feat: 구매/안전 시스템 전면 개편 — tkpurchase 개편 + tksafety 신규 + 권한 보강

Phase 1: tkuser 협력업체 CRUD 이관 (읽기전용 → 전체 CRUD) Phase 2: tkpurchase 개편 — 일용공 신청/확정, 작업일정, 업무현황, 계정관리, 협력업체 포털 Phase 3: tksafety 신규 시스템 — 방문관리 + 안전교육 신고 Phase 4: SSO 인증 보강 (partner_company_id JWT, 만료일 체크), 권한 테이블 기반 접근 제어 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-12 17:42:59 +09:00
parent a195dd1d50
commit b800792152
63 changed files with 5548 additions and 262 deletions
--- a/tkpurchase/api/models/workReportModel.js
+++ b/tkpurchase/api/models/workReportModel.js
@@ -0,0 +1,87 @@
+const { getPool } = require('./partnerModel');
+
+async function findAll({ company_id, date_from, date_to, schedule_id, confirmed, page = 1, limit = 50 } = {}) {
+  const db = getPool();
+  let sql = `SELECT wr.*, pc.company_name, ps.work_description AS schedule_description,
+                    su_reporter.name AS reporter_name, su_confirmer.name AS confirmed_by_name
+             FROM partner_work_reports wr
+             LEFT JOIN partner_companies pc ON wr.company_id = pc.id
+             LEFT JOIN partner_schedules ps ON wr.schedule_id = ps.id
+             LEFT JOIN sso_users su_reporter ON wr.reporter_id = su_reporter.user_id
+             LEFT JOIN sso_users su_confirmer ON wr.confirmed_by = su_confirmer.user_id
+             WHERE 1=1`;
+  const params = [];
+  if (company_id) { sql += ' AND wr.company_id = ?'; params.push(company_id); }
+  if (date_from) { sql += ' AND wr.report_date >= ?'; params.push(date_from); }
+  if (date_to) { sql += ' AND wr.report_date <= ?'; params.push(date_to); }
+  if (schedule_id) { sql += ' AND wr.schedule_id = ?'; params.push(schedule_id); }
+  if (confirmed === 'true' || confirmed === '1') { sql += ' AND wr.confirmed_by IS NOT NULL'; }
+  if (confirmed === 'false' || confirmed === '0') { sql += ' AND wr.confirmed_by IS NULL'; }
+  sql += ' ORDER BY wr.report_date DESC, wr.created_at DESC';
+  const offset = (page - 1) * limit;
+  sql += ' LIMIT ? OFFSET ?';
+  params.push(limit, offset);
+  const [rows] = await db.query(sql, params);
+  return rows;
+}
+
+async function findById(id) {
+  const db = getPool();
+  const [rows] = await db.query(
+    `SELECT wr.*, pc.company_name, ps.work_description AS schedule_description,
+            su_reporter.name AS reporter_name, su_confirmer.name AS confirmed_by_name
+     FROM partner_work_reports wr
+     LEFT JOIN partner_companies pc ON wr.company_id = pc.id
+     LEFT JOIN partner_schedules ps ON wr.schedule_id = ps.id
+     LEFT JOIN sso_users su_reporter ON wr.reporter_id = su_reporter.user_id
+     LEFT JOIN sso_users su_confirmer ON wr.confirmed_by = su_confirmer.user_id
+     WHERE wr.id = ?`, [id]);
+  return rows[0] || null;
+}
+
+async function findByCheckin(checkinId) {
+  const db = getPool();
+  const [rows] = await db.query(
+    `SELECT wr.*, pc.company_name
+     FROM partner_work_reports wr
+     LEFT JOIN partner_companies pc ON wr.company_id = pc.id
+     WHERE wr.checkin_id = ?`, [checkinId]);
+  return rows[0] || null;
+}
+
+async function create(data) {
+  const db = getPool();
+  const [result] = await db.query(
+    `INSERT INTO partner_work_reports (schedule_id, checkin_id, company_id, report_date, reporter_id, actual_workers, work_content, progress_rate, issues, next_plan)
+     VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+    [data.schedule_id || null, data.checkin_id || null, data.company_id,
+     data.report_date, data.reporter_id, data.actual_workers || null,
+     data.work_content || null, data.progress_rate || null,
+     data.issues || null, data.next_plan || null]);
+  return findById(result.insertId);
+}
+
+async function update(id, data) {
+  const db = getPool();
+  const fields = [];
+  const values = [];
+  if (data.actual_workers !== undefined) { fields.push('actual_workers = ?'); values.push(data.actual_workers || null); }
+  if (data.work_content !== undefined) { fields.push('work_content = ?'); values.push(data.work_content || null); }
+  if (data.progress_rate !== undefined) { fields.push('progress_rate = ?'); values.push(data.progress_rate || null); }
+  if (data.issues !== undefined) { fields.push('issues = ?'); values.push(data.issues || null); }
+  if (data.next_plan !== undefined) { fields.push('next_plan = ?'); values.push(data.next_plan || null); }
+  if (fields.length === 0) return findById(id);
+  values.push(id);
+  await db.query(`UPDATE partner_work_reports SET ${fields.join(', ')} WHERE id = ?`, values);
+  return findById(id);
+}
+
+async function confirm(id, confirmedBy) {
+  const db = getPool();
+  await db.query(
+    'UPDATE partner_work_reports SET confirmed_by = ?, confirmed_at = NOW() WHERE id = ? AND confirmed_by IS NULL',
+    [confirmedBy, id]);
+  return findById(id);
+}
+
+module.exports = { findAll, findById, findByCheckin, create, update, confirm };