feat: 구매/안전 시스템 전면 개편 — tkpurchase 개편 + tksafety 신규 + 권한 보강

Phase 1: tkuser 협력업체 CRUD 이관 (읽기전용 → 전체 CRUD)
Phase 2: tkpurchase 개편 — 일용공 신청/확정, 작업일정, 업무현황, 계정관리, 협력업체 포털
Phase 3: tksafety 신규 시스템 — 방문관리 + 안전교육 신고
Phase 4: SSO 인증 보강 (partner_company_id JWT, 만료일 체크), 권한 테이블 기반 접근 제어

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

tksafety/web/static/js/tksafety-core.js

@@ -0,0 +1,123 @@
+/* ===== 서비스 워커 해제 ===== */
+if ('serviceWorker' in navigator) {
+    navigator.serviceWorker.getRegistrations().then(function(regs) { regs.forEach(function(r) { r.unregister(); }); });
+    if (typeof caches !== 'undefined') { caches.keys().then(function(ns) { ns.forEach(function(n) { caches.delete(n); }); }); }
+}
+
+/* ===== Config ===== */
+const API_BASE = '/api';
+const PURPOSE_LABELS = {
+    day_labor: '일용공', equipment_repair: '설비수리', inspection: '검사',
+    delivery: '납품/배송', safety_audit: '안전점검', client_audit: '고객심사',
+    construction: '공사', other: '기타'
+};
+
+/* ===== Token ===== */
+function _cookieGet(n) { const m = document.cookie.match(new RegExp('(?:^|; )' + n + '=([^;]*)')); return m ? decodeURIComponent(m[1]) : null; }
+function _cookieRemove(n) { let c = n + '=; path=/; max-age=0'; if (location.hostname.includes('technicalkorea.net')) c += '; domain=.technicalkorea.net; secure; samesite=lax'; document.cookie = c; }
+function getToken() { return _cookieGet('sso_token') || localStorage.getItem('sso_token'); }
+function getLoginUrl() {
+    const h = location.hostname;
+    const t = Date.now();
+    if (h.includes('technicalkorea.net')) return location.protocol + '//tkfb.technicalkorea.net/login?redirect=' + encodeURIComponent(location.href) + '&_t=' + t;
+    return location.protocol + '//' + h + ':30000/login?redirect=' + encodeURIComponent(location.href) + '&_t=' + t;
+}
+function decodeToken(t) { try { const b = atob(t.split('.')[1].replace(/-/g,'+').replace(/_/g,'/')); return JSON.parse(new TextDecoder().decode(Uint8Array.from(b, c => c.charCodeAt(0)))); } catch { return null; } }
+
+/* ===== 리다이렉트 루프 방지 ===== */
+const _REDIRECT_KEY = '_sso_redirect_ts';
+function _safeRedirect() {
+    const last = parseInt(sessionStorage.getItem(_REDIRECT_KEY) || '0', 10);
+    if (Date.now() - last < 5000) { console.warn('[tksafety] 리다이렉트 루프 감지'); return; }
+    sessionStorage.setItem(_REDIRECT_KEY, String(Date.now()));
+    location.href = getLoginUrl();
+}
+
+/* ===== API ===== */
+async function api(path, opts = {}) {
+    const token = getToken();
+    const headers = { 'Authorization': token ? `Bearer ${token}` : '', ...(opts.headers||{}) };
+    if (!(opts.body instanceof FormData)) headers['Content-Type'] = 'application/json';
+    const res = await fetch(API_BASE + path, { ...opts, headers });
+    if (res.status === 401) { _safeRedirect(); throw new Error('인증 만료'); }
+    if (res.headers.get('content-type')?.includes('text/csv')) return res;
+    const data = await res.json();
+    if (!res.ok) throw new Error(data.error || '요청 실패');
+    return data;
+}
+
+/* ===== Toast ===== */
+function showToast(msg, type = 'success') {
+    document.querySelector('.toast-message')?.remove();
+    const el = document.createElement('div');
+    el.className = `toast-message fixed bottom-4 right-4 px-4 py-3 rounded-lg text-white z-[10000] shadow-lg ${type==='success'?'bg-orange-500':'bg-red-500'}`;
+    el.innerHTML = `<i class="fas ${type==='success'?'fa-check-circle':'fa-exclamation-circle'} mr-2"></i>${escapeHtml(msg)}`;
+    document.body.appendChild(el);
+    setTimeout(() => { el.classList.add('opacity-0'); setTimeout(() => el.remove(), 300); }, 3000);
+}
+
+/* ===== Escape ===== */
+function escapeHtml(str) { if (!str) return ''; const d = document.createElement('div'); d.textContent = str; return d.innerHTML; }
+
+/* ===== Helpers ===== */
+function formatDate(d) { if (!d) return ''; return String(d).substring(0, 10); }
+function formatTime(d) { if (!d) return ''; return String(d).substring(11, 16); }
+function formatDateTime(d) { if (!d) return ''; return String(d).substring(0, 16).replace('T', ' '); }
+function purposeLabel(p) { return PURPOSE_LABELS[p] || p || ''; }
+function purposeBadge(p) { return `<span class="badge purpose-${p}">${purposeLabel(p)}</span>`; }
+function statusBadge(s) {
+    const m = { checked_in: ['badge-green', '체크인'], checked_out: ['badge-blue', '체크아웃'], auto_checkout: ['badge-amber', '자동마감'], cancelled: ['badge-gray', '취소'] };
+    const [cls, label] = m[s] || ['badge-gray', s];
+    return `<span class="badge ${cls}">${label}</span>`;
+}
+
+/* ===== Logout ===== */
+function doLogout() {
+    if (!confirm('로그아웃?')) return;
+    _cookieRemove('sso_token'); _cookieRemove('sso_user'); _cookieRemove('sso_refresh_token');
+    ['sso_token','sso_user','sso_refresh_token','token','user','access_token','currentUser','current_user','userInfo','userPageAccess'].forEach(k => localStorage.removeItem(k));
+    location.href = getLoginUrl();
+}
+
+/* ===== Navbar ===== */
+function renderNavbar() {
+    const currentPage = location.pathname.replace(/\//g, '') || 'index.html';
+    const links = [
+        { href: '/', icon: 'fa-door-open', label: '방문 관리', match: ['', 'index.html'] },
+        { href: '/education.html', icon: 'fa-graduation-cap', label: '안전교육', match: ['education.html'] },
+    ];
+    const nav = document.getElementById('sideNav');
+    if (!nav) return;
+    nav.innerHTML = links.map(l => {
+        const active = l.match.some(m => currentPage === m || currentPage.endsWith(m));
+        return `<a href="${l.href}" class="nav-link flex items-center gap-3 px-4 py-2.5 rounded-lg text-sm transition-colors ${active ? 'active' : 'text-gray-600 hover:bg-gray-100'}">
+            <i class="fas ${l.icon} w-5 text-center"></i><span>${l.label}</span></a>`;
+    }).join('');
+}
+
+/* ===== State ===== */
+let currentUser = null;
+
+/* ===== Init ===== */
+function initAuth() {
+    const token = getToken();
+    if (!token) { _safeRedirect(); return false; }
+    const decoded = decodeToken(token);
+    if (!decoded) { _safeRedirect(); return false; }
+    sessionStorage.removeItem(_REDIRECT_KEY);
+    if (!localStorage.getItem('sso_token')) localStorage.setItem('sso_token', token);
+    currentUser = {
+        id: decoded.user_id || decoded.id,
+        username: decoded.username || decoded.sub,
+        name: decoded.name || decoded.full_name,
+        role: (decoded.role || decoded.access_level || '').toLowerCase()
+    };
+    const dn = currentUser.name || currentUser.username;
+    const nameEl = document.getElementById('headerUserName');
+    const avatarEl = document.getElementById('headerUserAvatar');
+    if (nameEl) nameEl.textContent = dn;
+    if (avatarEl) avatarEl.textContent = dn.charAt(0).toUpperCase();
+    renderNavbar();
+    setTimeout(() => document.querySelector('.fade-in')?.classList.add('visible'), 50);
+    return true;
+}