hyungi/tk-factory-services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 구매/안전 시스템 전면 개편 — tkpurchase 개편 + tksafety 신규 + 권한 보강

Browse Source 
Phase 1: tkuser 협력업체 CRUD 이관 (읽기전용 → 전체 CRUD)
Phase 2: tkpurchase 개편 — 일용공 신청/확정, 작업일정, 업무현황, 계정관리, 협력업체 포털
Phase 3: tksafety 신규 시스템 — 방문관리 + 안전교육 신고
Phase 4: SSO 인증 보강 (partner_company_id JWT, 만료일 체크), 권한 테이블 기반 접근 제어

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Hyungi Ahn
2026-03-12 17:42:59 +09:00
parent a195dd1d50
commit b800792152
63 changed files with 5548 additions and 262 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
tkpurchase/api/controllers/checkinController.js Normal file
View File

@@ -0,0 +1,80 @@
const checkinModel = require('../models/checkinModel');
// 일정별 체크인 목록
async function list(req, res) {
try {
const rows = await checkinModel.findBySchedule(req.params.scheduleId);
res.json({ success: true, data: rows });
} catch (err) {
console.error('Checkin list error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 내 체크인 (협력업체 포탈 - 오늘)
async function myCheckins(req, res) {
try {
const companyId = req.user.partner_company_id;
if (!companyId) {
return res.status(403).json({ success: false, error: '협력업체 계정이 아닙니다' });
}
const rows = await checkinModel.findTodayByCompany(companyId);
res.json({ success: true, data: rows });
} catch (err) {
console.error('Checkin myCheckins error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 체크인
async function checkIn(req, res) {
try {
const { schedule_id, company_id, worker_names, actual_worker_count } = req.body;
if (!schedule_id) {
return res.status(400).json({ success: false, error: '일정을 선택해주세요' });
}
const resolvedCompanyId = company_id || req.user.partner_company_id;
if (!resolvedCompanyId) {
return res.status(400).json({ success: false, error: '업체 정보가 필요합니다' });
}
const data = {
schedule_id,
company_id: resolvedCompanyId,
checked_by: req.user.user_id || req.user.id,
worker_names,
actual_worker_count,
notes: req.body.notes
};
const row = await checkinModel.checkIn(data);
res.status(201).json({ success: true, data: row });
} catch (err) {
console.error('Checkin checkIn error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 체크아웃
async function checkOut(req, res) {
try {
const row = await checkinModel.checkOut(req.params.id);
if (!row) return res.status(404).json({ success: false, error: '체크인 기록을 찾을 수 없습니다' });
res.json({ success: true, data: row });
} catch (err) {
console.error('Checkin checkOut error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 체크인 정보 수정
async function update(req, res) {
try {
const row = await checkinModel.update(req.params.id, req.body);
if (!row) return res.status(404).json({ success: false, error: '체크인 기록을 찾을 수 없습니다' });
res.json({ success: true, data: row });
} catch (err) {
console.error('Checkin update error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
module.exports = { list, myCheckins, checkIn, checkOut, update };

126
tkpurchase/api/controllers/dayLaborController.js Normal file
View File

@@ -0,0 +1,126 @@
const dayLaborModel = require('../models/dayLaborModel');
const { getPool } = require('../models/partnerModel');
// 일용직 요청 목록
async function list(req, res) {
try {
const { status, date_from, date_to, department_id, page, limit } = req.query;
const rows = await dayLaborModel.findAll({
status,
date_from,
date_to,
department_id: department_id ? parseInt(department_id) : undefined,
page: page ? parseInt(page) : 1,
limit: limit ? parseInt(limit) : 50
});
res.json({ success: true, data: rows });
} catch (err) {
console.error('DayLabor list error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 일용직 요청 상세
async function getById(req, res) {
try {
const row = await dayLaborModel.findById(req.params.id);
if (!row) return res.status(404).json({ success: false, error: '요청을 찾을 수 없습니다' });
res.json({ success: true, data: row });
} catch (err) {
console.error('DayLabor get error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 일용직 요청 등록
async function create(req, res) {
try {
const { work_date, worker_count } = req.body;
if (!work_date) {
return res.status(400).json({ success: false, error: '작업일은 필수입니다' });
}
if (!worker_count || worker_count < 1) {
return res.status(400).json({ success: false, error: '작업인원은 1명 이상이어야 합니다' });
}
const data = {
...req.body,
requester_id: req.user.user_id || req.user.id
};
const row = await dayLaborModel.create(data);
res.status(201).json({ success: true, data: row });
} catch (err) {
console.error('DayLabor create error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 일용직 요청 승인
async function approve(req, res) {
try {
const id = req.params.id;
const approvedBy = req.user.user_id || req.user.id;
const row = await dayLaborModel.approve(id, approvedBy);
if (!row) return res.status(404).json({ success: false, error: '요청을 찾을 수 없습니다' });
// 승인 시 안전교육 보고서 자동 생성
if (row.status === 'approved') {
try {
const db = getPool();
await db.query(
`INSERT INTO safety_education_reports (target_type, target_id, education_date, status, registered_by)
VALUES ('day_labor', ?, ?, 'planned', ?)`,
[id, row.work_date, approvedBy]
);
} catch (safetyErr) {
console.error('Safety report auto-create error:', safetyErr);
// 안전교육 보고서 생성 실패해도 승인은 유지
}
}
res.json({ success: true, data: row });
} catch (err) {
console.error('DayLabor approve error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 일용직 요청 거절
async function reject(req, res) {
try {
const id = req.params.id;
const approvedBy = req.user.user_id || req.user.id;
const { notes } = req.body;
const row = await dayLaborModel.reject(id, approvedBy, notes);
if (!row) return res.status(404).json({ success: false, error: '요청을 찾을 수 없습니다' });
res.json({ success: true, data: row });
} catch (err) {
console.error('DayLabor reject error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 일용직 요청 완료
async function complete(req, res) {
try {
const row = await dayLaborModel.complete(req.params.id);
if (!row) return res.status(404).json({ success: false, error: '요청을 찾을 수 없습니다' });
res.json({ success: true, data: row });
} catch (err) {
console.error('DayLabor complete error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 통계
async function stats(req, res) {
try {
const { date_from, date_to } = req.query;
const rows = await dayLaborModel.getStats({ date_from, date_to });
res.json({ success: true, data: rows });
} catch (err) {
console.error('DayLabor stats error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
module.exports = { list, getById, create, approve, reject, complete, stats };

80
tkpurchase/api/controllers/partnerAccountController.js Normal file
View File

@@ -0,0 +1,80 @@
const partnerAccountModel = require('../models/partnerAccountModel');
const { getPool } = require('../models/partnerModel');
// 업체별 계정 목록
async function listByCompany(req, res) {
try {
const rows = await partnerAccountModel.findByCompany(req.params.companyId);
res.json({ success: true, data: rows });
} catch (err) {
console.error('PartnerAccount listByCompany error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 계정 생성
async function create(req, res) {
try {
const { username, password, name, partner_company_id, account_expires_at } = req.body;
if (!username || !username.trim()) {
return res.status(400).json({ success: false, error: '아이디는 필수입니다' });
}
if (!password || password.length < 4) {
return res.status(400).json({ success: false, error: '비밀번호는 4자 이상이어야 합니다' });
}
if (!name || !name.trim()) {
return res.status(400).json({ success: false, error: '이름은 필수입니다' });
}
if (!partner_company_id) {
return res.status(400).json({ success: false, error: '업체를 선택해주세요' });
}
// 아이디 중복 확인
const db = getPool();
const [existing] = await db.query('SELECT user_id FROM sso_users WHERE username = ?', [username]);
if (existing.length > 0) {
return res.status(400).json({ success: false, error: '이미 사용 중인 아이디입니다' });
}
const account = await partnerAccountModel.create({
username, password, name, partner_company_id, account_expires_at
});
// 기본 권한 부여
await partnerAccountModel.grantDefaultPermissions(account.user_id);
res.status(201).json({ success: true, data: account });
} catch (err) {
if (err.code === 'ER_DUP_ENTRY') {
return res.status(400).json({ success: false, error: '이미 사용 중인 아이디입니다' });
}
console.error('PartnerAccount create error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 계정 수정
async function update(req, res) {
try {
const account = await partnerAccountModel.update(req.params.id, req.body);
if (!account) return res.status(404).json({ success: false, error: '계정을 찾을 수 없습니다' });
res.json({ success: true, data: account });
} catch (err) {
console.error('PartnerAccount update error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 계정 비활성화
async function deactivate(req, res) {
try {
const account = await partnerAccountModel.update(req.params.id, { is_active: false });
if (!account) return res.status(404).json({ success: false, error: '계정을 찾을 수 없습니다' });
res.json({ success: true, message: '비활성화 완료' });
} catch (err) {
console.error('PartnerAccount deactivate error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
module.exports = { listByCompany, create, update, deactivate };

110
tkpurchase/api/controllers/scheduleController.js Normal file
View File

@@ -0,0 +1,110 @@
const scheduleModel = require('../models/scheduleModel');
// 일정 목록
async function list(req, res) {
try {
const { company_id, date_from, date_to, status, page, limit } = req.query;
const rows = await scheduleModel.findAll({
company_id: company_id ? parseInt(company_id) : undefined,
date_from,
date_to,
status,
page: page ? parseInt(page) : 1,
limit: limit ? parseInt(limit) : 50
});
res.json({ success: true, data: rows });
} catch (err) {
console.error('Schedule list error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 일정 상세
async function getById(req, res) {
try {
const row = await scheduleModel.findById(req.params.id);
if (!row) return res.status(404).json({ success: false, error: '일정을 찾을 수 없습니다' });
res.json({ success: true, data: row });
} catch (err) {
console.error('Schedule get error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 내 일정 (협력업체 포탈)
async function mySchedules(req, res) {
try {
const companyId = req.user.partner_company_id;
if (!companyId) {
return res.status(403).json({ success: false, error: '협력업체 계정이 아닙니다' });
}
const rows = await scheduleModel.findByCompanyToday(companyId);
res.json({ success: true, data: rows });
} catch (err) {
console.error('Schedule mySchedules error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 일정 등록
async function create(req, res) {
try {
const { company_id, work_date } = req.body;
if (!company_id) {
return res.status(400).json({ success: false, error: '업체를 선택해주세요' });
}
if (!work_date) {
return res.status(400).json({ success: false, error: '작업일은 필수입니다' });
}
const data = {
...req.body,
registered_by: req.user.user_id || req.user.id
};
const row = await scheduleModel.create(data);
res.status(201).json({ success: true, data: row });
} catch (err) {
console.error('Schedule create error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 일정 수정
async function update(req, res) {
try {
const row = await scheduleModel.update(req.params.id, req.body);
if (!row) return res.status(404).json({ success: false, error: '일정을 찾을 수 없습니다' });
res.json({ success: true, data: row });
} catch (err) {
console.error('Schedule update error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 일정 상태 변경
async function updateStatus(req, res) {
try {
const { status } = req.body;
if (!status) {
return res.status(400).json({ success: false, error: '상태값은 필수입니다' });
}
const row = await scheduleModel.updateStatus(req.params.id, status);
if (!row) return res.status(404).json({ success: false, error: '일정을 찾을 수 없습니다' });
res.json({ success: true, data: row });
} catch (err) {
console.error('Schedule updateStatus error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 일정 삭제
async function deleteSchedule(req, res) {
try {
await scheduleModel.deleteSchedule(req.params.id);
res.json({ success: true, message: '삭제 완료' });
} catch (err) {
console.error('Schedule delete error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
module.exports = { list, getById, mySchedules, create, update, updateStatus, deleteSchedule };

118
tkpurchase/api/controllers/workReportController.js Normal file
View File

@@ -0,0 +1,118 @@
const workReportModel = require('../models/workReportModel');
const checkinModel = require('../models/checkinModel');
// 작업보고 목록
async function list(req, res) {
try {
const { company_id, date_from, date_to, schedule_id, confirmed, page, limit } = req.query;
const rows = await workReportModel.findAll({
company_id: company_id ? parseInt(company_id) : undefined,
date_from,
date_to,
schedule_id: schedule_id ? parseInt(schedule_id) : undefined,
confirmed,
page: page ? parseInt(page) : 1,
limit: limit ? parseInt(limit) : 50
});
res.json({ success: true, data: rows });
} catch (err) {
console.error('WorkReport list error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 작업보고 상세
async function getById(req, res) {
try {
const row = await workReportModel.findById(req.params.id);
if (!row) return res.status(404).json({ success: false, error: '작업보고를 찾을 수 없습니다' });
res.json({ success: true, data: row });
} catch (err) {
console.error('WorkReport get error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 내 작업보고 (협력업체 포탈)
async function myReports(req, res) {
try {
const companyId = req.user.partner_company_id;
if (!companyId) {
return res.status(403).json({ success: false, error: '협력업체 계정이 아닙니다' });
}
const { date_from, date_to, page, limit } = req.query;
const rows = await workReportModel.findAll({
company_id: companyId,
date_from,
date_to,
page: page ? parseInt(page) : 1,
limit: limit ? parseInt(limit) : 50
});
res.json({ success: true, data: rows });
} catch (err) {
console.error('WorkReport myReports error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 작업보고 등록
async function create(req, res) {
try {
const { checkin_id, company_id, report_date } = req.body;
if (!report_date) {
return res.status(400).json({ success: false, error: '보고일은 필수입니다' });
}
// checkin_id가 있으면 유효성 검증
if (checkin_id) {
const checkin = await checkinModel.findById(checkin_id);
if (!checkin) {
return res.status(400).json({ success: false, error: '유효하지 않은 체크인 ID입니다' });
}
}
const resolvedCompanyId = company_id || req.user.partner_company_id;
if (!resolvedCompanyId) {
return res.status(400).json({ success: false, error: '업체 정보가 필요합니다' });
}
const data = {
...req.body,
company_id: resolvedCompanyId,
reporter_id: req.user.user_id || req.user.id
};
const row = await workReportModel.create(data);
res.status(201).json({ success: true, data: row });
} catch (err) {
console.error('WorkReport create error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 작업보고 수정
async function update(req, res) {
try {
const row = await workReportModel.update(req.params.id, req.body);
if (!row) return res.status(404).json({ success: false, error: '작업보고를 찾을 수 없습니다' });
res.json({ success: true, data: row });
} catch (err) {
console.error('WorkReport update error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
// 작업보고 확인
async function confirm(req, res) {
try {
const confirmedBy = req.user.user_id || req.user.id;
const row = await workReportModel.confirm(req.params.id, confirmedBy);
if (!row) return res.status(404).json({ success: false, error: '작업보고를 찾을 수 없습니다' });
res.json({ success: true, data: row });
} catch (err) {
console.error('WorkReport confirm error:', err);
res.status(500).json({ success: false, error: err.message });
}
}
module.exports = { list, getById, myReports, create, update, confirm };