAdmin, requirePage } = require('../middleware/auth');
+const { requireAuth, requirePage } = require('../middleware/auth');
 const ctrl = require('../controllers/vacationController');
 
 router.use(requireAuth);
@@ -15,25 +15,25 @@ router.get('/requests/:id', ctrl.getRequestById);
 router.put('/requests/:id', requirePage('support_vacation_request'), ctrl.updateRequest);
 router.patch('/requests/:id/cancel', requirePage('support_vacation_request'), ctrl.cancelRequest);
 
-// 승인 (관리자)
-router.get('/pending', requireAdmin, ctrl.getPending);
-router.patch('/requests/:id/approve', requireAdmin, requirePage('support_vacation_approval'), ctrl.approveRequest);
-router.patch('/requests/:id/reject', requireAdmin, requirePage('support_vacation_approval'), ctrl.rejectRequest);
+// 승인
+router.get('/pending', requirePage('support_vacation_approval'), ctrl.getPending);
+router.patch('/requests/:id/approve', requirePage('support_vacation_approval'), ctrl.approveRequest);
+router.patch('/requests/:id/reject', requirePage('support_vacation_approval'), ctrl.rejectRequest);
 
 // 내 휴가 현황
 router.get('/my-status', ctrl.getMyStatus);
 
 // 잔여일
 router.get('/balance', ctrl.getMyBalance);
-router.get('/balance/all', requireAdmin, ctrl.getAllBalances);
-router.get('/balance/:userId', requireAdmin, ctrl.getUserBalance);
-router.post('/balance/allocate', requireAdmin, ctrl.allocateBalance);
+router.get('/balance/all', requirePage('support_vacation_approval'), ctrl.getAllBalances);
+router.get('/balance/:userId', requirePage('support_vacation_approval'), ctrl.getUserBalance);
+router.post('/balance/allocate', requirePage('support_vacation_approval'), ctrl.allocateBalance);
 
 // 관리자 보정
-router.post('/admin/correct', requireAdmin, ctrl.adminCreateRequest);
-router.delete('/admin/requests/:id', requireAdmin, ctrl.adminDeleteRequest);
+router.post('/admin/correct', requirePage('support_vacation_admin'), ctrl.adminCreateRequest);
+router.delete('/admin/requests/:id', requirePage('support_vacation_admin'), ctrl.adminDeleteRequest);
 
-// 사용자 목록 (관리자)
-router.get('/users', requireAdmin, ctrl.getUsers);
+// 사용자 목록
+router.get('/users', requirePage('support_vacation_approval'), ctrl.getUsers);
 
 module.exports = router;