hyungi/tk-factory-services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: tkpurchase 시스템 Phase 1 - 협력업체 마스터 + 당일 방문 관리

Browse Source 
신규 독립 시스템 tkpurchase (구매/방문 관리) 구축:
- 협력업체 CRUD + 소속 작업자 관리 (마스터 데이터 소유)
- 당일 방문 등록/체크인/체크아웃 + 일괄 마감
- 업체 자동완성, CSV 내보내기, 집계 통계
- 자정 자동 체크아웃 (node-cron)
- tkuser 협력업체 읽기 전용 탭 + 권한 그리드(tkpurchase-perms) 추가
- docker-compose에 tkpurchase-api/web 서비스 추가

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Hyungi Ahn
2026-03-12 15:45:37 +09:00
parent 5b1b89254c
commit 281f5d35d1
29 changed files with 2641 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
tkpurchase/api/Dockerfile Normal file
View File

@@ -0,0 +1,18 @@
FROM node:18-alpine
WORKDIR /usr/src/app
COPY package*.json ./
RUN npm install --omit=dev
COPY . .
RUN chown -R node:node /usr/src/app
USER node
EXPOSE 3000
HEALTHCHECK --interval=30s --timeout=3s --start-period=20s --retries=3 \
CMD node -e "require('http').get('http://localhost:3000/health', (res) => { process.exit(res.statusCode === 200 ? 0 : 1); })"
CMD ["node", "index.js"]

136
tkpurchase/api/controllers/dailyVisitController.js Normal file
View File

@@ -0,0 +1,136 @@
const dailyVisitModel = require('../models/dailyVisitModel');
const PURPOSE_LABELS = {
day_labor: '일용공', equipment_repair: '설비수리', inspection: '검사',
delivery: '납품/배송', safety_audit: '안전점검', client_audit: '고객심사',
construction: '공사', other: '기타'
};
async function today(req, res) {
try {
const [visits, stats] = await Promise.all([
dailyVisitModel.findToday(),
dailyVisitModel.getTodayStats()
]);
res.json({ success: true, data: { visits, stats } });
} catch (err) {
console.error('Today visits error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
async function list(req, res) {
try {
const rows = await dailyVisitModel.findAll(req.query);
res.json({ success: true, data: rows });
} catch (err) {
console.error('Visit list error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
async function create(req, res) {
try {
const { visitor_name, purpose, company_id, company_name } = req.body;
if (!visitor_name || !visitor_name.trim()) {
return res.status(400).json({ success: false, error: '방문자명은 필수입니다' });
}
if (!purpose) {
return res.status(400).json({ success: false, error: '방문 목적은 필수입니다' });
}
if (!company_id && (!company_name || !company_name.trim())) {
return res.status(400).json({ success: false, error: '업체를 선택하거나 업체명을 입력해주세요' });
}
const userId = req.user.user_id || req.user.id;
const visit = await dailyVisitModel.create({ ...req.body, registered_by: userId });
res.status(201).json({ success: true, data: visit });
} catch (err) {
console.error('Visit create error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
async function update(req, res) {
try {
const visit = await dailyVisitModel.update(req.params.id, req.body);
if (!visit) return res.status(404).json({ success: false, error: '방문 기록을 찾을 수 없습니다' });
res.json({ success: true, data: visit });
} catch (err) {
console.error('Visit update error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
async function checkout(req, res) {
try {
const visit = await dailyVisitModel.checkout(req.params.id, req.body.checkout_note);
if (!visit) return res.status(404).json({ success: false, error: '방문 기록을 찾을 수 없습니다' });
res.json({ success: true, data: visit });
} catch (err) {
console.error('Checkout error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
async function bulkCheckout(req, res) {
try {
const result = await dailyVisitModel.bulkCheckout();
res.json({ success: true, data: { affected: result.affectedRows } });
} catch (err) {
console.error('Bulk checkout error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
async function deleteVisit(req, res) {
try {
await dailyVisitModel.deleteVisit(req.params.id);
res.json({ success: true, message: '삭제 완료' });
} catch (err) {
console.error('Visit delete error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
async function stats(req, res) {
try {
const data = await dailyVisitModel.getStats(req.query);
res.json({ success: true, data });
} catch (err) {
console.error('Stats error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
async function exportCsv(req, res) {
try {
const rows = await dailyVisitModel.exportCsv(req.query);
const BOM = '\uFEFF';
const header = '방문일,업체,방문자,인원,목적,상세,작업장,안전교육,차량번호,체크인,체크아웃,상태,담당부서,비고';
const lines = rows.map(r => [
r.visit_date ? String(r.visit_date).substring(0, 10) : '',
`"${(r.company || '').replace(/"/g, '""')}"`,
`"${(r.visitor_name || '').replace(/"/g, '""')}"`,
r.visitor_count || 1,
PURPOSE_LABELS[r.purpose] || r.purpose,
`"${(r.purpose_detail || '').replace(/"/g, '""')}"`,
`"${(r.workplace_name || '').replace(/"/g, '""')}"`,
r.safety_education_yn ? 'Y' : 'N',
r.vehicle_number || '',
r.check_in_time || '',
r.check_out_time || '',
r.status,
r.managing_department || '',
`"${(r.notes || '').replace(/"/g, '""')}"`
].join(','));
res.setHeader('Content-Type', 'text/csv; charset=utf-8');
res.setHeader('Content-Disposition', 'attachment; filename=visits.csv');
res.send(BOM + header + '\n' + lines.join('\n'));
} catch (err) {
console.error('Export error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
module.exports = { today, list, create, update, checkout, bulkCheckout, deleteVisit, stats, exportCsv };

147
tkpurchase/api/controllers/partnerController.js Normal file
View File

@@ -0,0 +1,147 @@
const partnerModel = require('../models/partnerModel');
// 업체 목록
async function list(req, res) {
try {
const { search, is_active } = req.query;
const rows = await partnerModel.findAll({
search,
is_active: is_active !== undefined ? is_active === 'true' || is_active === '1' : undefined
});
res.json({ success: true, data: rows });
} catch (err) {
console.error('Partner list error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 업체 상세 (작업자 포함)
async function getById(req, res) {
try {
const company = await partnerModel.findById(req.params.id);
if (!company) return res.status(404).json({ success: false, error: '업체를 찾을 수 없습니다' });
const workers = await partnerModel.findWorkersByCompany(req.params.id);
res.json({ success: true, data: { ...company, workers } });
} catch (err) {
console.error('Partner get error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 업체 등록
async function create(req, res) {
try {
const { company_name } = req.body;
if (!company_name || !company_name.trim()) {
return res.status(400).json({ success: false, error: '업체명은 필수입니다' });
}
const company = await partnerModel.create(req.body);
res.status(201).json({ success: true, data: company });
} catch (err) {
if (err.code === 'ER_DUP_ENTRY') {
return res.status(400).json({ success: false, error: '이미 등록된 사업자번호입니다' });
}
console.error('Partner create error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 업체 수정
async function update(req, res) {
try {
const company = await partnerModel.update(req.params.id, req.body);
if (!company) return res.status(404).json({ success: false, error: '업체를 찾을 수 없습니다' });
res.json({ success: true, data: company });
} catch (err) {
if (err.code === 'ER_DUP_ENTRY') {
return res.status(400).json({ success: false, error: '이미 등록된 사업자번호입니다' });
}
console.error('Partner update error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 업체 비활성화
async function deactivate(req, res) {
try {
await partnerModel.deactivate(req.params.id);
res.json({ success: true, message: '비활성화 완료' });
} catch (err) {
console.error('Partner deactivate error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 업체 자동완성 검색
async function searchCompanies(req, res) {
try {
const q = req.query.q || '';
if (q.length < 1) return res.json({ success: true, data: [] });
const rows = await partnerModel.search(q);
res.json({ success: true, data: rows });
} catch (err) {
console.error('Partner search error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 소속 작업자 목록
async function listWorkers(req, res) {
try {
const rows = await partnerModel.findWorkersByCompany(req.params.id);
res.json({ success: true, data: rows });
} catch (err) {
console.error('Workers list error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 작업자 등록
async function createWorker(req, res) {
try {
const { worker_name, is_team_leader, phone } = req.body;
if (!worker_name || !worker_name.trim()) {
return res.status(400).json({ success: false, error: '작업자명은 필수입니다' });
}
if (is_team_leader && (!phone || !phone.trim())) {
return res.status(400).json({ success: false, error: '팀장급은 연락처 필수입니다' });
}
const worker = await partnerModel.createWorker(req.params.id, req.body);
res.status(201).json({ success: true, data: worker });
} catch (err) {
console.error('Worker create error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 작업자 수정
async function updateWorker(req, res) {
try {
const { is_team_leader, phone } = req.body;
if (is_team_leader && (!phone || !phone.trim())) {
return res.status(400).json({ success: false, error: '팀장급은 연락처 필수입니다' });
}
const worker = await partnerModel.updateWorker(req.params.id, req.body);
if (!worker) return res.status(404).json({ success: false, error: '작업자를 찾을 수 없습니다' });
res.json({ success: true, data: worker });
} catch (err) {
console.error('Worker update error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 작업자 비활성화
async function deactivateWorker(req, res) {
try {
await partnerModel.deactivateWorker(req.params.id);
res.json({ success: true, message: '비활성화 완료' });
} catch (err) {
console.error('Worker deactivate error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
module.exports = {
list, getById, create, update, deactivate, searchCompanies,
listWorkers, createWorker, updateWorker, deactivateWorker
};

67
tkpurchase/api/index.js Normal file
View File

@@ -0,0 +1,67 @@
const express = require('express');
const cors = require('cors');
const cron = require('node-cron');
const partnerRoutes = require('./routes/partnerRoutes');
const dailyVisitRoutes = require('./routes/dailyVisitRoutes');
const dailyVisitModel = require('./models/dailyVisitModel');
const app = express();
const PORT = process.env.PORT || 3000;
const allowedOrigins = [
'https://tkfb.technicalkorea.net',
'https://tkreport.technicalkorea.net',
'https://tkqc.technicalkorea.net',
'https://tkuser.technicalkorea.net',
'https://tkpurchase.technicalkorea.net',
];
if (process.env.NODE_ENV === 'development') {
allowedOrigins.push('http://localhost:30080', 'http://localhost:30480');
}
app.use(cors({
origin: function(origin, cb) {
if (!origin || allowedOrigins.includes(origin) || /^http:\/\/192\.168\.\d+\.\d+(:\d+)?$/.test(origin)) return cb(null, true);
cb(new Error('CORS blocked: ' + origin));
},
credentials: true
}));
app.use(express.json());
// Health check
app.get('/health', (req, res) => {
res.json({ status: 'ok', service: 'tkpurchase-api', timestamp: new Date().toISOString() });
});
// Routes
app.use('/api/partners', partnerRoutes);
app.use('/api/daily-visits', dailyVisitRoutes);
// 404
app.use((req, res) => {
res.status(404).json({ success: false, error: 'Not Found' });
});
// Error handler
app.use((err, req, res, next) => {
console.error('tkpurchase-api Error:', err.message);
res.status(err.status || 500).json({
success: false,
error: err.message || 'Internal Server Error'
});
});
// 자정 자동 체크아웃 (매일 23:59 KST)
cron.schedule('59 23 * * *', async () => {
try {
const result = await dailyVisitModel.autoCheckoutAll();
console.log(`Auto checkout: ${result.affectedRows} visits`);
} catch (e) {
console.error('Auto checkout failed:', e);
}
}, { timezone: 'Asia/Seoul' });
app.listen(PORT, () => {
console.log(`tkpurchase-api running on port ${PORT}`);
});
module.exports = app;

101
tkpurchase/api/middleware/auth.js Normal file
View File

@@ -0,0 +1,101 @@
const jwt = require('jsonwebtoken');
const mysql = require('mysql2/promise');
const JWT_SECRET = process.env.SSO_JWT_SECRET;
let pool;
function getPool() {
if (!pool) {
pool = mysql.createPool({
host: process.env.DB_HOST || 'mariadb',
port: parseInt(process.env.DB_PORT) || 3306,
user: process.env.DB_USER || 'hyungi_user',
password: process.env.DB_PASSWORD,
database: process.env.DB_NAME || 'hyungi',
waitForConnections: true,
connectionLimit: 5,
queueLimit: 0
});
}
return pool;
}
function extractToken(req) {
const authHeader = req.headers['authorization'];
if (authHeader && authHeader.startsWith('Bearer ')) {
return authHeader.split(' ')[1];
}
if (req.cookies && req.cookies.sso_token) {
return req.cookies.sso_token;
}
return null;
}
function requireAuth(req, res, next) {
const token = extractToken(req);
if (!token) {
return res.status(401).json({ success: false, error: '인증이 필요합니다' });
}
try {
const decoded = jwt.verify(token, JWT_SECRET);
req.user = decoded;
next();
} catch {
return res.status(401).json({ success: false, error: '유효하지 않은 토큰입니다' });
}
}
function requireAdmin(req, res, next) {
const token = extractToken(req);
if (!token) {
return res.status(401).json({ success: false, error: '인증이 필요합니다' });
}
try {
const decoded = jwt.verify(token, JWT_SECRET);
if (!['admin', 'system'].includes((decoded.role || '').toLowerCase())) {
return res.status(403).json({ success: false, error: '관리자 권한이 필요합니다' });
}
req.user = decoded;
next();
} catch {
return res.status(401).json({ success: false, error: '유효하지 않은 토큰입니다' });
}
}
function requirePage(pageName) {
return async (req, res, next) => {
const userId = req.user.user_id || req.user.id;
const role = (req.user.role || '').toLowerCase();
if (role === 'admin' || role === 'system') return next();
try {
const db = getPool();
// 1. 개인 권한
const [rows] = await db.query(
'SELECT can_access FROM user_page_permissions WHERE user_id = ? AND page_name = ?',
[userId, pageName]
);
if (rows.length > 0) {
return rows[0].can_access ? next() : res.status(403).json({ success: false, error: '접근 권한이 없습니다' });
}
// 2. 부서 권한
const [userRows] = await db.query('SELECT department_id FROM sso_users WHERE user_id = ?', [userId]);
if (userRows.length > 0 && userRows[0].department_id) {
const [deptRows] = await db.query(
'SELECT can_access FROM department_page_permissions WHERE department_id = ? AND page_name = ?',
[userRows[0].department_id, pageName]
);
if (deptRows.length > 0) {
return deptRows[0].can_access ? next() : res.status(403).json({ success: false, error: '접근 권한이 없습니다' });
}
}
// 3. 기본 거부
return res.status(403).json({ success: false, error: '접근 권한이 없습니다' });
} catch (err) {
console.error('Permission check error:', err);
return res.status(500).json({ success: false, error: '권한 확인 실패' });
}
};
}
module.exports = { extractToken, requireAuth, requireAdmin, requirePage };

181
tkpurchase/api/models/dailyVisitModel.js Normal file
View File

@@ -0,0 +1,181 @@
const { getPool } = require('./partnerModel');
async function findToday() {
const db = getPool();
const [rows] = await db.query(
`SELECT dv.*, pc.company_name AS partner_company_name
FROM daily_visits dv
LEFT JOIN partner_companies pc ON dv.company_id = pc.id
WHERE dv.visit_date = CURDATE()
ORDER BY dv.check_in_time DESC`
);
return rows;
}
async function getTodayStats() {
const db = getPool();
const [rows] = await db.query(
`SELECT
COUNT(*) AS total,
SUM(CASE WHEN status = 'checked_in' THEN 1 ELSE 0 END) AS checked_in,
SUM(CASE WHEN status IN ('checked_out','auto_checkout') THEN 1 ELSE 0 END) AS checked_out,
SUM(CASE WHEN status = 'cancelled' THEN 1 ELSE 0 END) AS cancelled,
SUM(visitor_count) AS total_visitors
FROM daily_visits WHERE visit_date = CURDATE()`
);
return rows[0];
}
async function findAll({ visit_date, date_from, date_to, company_id, purpose, status, page = 1, limit = 50 } = {}) {
const db = getPool();
let sql = `SELECT dv.*, pc.company_name AS partner_company_name
FROM daily_visits dv
LEFT JOIN partner_companies pc ON dv.company_id = pc.id WHERE 1=1`;
const params = [];
if (visit_date) { sql += ' AND dv.visit_date = ?'; params.push(visit_date); }
if (date_from) { sql += ' AND dv.visit_date >= ?'; params.push(date_from); }
if (date_to) { sql += ' AND dv.visit_date <= ?'; params.push(date_to); }
if (company_id) { sql += ' AND dv.company_id = ?'; params.push(company_id); }
if (purpose) { sql += ' AND dv.purpose = ?'; params.push(purpose); }
if (status) { sql += ' AND dv.status = ?'; params.push(status); }
sql += ' ORDER BY dv.visit_date DESC, dv.check_in_time DESC';
const offset = (page - 1) * limit;
sql += ' LIMIT ? OFFSET ?';
params.push(limit, offset);
const [rows] = await db.query(sql, params);
return rows;
}
async function findById(id) {
const db = getPool();
const [rows] = await db.query(
`SELECT dv.*, pc.company_name AS partner_company_name
FROM daily_visits dv
LEFT JOIN partner_companies pc ON dv.company_id = pc.id
WHERE dv.id = ?`,
[id]
);
return rows[0] || null;
}
async function create(data) {
const db = getPool();
const [result] = await db.query(
`INSERT INTO daily_visits (visit_date, company_id, company_name, visitor_name, visitor_count,
purpose, purpose_detail, workplace_name, safety_education_yn, vehicle_number,
check_in_time, notes, managing_department, registered_by)
VALUES (CURDATE(), ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW(), ?, ?, ?)`,
[data.company_id || null, data.company_name || null, data.visitor_name, data.visitor_count || 1,
data.purpose, data.purpose_detail || null, data.workplace_name || null,
data.safety_education_yn || false, data.vehicle_number || null,
data.notes || null, data.managing_department || null, data.registered_by]
);
// 개별 인원 명단 (선택)
if (data.workers && data.workers.length > 0) {
for (const w of data.workers) {
await db.query(
'INSERT INTO daily_visit_workers (daily_visit_id, partner_worker_id, worker_name) VALUES (?, ?, ?)',
[result.insertId, w.partner_worker_id || null, w.worker_name]
);
}
}
return findById(result.insertId);
}
async function update(id, data) {
const db = getPool();
const fields = [];
const values = [];
if (data.company_id !== undefined) { fields.push('company_id = ?'); values.push(data.company_id || null); }
if (data.company_name !== undefined) { fields.push('company_name = ?'); values.push(data.company_name || null); }
if (data.visitor_name !== undefined) { fields.push('visitor_name = ?'); values.push(data.visitor_name); }
if (data.visitor_count !== undefined) { fields.push('visitor_count = ?'); values.push(data.visitor_count); }
if (data.purpose !== undefined) { fields.push('purpose = ?'); values.push(data.purpose); }
if (data.purpose_detail !== undefined) { fields.push('purpose_detail = ?'); values.push(data.purpose_detail || null); }
if (data.workplace_name !== undefined) { fields.push('workplace_name = ?'); values.push(data.workplace_name || null); }
if (data.safety_education_yn !== undefined) { fields.push('safety_education_yn = ?'); values.push(data.safety_education_yn); }
if (data.vehicle_number !== undefined) { fields.push('vehicle_number = ?'); values.push(data.vehicle_number || null); }
if (data.notes !== undefined) { fields.push('notes = ?'); values.push(data.notes || null); }
if (data.managing_department !== undefined) { fields.push('managing_department = ?'); values.push(data.managing_department || null); }
if (data.status !== undefined) { fields.push('status = ?'); values.push(data.status); }
if (fields.length === 0) return findById(id);
values.push(id);
await db.query(`UPDATE daily_visits SET ${fields.join(', ')} WHERE id = ?`, values);
return findById(id);
}
async function checkout(id, note) {
const db = getPool();
await db.query(
`UPDATE daily_visits SET status = 'checked_out', check_out_time = NOW(), checkout_note = ? WHERE id = ? AND status = 'checked_in'`,
[note || null, id]
);
return findById(id);
}
async function bulkCheckout() {
const db = getPool();
const [result] = await db.query(
`UPDATE daily_visits SET status = 'checked_out', check_out_time = NOW() WHERE visit_date = CURDATE() AND status = 'checked_in'`
);
return result;
}
async function autoCheckoutAll() {
const db = getPool();
const [result] = await db.query(
`UPDATE daily_visits SET status = 'auto_checkout', check_out_time = NOW() WHERE visit_date = CURDATE() AND status = 'checked_in'`
);
return result;
}
async function deleteVisit(id) {
const db = getPool();
await db.query('DELETE FROM daily_visit_workers WHERE daily_visit_id = ?', [id]);
await db.query('DELETE FROM daily_visits WHERE id = ?', [id]);
}
async function getStats({ date_from, date_to } = {}) {
const db = getPool();
const params = [];
let dateFilter = '';
if (date_from) { dateFilter += ' AND visit_date >= ?'; params.push(date_from); }
if (date_to) { dateFilter += ' AND visit_date <= ?'; params.push(date_to); }
const [byPurpose] = await db.query(
`SELECT purpose, COUNT(*) AS cnt, SUM(visitor_count) AS total_visitors FROM daily_visits WHERE 1=1 ${dateFilter} GROUP BY purpose ORDER BY cnt DESC`,
params
);
const [byCompany] = await db.query(
`SELECT COALESCE(pc.company_name, dv.company_name, '미등록') AS company, COUNT(*) AS cnt, SUM(dv.visitor_count) AS total_visitors
FROM daily_visits dv LEFT JOIN partner_companies pc ON dv.company_id = pc.id WHERE 1=1 ${dateFilter} GROUP BY company ORDER BY cnt DESC LIMIT 20`,
params
);
const [byDate] = await db.query(
`SELECT visit_date, COUNT(*) AS cnt, SUM(visitor_count) AS total_visitors FROM daily_visits WHERE 1=1 ${dateFilter} GROUP BY visit_date ORDER BY visit_date DESC LIMIT 30`,
params
);
return { byPurpose, byCompany, byDate };
}
async function exportCsv({ date_from, date_to, company_id, purpose } = {}) {
const db = getPool();
let sql = `SELECT dv.visit_date, COALESCE(pc.company_name, dv.company_name, '') AS company,
dv.visitor_name, dv.visitor_count, dv.purpose, dv.purpose_detail, dv.workplace_name,
dv.safety_education_yn, dv.vehicle_number, dv.check_in_time, dv.check_out_time,
dv.status, dv.managing_department, dv.notes
FROM daily_visits dv LEFT JOIN partner_companies pc ON dv.company_id = pc.id WHERE 1=1`;
const params = [];
if (date_from) { sql += ' AND dv.visit_date >= ?'; params.push(date_from); }
if (date_to) { sql += ' AND dv.visit_date <= ?'; params.push(date_to); }
if (company_id) { sql += ' AND dv.company_id = ?'; params.push(company_id); }
if (purpose) { sql += ' AND dv.purpose = ?'; params.push(purpose); }
sql += ' ORDER BY dv.visit_date DESC, dv.check_in_time DESC';
const [rows] = await db.query(sql, params);
return rows;
}
module.exports = {
findToday, getTodayStats, findAll, findById, create, update,
checkout, bulkCheckout, autoCheckoutAll, deleteVisit, getStats, exportCsv
};

141
tkpurchase/api/models/partnerModel.js Normal file
View File

@@ -0,0 +1,141 @@
const mysql = require('mysql2/promise');
let pool;
function getPool() {
if (!pool) {
pool = mysql.createPool({
host: process.env.DB_HOST || 'mariadb',
port: parseInt(process.env.DB_PORT) || 3306,
user: process.env.DB_USER || 'hyungi_user',
password: process.env.DB_PASSWORD,
database: process.env.DB_NAME || 'hyungi',
waitForConnections: true,
connectionLimit: 10,
queueLimit: 0
});
}
return pool;
}
// ===== 협력업체 =====
async function findAll({ search, is_active } = {}) {
const db = getPool();
let sql = 'SELECT * FROM partner_companies WHERE 1=1';
const params = [];
if (is_active !== undefined) { sql += ' AND is_active = ?'; params.push(is_active); }
if (search) { sql += ' AND (company_name LIKE ? OR business_number LIKE ?)'; params.push(`%${search}%`, `%${search}%`); }
sql += ' ORDER BY company_name';
const [rows] = await db.query(sql, params);
return rows;
}
async function findById(id) {
const db = getPool();
const [rows] = await db.query('SELECT * FROM partner_companies WHERE id = ?', [id]);
return rows[0] || null;
}
async function search(q) {
const db = getPool();
const [rows] = await db.query(
'SELECT id, company_name, business_number FROM partner_companies WHERE is_active = TRUE AND company_name LIKE ? ORDER BY company_name LIMIT 20',
[`%${q}%`]
);
return rows;
}
async function create(data) {
const db = getPool();
const [result] = await db.query(
`INSERT INTO partner_companies (company_name, business_number, representative, contact_name, contact_phone, address, business_type, insurance_number, insurance_expiry, notes)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
[data.company_name, data.business_number || null, data.representative || null,
data.contact_name || null, data.contact_phone || null, data.address || null,
data.business_type ? JSON.stringify(data.business_type) : null,
data.insurance_number || null, data.insurance_expiry || null, data.notes || null]
);
return findById(result.insertId);
}
async function update(id, data) {
const db = getPool();
const fields = [];
const values = [];
if (data.company_name !== undefined) { fields.push('company_name = ?'); values.push(data.company_name); }
if (data.business_number !== undefined) { fields.push('business_number = ?'); values.push(data.business_number || null); }
if (data.representative !== undefined) { fields.push('representative = ?'); values.push(data.representative || null); }
if (data.contact_name !== undefined) { fields.push('contact_name = ?'); values.push(data.contact_name || null); }
if (data.contact_phone !== undefined) { fields.push('contact_phone = ?'); values.push(data.contact_phone || null); }
if (data.address !== undefined) { fields.push('address = ?'); values.push(data.address || null); }
if (data.business_type !== undefined) { fields.push('business_type = ?'); values.push(data.business_type ? JSON.stringify(data.business_type) : null); }
if (data.insurance_number !== undefined) { fields.push('insurance_number = ?'); values.push(data.insurance_number || null); }
if (data.insurance_expiry !== undefined) { fields.push('insurance_expiry = ?'); values.push(data.insurance_expiry || null); }
if (data.notes !== undefined) { fields.push('notes = ?'); values.push(data.notes || null); }
if (data.is_active !== undefined) { fields.push('is_active = ?'); values.push(data.is_active); }
if (fields.length === 0) return findById(id);
values.push(id);
await db.query(`UPDATE partner_companies SET ${fields.join(', ')} WHERE id = ?`, values);
return findById(id);
}
async function deactivate(id) {
const db = getPool();
await db.query('UPDATE partner_companies SET is_active = FALSE WHERE id = ?', [id]);
}
// ===== 작업자 =====
async function findWorkersByCompany(companyId) {
const db = getPool();
const [rows] = await db.query(
'SELECT * FROM partner_workers WHERE company_id = ? ORDER BY is_team_leader DESC, worker_name',
[companyId]
);
return rows;
}
async function findWorkerById(id) {
const db = getPool();
const [rows] = await db.query('SELECT * FROM partner_workers WHERE id = ?', [id]);
return rows[0] || null;
}
async function createWorker(companyId, data) {
const db = getPool();
const [result] = await db.query(
`INSERT INTO partner_workers (company_id, worker_name, position, is_team_leader, phone, safety_training_date, notes)
VALUES (?, ?, ?, ?, ?, ?, ?)`,
[companyId, data.worker_name, data.position || null,
data.is_team_leader || false, data.phone || null,
data.safety_training_date || null, data.notes || null]
);
return findWorkerById(result.insertId);
}
async function updateWorker(id, data) {
const db = getPool();
const fields = [];
const values = [];
if (data.worker_name !== undefined) { fields.push('worker_name = ?'); values.push(data.worker_name); }
if (data.position !== undefined) { fields.push('position = ?'); values.push(data.position || null); }
if (data.is_team_leader !== undefined) { fields.push('is_team_leader = ?'); values.push(data.is_team_leader); }
if (data.phone !== undefined) { fields.push('phone = ?'); values.push(data.phone || null); }
if (data.safety_training_date !== undefined) { fields.push('safety_training_date = ?'); values.push(data.safety_training_date || null); }
if (data.notes !== undefined) { fields.push('notes = ?'); values.push(data.notes || null); }
if (data.is_active !== undefined) { fields.push('is_active = ?'); values.push(data.is_active); }
if (fields.length === 0) return findWorkerById(id);
values.push(id);
await db.query(`UPDATE partner_workers SET ${fields.join(', ')} WHERE id = ?`, values);
return findWorkerById(id);
}
async function deactivateWorker(id) {
const db = getPool();
await db.query('UPDATE partner_workers SET is_active = FALSE WHERE id = ?', [id]);
}
module.exports = {
getPool, findAll, findById, search, create, update, deactivate,
findWorkersByCompany, findWorkerById, createWorker, updateWorker, deactivateWorker
};

17
tkpurchase/api/package.json Normal file
View File

@@ -0,0 +1,17 @@
{
"name": "tkpurchase-api",
"version": "1.0.0",
"description": "TK Factory Services - 구매/방문 관리 서비스",
"main": "index.js",
"scripts": {
"start": "node index.js",
"dev": "node --watch index.js"
},
"dependencies": {
"cors": "^2.8.5",
"express": "^4.18.2",
"jsonwebtoken": "^9.0.0",
"mysql2": "^3.14.1",
"node-cron": "^3.0.3"
}
}

18
tkpurchase/api/routes/dailyVisitRoutes.js Normal file
View File

@@ -0,0 +1,18 @@
const express = require('express');
const router = express.Router();
const { requireAuth, requirePage } = require('../middleware/auth');
const ctrl = require('../controllers/dailyVisitController');
router.use(requireAuth);
router.get('/today', ctrl.today);
router.get('/export', ctrl.exportCsv);
router.get('/stats', ctrl.stats);
router.get('/', ctrl.list);
router.post('/', requirePage('purchasing_visit'), ctrl.create);
router.post('/bulk-checkout', requirePage('purchasing_visit'), ctrl.bulkCheckout);
router.put('/:id', requirePage('purchasing_visit'), ctrl.update);
router.put('/:id/checkout', requirePage('purchasing_visit'), ctrl.checkout);
router.delete('/:id', requirePage('purchasing_visit'), ctrl.deleteVisit);
module.exports = router;

20
tkpurchase/api/routes/partnerRoutes.js Normal file
View File

@@ -0,0 +1,20 @@
const express = require('express');
const router = express.Router();
const { requireAuth, requirePage } = require('../middleware/auth');
const ctrl = require('../controllers/partnerController');
router.use(requireAuth);
router.get('/search', ctrl.searchCompanies);
router.get('/', ctrl.list);
router.get('/:id', ctrl.getById);
router.post('/', requirePage('purchasing_partner'), ctrl.create);
router.put('/:id', requirePage('purchasing_partner'), ctrl.update);
router.delete('/:id', requirePage('purchasing_partner'), ctrl.deactivate);
router.get('/:id/workers', ctrl.listWorkers);
router.post('/:id/workers', requirePage('purchasing_partner'), ctrl.createWorker);
router.put('/workers/:id', requirePage('purchasing_partner'), ctrl.updateWorker);
router.delete('/workers/:id', requirePage('purchasing_partner'), ctrl.deactivateWorker);
module.exports = router;