diff --git a/.claude/WORKFLOW-GUIDE.md b/.claude/WORKFLOW-GUIDE.md index cb23489..241c499 100644 --- a/.claude/WORKFLOW-GUIDE.md +++ b/.claude/WORKFLOW-GUIDE.md @@ -74,7 +74,7 @@ ```bash # DB 접속 (NAS) -ssh hyungi@100.71.132.52 "docker exec tk-mariadb mysql -uhyungi_user -p'hyung-ddfdf3-D341@' hyungi" +ssh hyungi@100.71.132.52 "docker exec tk-mariadb mysql -uhyungi_user -p\"\$MYSQL_PASSWORD\" hyungi" # 로그 확인 (NAS) ssh hyungi@100.71.132.52 "cd /volume1/docker/tk-factory-services && export PATH=\$PATH:/volume2/@appstore/ContainerManager/usr/bin && docker compose logs -f --tail=50 <서비스>" diff --git a/.env.example b/.env.example index 40f26cb..7fed366 100644 --- a/.env.example +++ b/.env.example @@ -99,4 +99,16 @@ OLLAMA_TIMEOUT=120 # tkfb.technicalkorea.net → http://tk-gateway:80 # tkreport.technicalkorea.net → http://tk-system2-web:80 # tkqc.technicalkorea.net → http://tk-system3-web:80 +# ------------------------------------------------------------------- +# ntfy 푸시 알림 서버 +# ------------------------------------------------------------------- +NTFY_BASE_URL=http://ntfy:80 +NTFY_PUBLISH_TOKEN=change_this_ntfy_publish_token +NTFY_EXTERNAL_URL=https://ntfy.technicalkorea.net +NTFY_SUB_PASSWORD=change_this_ntfy_subscriber_password +TKFB_BASE_URL=https://tkfb.technicalkorea.net + +# ------------------------------------------------------------------- +# Cloudflare Tunnel +# ------------------------------------------------------------------- CLOUDFLARE_TUNNEL_TOKEN=your_tunnel_token_here diff --git a/.githooks/pre-commit b/.githooks/pre-commit new file mode 100755 index 0000000..000433f --- /dev/null +++ b/.githooks/pre-commit @@ -0,0 +1,5 @@ +#!/bin/bash +# pre-commit hook — 로컬 빠른 피드백 +# 역할: 커밋 전 보안 검사 (staged 파일만) +# 우회: git commit --no-verify (서버 pre-receive에서 최종 차단됨) +exec "$(git rev-parse --show-toplevel)/scripts/security-scan.sh" --staged diff --git a/.githooks/pre-receive-server.sh b/.githooks/pre-receive-server.sh new file mode 100755 index 0000000..3873b41 --- /dev/null +++ b/.githooks/pre-receive-server.sh @@ -0,0 +1,168 @@ +#!/bin/bash +# ============================================================================= +# pre-receive-server.sh — Gitea 서버용 보안 게이트 +# ============================================================================= +# 설치: Gitea 웹 관리자 → 저장소 → Settings → Git Hooks → pre-receive +# 또는: cp pre-receive-server.sh $REPO_PATH/custom/hooks/pre-receive +# +# 동작: push 시 변경 내용을 regex 검사, 위반 시 push 차단 +# bypass: 커밋 메시지에 [SECURITY-BYPASS: 사유] 포함 시 통과 + 로그 +# ============================================================================= + +set -uo pipefail + +# --- 설정 --- +BYPASS_LOG="/data/gitea/security-bypass.log" +ALLOWED_BYPASS_EMAILS="ahn@hyungi.net hyungi@technicalkorea.net" +MEDIUM_THRESHOLD=5 +ZERO_REV="0000000000000000000000000000000000000000" + +# --- 검출 규칙 (security-scan.sh와 동일, 자체 내장) --- +RULES=( + 'SECRET_HARDCODE|CRITICAL|비밀정보 하드코딩|(password|token|apiKey|secret|api_key)\s*[:=]\s*[\x27"][^${\x27"][^\x27"]{3,}' + 'SECRET_KNOWN|CRITICAL|알려진 비밀번호 패턴|(fukdon-riwbaq|hyung-ddfdf3|djg3-jj34|tkfactory-sub)' + 'LOCALSTORAGE_AUTH|HIGH|localStorage 인증정보|localStorage\.(setItem|getItem).*\b(token|password|auth|credential)' + 'INNERHTML_XSS|HIGH|innerHTML XSS 위험|\.innerHTML\s*[+=]' + 'CORS_WILDCARD|HIGH|CORS 와일드카드|origin:\s*[\x27"`]\*[\x27"`]' + 'SQL_INTERPOLATION|HIGH|SQL 문자열 보간|query\(`.*\$\{' + 'LOG_SECRET|MEDIUM|로그에 비밀정보|console\.(log|error|warn).*\b(password|token|secret|apiKey)' + 'ENV_HARDCODE|MEDIUM|환경설정 하드코딩|NODE_ENV\s*[:=]\s*[\x27"]development[\x27"]' +) + +EXCLUDE_PATTERNS="node_modules|\.git|__pycache__|package-lock\.json|\.min\.js|\.min\.css" + +# --- 메인 --- +while read -r oldrev newrev refname; do + # 브랜치 삭제 시 스킵 + if [[ "$newrev" == "$ZERO_REV" ]]; then + continue + fi + + # 신규 브랜치 + if [[ "$oldrev" == "$ZERO_REV" ]]; then + # 첫 push: 최근 커밋만 검사 (또는 스킵) + echo "[SECURITY] New branch detected — scanning latest commit only" + oldrev=$(git rev-parse "${newrev}~1" 2>/dev/null || echo "$ZERO_REV") + if [[ "$oldrev" == "$ZERO_REV" ]]; then + continue + fi + fi + + # --- bypass 확인 --- + BYPASS_FOUND=false + BYPASS_REASON="" + while IFS= read -r msg; do + if echo "$msg" | grep -qP '\[SECURITY-BYPASS:\s*.+\]'; then + BYPASS_FOUND=true + BYPASS_REASON=$(echo "$msg" | grep -oP '\[SECURITY-BYPASS:\s*\K[^\]]+') + elif echo "$msg" | grep -q '\[SECURITY-BYPASS\]'; then + echo "[SECURITY] ERROR: Bypass requires reason: [SECURITY-BYPASS: hotfix 사유]" + exit 1 + fi + done < <(git log --format='%s' "$oldrev".."$newrev" 2>/dev/null) + + if [[ "$BYPASS_FOUND" == "true" ]]; then + AUTHOR=$(git log -1 --format='%ae' "$newrev" 2>/dev/null || echo "unknown") + # 사용자 제한 + ALLOWED=false + for email in $ALLOWED_BYPASS_EMAILS; do + if [[ "$AUTHOR" == "$email" ]]; then + ALLOWED=true + break + fi + done + if [[ "$ALLOWED" != "true" ]]; then + echo "[SECURITY] Bypass not allowed for: $AUTHOR" + exit 1 + fi + # 로그 기록 + echo "$(date -Iseconds) | user=$AUTHOR | ref=$refname | commits=$oldrev..$newrev | reason=$BYPASS_REASON | TODO=24h내 수정 필수" \ + >> "$BYPASS_LOG" 2>/dev/null || true + echo "[SECURITY] ⚠ Bypass accepted — reason: $BYPASS_REASON (logged, 24h 내 수정 필수)" + continue + fi + + # --- diff 기반 보안 검사 --- + VIOLATIONS=0 + MEDIUM_COUNT=0 + OUTPUT="" + + DIFF_OUTPUT=$(git diff -U0 --diff-filter=ACMRT "$oldrev" "$newrev" 2>/dev/null || true) + if [[ -z "$DIFF_OUTPUT" ]]; then + continue + fi + + CURRENT_FILE="" + CURRENT_LINE=0 + + while IFS= read -r line; do + if [[ "$line" =~ ^diff\ --git\ a/(.+)\ b/(.+)$ ]]; then + CURRENT_FILE="${BASH_REMATCH[2]}" + continue + fi + if [[ "$line" =~ ^\+\+\+\ b/(.+)$ ]]; then + CURRENT_FILE="${BASH_REMATCH[1]}" + continue + fi + if [[ "$line" =~ ^@@.*\+([0-9]+) ]]; then + CURRENT_LINE="${BASH_REMATCH[1]}" + continue + fi + if [[ "$line" =~ ^\+ ]] && [[ ! "$line" =~ ^\+\+\+ ]]; then + local_content="${line:1}" + + # 제외 패턴 + if echo "$CURRENT_FILE" | grep -qEi "$EXCLUDE_PATTERNS" 2>/dev/null; then + CURRENT_LINE=$((CURRENT_LINE + 1)) + continue + fi + + # 인라인 ignore 체크 + 규칙 검사 + for i in "${!RULES[@]}"; do + IFS='|' read -r r_name r_sev r_desc r_pat <<< "${RULES[$i]}" + if echo "$local_content" | grep -qP "$r_pat" 2>/dev/null; then + # 라인 단위 ignore + if echo "$local_content" | grep -qP "security-ignore:\s*$r_name" 2>/dev/null; then + continue + fi + RNUM=$((i + 1)) + TRIMMED=$(echo "$local_content" | sed 's/^[[:space:]]*//' | head -c 100) + if [[ "$r_sev" == "CRITICAL" || "$r_sev" == "HIGH" ]]; then + OUTPUT+="$(printf "\n ✗ [%s] #%d %s — %s\n → %s:%d\n %s\n" \ + "$r_sev" "$RNUM" "$r_name" "$r_desc" "$CURRENT_FILE" "$CURRENT_LINE" "$TRIMMED")" + VIOLATIONS=$((VIOLATIONS + 1)) + else + OUTPUT+="$(printf "\n ⚠ [%s] #%d %s — %s\n → %s:%d\n %s\n" \ + "$r_sev" "$RNUM" "$r_name" "$r_desc" "$CURRENT_FILE" "$CURRENT_LINE" "$TRIMMED")" + MEDIUM_COUNT=$((MEDIUM_COUNT + 1)) + fi + fi + done + CURRENT_LINE=$((CURRENT_LINE + 1)) + fi + done <<< "$DIFF_OUTPUT" + + TOTAL=$((VIOLATIONS + MEDIUM_COUNT)) + if [[ $TOTAL -gt 0 ]]; then + echo "" + echo "[SECURITY] $TOTAL issue(s) found in push to $refname:" + echo "$OUTPUT" + echo "" + + if [[ $MEDIUM_COUNT -gt $MEDIUM_THRESHOLD ]]; then + echo "[SECURITY] MEDIUM violations ($MEDIUM_COUNT) exceed threshold ($MEDIUM_THRESHOLD) — blocking" + VIOLATIONS=$((VIOLATIONS + 1)) + fi + + if [[ $VIOLATIONS -gt 0 ]]; then + echo "Push rejected. Fix violations or use [SECURITY-BYPASS: 사유] in commit message." + echo "" + exit 1 + else + echo "Warnings only ($MEDIUM_COUNT MEDIUM) — push allowed." + fi + fi + +done + +exit 0 diff --git a/.securityignore b/.securityignore new file mode 100644 index 0000000..a478d85 --- /dev/null +++ b/.securityignore @@ -0,0 +1,24 @@ +# ============================================================================= +# .securityignore — 보안 스캔 제외 목록 +# ============================================================================= +# 규칙: +# - 모든 항목에 사유 주석 필수 (없으면 경고) +# - 월 1회 정기 검토 → 불필요 항목 제거 +# - 날짜 표기 권장 +# ============================================================================= + +# 스캔 스크립트 자체 (규칙 패턴 포함) +scripts/security-scan.sh # 규칙 정의 자체 (2026-04-10) +.githooks/pre-receive-server.sh # 규칙 정의 자체 (2026-04-10) + +# 환경변수 템플릿 (placeholder만 포함) +.env.example # placeholder 값만 (2026-04-10) + +# 보안 감사 보고서 (발견된 패턴 인용) +SECURITY-AUDIT-20260402.md # 감사 보고서 인용 (2026-04-10) +SECURITY-FINDINGS-SUMMARY.txt # 감사 요약 인용 (2026-04-10) +SECURITY-CODE-SNIPPETS.md # 코드 스니펫 인용 (2026-04-10) + +# 보안 가이드/체크리스트 (규칙 예시 포함) +SECURITY-CHECKLIST.md # 규칙 참조 예시 (2026-04-10) +docs/SECURITY-GUIDE.md # 가이드 예시 코드 (2026-04-10) diff --git a/DEPLOY-GUIDE.md b/DEPLOY-GUIDE.md index 71d993b..656d6cc 100644 --- a/DEPLOY-GUIDE.md +++ b/DEPLOY-GUIDE.md @@ -95,7 +95,7 @@ cat "/volume1/Technicalkorea Document/tkfb-package/.env" | grep MYSQL cat /volume1/docker/tkqc/tkqc-package/.env | grep POSTGRES # Cloudflare Tunnel 토큰 -echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker inspect tkfb_cloudflared | grep TUNNEL_TOKEN +echo "${NAS_SUDO_PASSWORD}" | sudo -S /usr/local/bin/docker inspect tkfb_cloudflared | grep TUNNEL_TOKEN ``` --- @@ -112,12 +112,12 @@ ssh hyungi@192.168.0.3 mkdir -p /volume1/docker/backups/$(date +%Y%m%d) # MariaDB 백업 -echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker exec tkfb_db \ +echo "${NAS_SUDO_PASSWORD}" | sudo -S /usr/local/bin/docker exec tkfb_db \ mysqldump -u root -p --all-databases > \ /volume1/docker/backups/$(date +%Y%m%d)/mariadb-all.sql # PostgreSQL 백업 -echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker exec tkqc-db \ +echo "${NAS_SUDO_PASSWORD}" | sudo -S /usr/local/bin/docker exec tkqc-db \ pg_dumpall -U mproject > \ /volume1/docker/backups/$(date +%Y%m%d)/postgres-all.sql @@ -167,11 +167,11 @@ rm -rf ../tk-factory-services.bak # NAS SSH # TK-FB 중지 cd "/volume1/Technicalkorea Document/tkfb-package" -echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker compose down +echo "${NAS_SUDO_PASSWORD}" | sudo -S /usr/local/bin/docker compose down # TKQC 중지 cd /volume1/docker/tkqc/tkqc-package -echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker compose down +echo "${NAS_SUDO_PASSWORD}" | sudo -S /usr/local/bin/docker compose down ``` ### Step 4: 통합 서비스 기동 @@ -180,10 +180,10 @@ echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker compose down cd /volume1/docker/tk-factory-services # Docker 이미지 빌드 + 서비스 기동 -echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker compose up --build -d +echo "${NAS_SUDO_PASSWORD}" | sudo -S /usr/local/bin/docker compose up --build -d # 로그 확인 -echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker compose logs -f --tail=50 +echo "${NAS_SUDO_PASSWORD}" | sudo -S /usr/local/bin/docker compose logs -f --tail=50 ``` ### Step 5: DB 마이그레이션 @@ -196,7 +196,7 @@ echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker compose logs -f --ta # (system3-nonconformance/api/migrations/ → PostgreSQL init) # 헬스체크 확인 -echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker compose ps +echo "${NAS_SUDO_PASSWORD}" | sudo -S /usr/local/bin/docker compose ps ``` ### Step 6: Cloudflare Tunnel 설정 @@ -291,15 +291,15 @@ git log --oneline -10 ```bash # 통합 서비스 중지 cd /volume1/docker_1/tk-factory-services -echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker compose down +echo "${NAS_SUDO_PASSWORD}" | sudo -S /usr/local/bin/docker compose down # TK-FB 복원 cd "/volume1/Technicalkorea Document/tkfb-package" -echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker compose up -d +echo "${NAS_SUDO_PASSWORD}" | sudo -S /usr/local/bin/docker compose up -d # TKQC 복원 cd /volume1/docker/tkqc/tkqc-package -echo 'fukdon-riwbaq-fiQfy2' | sudo -S /usr/local/bin/docker compose up -d +echo "${NAS_SUDO_PASSWORD}" | sudo -S /usr/local/bin/docker compose up -d ``` --- diff --git a/PROGRESS.md b/PROGRESS.md index df0b2bc..887f86e 100644 --- a/PROGRESS.md +++ b/PROGRESS.md @@ -206,7 +206,7 @@ TK-FB-Project(공장관리+신고)와 M-Project(부적합관리)를 **3개 독 ### NAS (192.168.0.3) - TK-FB 운영: `/volume1/Technicalkorea Document/tkfb-package/` - TKQC 운영: `/volume1/docker/tkqc/tkqc-package/` -- SSH: `hyungi` / `fukdon-riwbaq-fiQfy2` +- SSH: `hyungi` / `${SSH_PASSWORD}` (비밀번호는 비밀관리 시스템 참조) --- diff --git a/SECURITY-CHECKLIST.md b/SECURITY-CHECKLIST.md new file mode 100644 index 0000000..319b580 --- /dev/null +++ b/SECURITY-CHECKLIST.md @@ -0,0 +1,39 @@ +# 보안 PR 체크리스트 — TK Factory Services + +> 공통 원칙: `claude-config/memory/feedback_security_pr_checklist.md` +> 자동 검증: `scripts/security-scan.sh` (pre-commit + pre-receive) + +## 체크리스트 + +| # | 카테고리 | 검증 | 확인 항목 | 참조 파일 | +|---|---------|------|----------|----------| +| 1 | 비밀 정보 | **자동** #1,#2 | 코드/문서에 비밀번호·토큰·API키 하드코딩 없음 | `.env.example` | +| 2 | 인증 | 수동 | 모든 라우트에 `requireAuth` 적용 | `shared/middleware/auth.js` | +| 3 | 권한 RBAC | 수동 | 쓰기(POST/PUT/DELETE)에 `requirePage()` 또는 `requireRole()` | `shared/middleware/pagePermission.js` | +| 4 | 입력 검증 | 수동 | path traversal(`../`), 타입, 길이 검증 | `system1-factory/api/utils/validator.js` | +| 5 | 파일 업로드 | 수동 | magic number + 확장자 + MIME + 크기 제한 | `system1-factory/api/utils/fileUploadSecurity.js` | +| 6 | 네트워크 | **자동** #5 | CORS 와일드카드 없음, rate limiting 적용 | `system1-factory/api/config/cors.js` | +| 7 | DB 쿼리 | **자동** #6 | 파라미터화(`?`), `await`, `COALESCE` 패턴 | CLAUDE.md 주의사항 | +| 8 | 에러/로그 | **자동** #7 | 로그에 비밀정보 없음, 스택트레이스 prod 비노출 | `shared/utils/errors.js` | +| 9 | 보안 헤더 | 수동 | CSP, HSTS, X-Frame-Options | `system1-factory/api/config/security.js` | +| 10 | 자동 검증 | **자동** | pre-commit + pre-receive 통과 | `scripts/security-scan.sh` | + +## 자동 검출 규칙 + +| 규칙# | 이름 | 심각도 | 동작 | +|-------|------|--------|------| +| 1 | SECRET_HARDCODE | CRITICAL | 차단 | +| 2 | SECRET_KNOWN | CRITICAL | 차단 | +| 3 | LOCALSTORAGE_AUTH | HIGH | 차단 | +| 4 | INNERHTML_XSS | HIGH | 차단 | +| 5 | CORS_WILDCARD | HIGH | 차단 | +| 6 | SQL_INTERPOLATION | HIGH | 차단 | +| 7 | LOG_SECRET | MEDIUM | 경고 (5개 초과 시 차단) | +| 8 | ENV_HARDCODE | MEDIUM | 경고 (5개 초과 시 차단) | + +## 수동 확인 필요 항목 (자동화 한계) + +- RBAC 설계 오류 / 인증 흐름 +- 비즈니스 로직 / race condition +- third-party dependency 취약점 (`npm audit`) +- 환경변수 값 강도 diff --git a/docker-compose.yml b/docker-compose.yml index 4c7c9b3..5502789 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -309,6 +309,7 @@ services: - NTFY_BASE_URL=${NTFY_BASE_URL:-http://ntfy:80} - NTFY_PUBLISH_TOKEN=${NTFY_PUBLISH_TOKEN} - NTFY_EXTERNAL_URL=${NTFY_EXTERNAL_URL:-https://ntfy.technicalkorea.net} + - NTFY_SUB_PASSWORD=${NTFY_SUB_PASSWORD} - TKFB_BASE_URL=${TKFB_BASE_URL:-https://tkfb.technicalkorea.net} healthcheck: test: ["CMD", "wget", "--spider", "-q", "http://localhost:3000/health"] diff --git a/docs/SECURITY-GUIDE.md b/docs/SECURITY-GUIDE.md new file mode 100644 index 0000000..4d74967 --- /dev/null +++ b/docs/SECURITY-GUIDE.md @@ -0,0 +1,157 @@ +# 보안 시스템 운영 가이드 + +## 개요 + +TK Factory Services에는 2계층 보안 검사 시스템이 적용되어 있습니다. + +| 계층 | 위치 | 역할 | 우회 가능 | +|------|------|------|----------| +| pre-commit | 로컬 (개발자 PC) | 빠른 피드백 | `--no-verify` | +| pre-receive | Gitea 서버 | 최종 차단 | `[SECURITY-BYPASS: 사유]`만 | + +## 개발 워크플로우 + +``` +코드 작성 → git add → git commit + ↓ + pre-commit hook + (security-scan.sh --staged) + ↓ + 위반 있으면 → 커밋 차단 + 상세 출력 + 위반 없으면 → 커밋 성공 + ↓ + git push + ↓ + pre-receive hook (서버) + (diff 기반 검사) + ↓ + 위반 있으면 → push 차단 + 위반 없으면 → push 성공 +``` + +## 위반 발생 시 대처 + +### 에러 메시지 읽기 + +``` +[SECURITY] 2 issue(s) found: + + ✗ [CRITICAL] #1 SECRET_HARDCODE — 비밀정보 하드코딩 + → src/controllers/auth.js:64 + password: 'my-secret-123' +``` + +- `[CRITICAL]` / `[HIGH]` → 차단됨, 반드시 수정 +- `[MEDIUM]` → 경고, 5개 초과 시 차단 +- `→ 파일:라인번호` → 수정할 위치 +- 아래 줄 → 문제가 된 코드 + +### 수정 방법 (규칙별) + +| 규칙 | 수정 방법 | +|------|----------| +| SECRET_HARDCODE | `process.env.변수명`으로 이동, `.env`에 추가 | +| LOCALSTORAGE_AUTH | HttpOnly 쿠키 또는 Authorization 헤더 사용 | +| INNERHTML_XSS | `textContent` 사용 또는 DOMPurify 적용 | +| CORS_WILDCARD | 허용 도메인을 명시적으로 나열 | +| SQL_INTERPOLATION | 파라미터화 쿼리(`?` placeholder) 사용 | +| LOG_SECRET | 로그에서 비밀정보 제거 | + +## bypass 사용법 (긴급 시) + +### 형식 +``` +git commit -m "fix: 긴급 장애 대응 [SECURITY-BYPASS: prod 서비스 다운 긴급 핫픽스]" +``` + +### 규칙 +- **사유 필수**: `[SECURITY-BYPASS]`만으로는 거부됨 +- **허용 사용자만**: 운영담당자(ahn@hyungi.net)만 bypass 가능 +- **24시간 내 수정**: bypass 후 반드시 보안 이슈 수정 PR 제출 +- **로그 기록**: 모든 bypass는 서버에 자동 기록됨 + +### bypass 후 조치 +1. bypass한 코드의 보안 이슈 파악 +2. 24시간 내 수정 커밋 +3. `security-scan.sh --all`로 전체 검증 + +## 규칙 추가/수정 방법 + +### 새 규칙 추가 +`scripts/security-scan.sh`의 RULES 배열에 추가: +```bash +'RULE_NAME|SEVERITY|설명|REGEX_PATTERN' +``` + +예시: +```bash +'EVAL_USAGE|HIGH|eval 사용 위험|eval\s*\(' +``` + +### 같은 규칙을 서버에도 반영 +`.githooks/pre-receive-server.sh`의 RULES 배열에도 동일하게 추가. +Gitea 서버의 hook 파일도 업데이트 필요. + +## false positive 등록 + +### 파일 단위 제외 +`.securityignore`에 추가 (주석 필수): +``` +path/to/file.js # 사유 설명 (날짜) +``` + +### 라인 단위 제외 +소스 코드에 인라인 주석: +```javascript +const pattern = /password/; // security-ignore: SECRET_HARDCODE — regex 패턴 정의 +``` + +### 주의 +- 주석 없는 항목은 스캔 시 경고 +- 월 1회 `.securityignore` 검토하여 불필요 항목 제거 + +## 수동 검사 + +### 전체 프로젝트 스캔 +```bash +./scripts/security-scan.sh --all +``` + +### 엄격 모드 (MEDIUM도 차단) +```bash +./scripts/security-scan.sh --all --strict +``` + +### 두 커밋 간 비교 +```bash +./scripts/security-scan.sh --diff HEAD~5 HEAD +``` + +## 초기 설정 (새 머신) + +```bash +# 1. git hooks 경로 설정 +git config core.hooksPath .githooks + +# 2. 전체 스캔 확인 +./scripts/security-scan.sh --all + +# 3. 테스트 (선택) +echo "password: 'test'" >> /tmp/test.js +git add /tmp/test.js +git commit -m "test" # → 차단되어야 함 +``` + +## FAQ + +**Q: pre-commit이 너무 느리다** +A: staged 파일만 검사하므로 보통 1초 이내. 파일이 많으면 `--no-verify`로 우회 후 push 시 서버에서 검사. + +**Q: false positive가 계속 뜬다** +A: `.securityignore`에 등록하거나 라인에 `// security-ignore: RULE_NAME` 추가. + +**Q: 규칙을 비활성화하고 싶다** +A: RULES 배열에서 해당 규칙을 주석 처리. 단, CRITICAL 규칙 비활성화는 비권장. + +**Q: 새 서비스 추가 시** +A: 추가 설정 불필요. `.securityignore`에 제외할 파일이 있으면 등록. diff --git a/scripts/security-scan.sh b/scripts/security-scan.sh new file mode 100755 index 0000000..2bc2f90 --- /dev/null +++ b/scripts/security-scan.sh @@ -0,0 +1,355 @@ +#!/bin/bash +# ============================================================================= +# security-scan.sh — TK Factory Services 보안 스캔 엔진 +# ============================================================================= +# 용도: pre-commit hook, pre-receive hook, 수동 전체 검사 +# 모드: +# --staged staged 파일만 검사 (pre-commit 기본) +# --all 프로젝트 전체 파일 검사 +# --diff OLD NEW 두 커밋 간 변경 검사 (pre-receive용) +# --strict MEDIUM도 차단 +# +# 커버리지 한계 (PR 리뷰에서 수동): +# - RBAC 설계 오류 / 인증 흐름 +# - 비즈니스 로직 / race condition +# - third-party dependency (npm audit 영역) +# - 환경변수 값 강도 +# ============================================================================= + +set -euo pipefail + +# --- 색상 --- +RED='\033[0;31m' +YELLOW='\033[0;33m' +GREEN='\033[0;32m' +CYAN='\033[0;36m' +BOLD='\033[1m' +NC='\033[0m' + +# --- 설정 --- +MEDIUM_THRESHOLD=5 +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" +IGNORE_FILE="$PROJECT_ROOT/.securityignore" + +# --- 검출 규칙: NAME|SEVERITY|설명|PATTERN --- +RULES=( + 'SECRET_HARDCODE|CRITICAL|비밀정보 하드코딩|(password|token|apiKey|secret|api_key)\s*[:=]\s*[\x27"][^${\x27"][^\x27"]{3,}' + 'SECRET_KNOWN|CRITICAL|알려진 비밀번호 패턴|(fukdon-riwbaq|hyung-ddfdf3|djg3-jj34|tkfactory-sub)' + 'LOCALSTORAGE_AUTH|HIGH|localStorage 인증정보|localStorage\.(setItem|getItem).*\b(token|password|auth|credential)' + 'INNERHTML_XSS|HIGH|innerHTML XSS 위험|\.innerHTML\s*[+=]' + 'CORS_WILDCARD|HIGH|CORS 와일드카드|origin:\s*[\x27"`]\*[\x27"`]' + 'SQL_INTERPOLATION|HIGH|SQL 문자열 보간|query\(`.*\$\{' + 'LOG_SECRET|MEDIUM|로그에 비밀정보|console\.(log|error|warn).*\b(password|token|secret|apiKey)' + 'ENV_HARDCODE|MEDIUM|환경설정 하드코딩|NODE_ENV\s*[:=]\s*[\x27"]development[\x27"]' +) + +# --- 제외 패턴 --- +EXCLUDE_DIRS="node_modules|\.git|__pycache__|\.next|dist|build|coverage" +EXCLUDE_FILES="package-lock\.json|yarn\.lock|\.min\.js|\.min\.css|\.map" + +# --- 파싱 함수 --- +parse_rule() { + local rule="$1" + RULE_NAME=$(echo "$rule" | cut -d'|' -f1) + RULE_SEVERITY=$(echo "$rule" | cut -d'|' -f2) + RULE_DESC=$(echo "$rule" | cut -d'|' -f3) + RULE_PATTERN=$(echo "$rule" | cut -d'|' -f4-) +} + +# --- .securityignore 로드 --- +load_ignore_list() { + IGNORED_FILES=() + if [[ -f "$IGNORE_FILE" ]]; then + while IFS= read -r line; do + # 빈 줄, 순수 주석 스킵 + [[ -z "$line" || "$line" =~ ^[[:space:]]*# ]] && continue + # 파일명 추출 (주석 앞부분) + local filepath + filepath=$(echo "$line" | sed 's/#.*$//' | xargs) + [[ -z "$filepath" ]] && continue + # 주석 없는 항목 경고 + if ! echo "$line" | grep -q '#'; then + echo -e "${YELLOW}[WARN] .securityignore: '$filepath' 에 사유 주석이 없습니다${NC}" >&2 + fi + IGNORED_FILES+=("$filepath") + done < "$IGNORE_FILE" + fi +} + +is_ignored_file() { + local file="$1" + for ignored in "${IGNORED_FILES[@]}"; do + [[ "$file" == "$ignored" || "$file" == *"/$ignored" ]] && return 0 + done + return 1 +} + +is_line_ignored() { + local line_content="$1" + local rule_name="$2" + echo "$line_content" | grep -qP "security-ignore:\s*$rule_name" && return 0 + return 1 +} + +# --- diff 파싱 + 검사 --- +scan_diff() { + local diff_input="$1" + local violations=0 + local medium_count=0 + local current_file="" + local current_line=0 + local results="" + + while IFS= read -r line; do + # 파일명 추출 + if [[ "$line" =~ ^diff\ --git\ a/(.+)\ b/(.+)$ ]]; then + current_file="${BASH_REMATCH[2]}" + continue + fi + # +++ b/filename + if [[ "$line" =~ ^\+\+\+\ b/(.+)$ ]]; then + current_file="${BASH_REMATCH[1]}" + continue + fi + # hunk header → 라인 번호 + if [[ "$line" =~ ^@@.*\+([0-9]+) ]]; then + current_line="${BASH_REMATCH[1]}" + continue + fi + # 추가된 라인만 검사 + if [[ "$line" =~ ^\+ ]] && [[ ! "$line" =~ ^\+\+\+ ]]; then + local content="${line:1}" # + 제거 + current_line=$((current_line)) + + # 제외 디렉토리/파일 체크 + if echo "$current_file" | grep -qEi "($EXCLUDE_DIRS)" 2>/dev/null; then + current_line=$((current_line + 1)) + continue + fi + if echo "$current_file" | grep -qEi "($EXCLUDE_FILES)" 2>/dev/null; then + current_line=$((current_line + 1)) + continue + fi + # .securityignore 체크 + if is_ignored_file "$current_file"; then + current_line=$((current_line + 1)) + continue + fi + + # 각 규칙 검사 + for i in "${!RULES[@]}"; do + parse_rule "${RULES[$i]}" + if echo "$content" | grep -qP "$RULE_PATTERN" 2>/dev/null; then + # 라인 단위 ignore 체크 + if is_line_ignored "$content" "$RULE_NAME"; then + continue + fi + local rule_num=$((i + 1)) + local trimmed + trimmed=$(echo "$content" | sed 's/^[[:space:]]*//' | head -c 100) + if [[ "$RULE_SEVERITY" == "CRITICAL" || "$RULE_SEVERITY" == "HIGH" ]]; then + results+="$(printf "\n ${RED}✗ [%s] #%d %s${NC} — %s\n → %s:%d\n %s\n" \ + "$RULE_SEVERITY" "$rule_num" "$RULE_NAME" "$RULE_DESC" \ + "$current_file" "$current_line" "$trimmed")" + violations=$((violations + 1)) + else + results+="$(printf "\n ${YELLOW}⚠ [%s] #%d %s${NC} — %s\n → %s:%d\n %s\n" \ + "$RULE_SEVERITY" "$rule_num" "$RULE_NAME" "$RULE_DESC" \ + "$current_file" "$current_line" "$trimmed")" + medium_count=$((medium_count + 1)) + fi + fi + done + current_line=$((current_line + 1)) + fi + done <<< "$diff_input" + + # 결과 출력 + local total=$((violations + medium_count)) + if [[ $total -gt 0 ]]; then + echo "" + echo -e "${BOLD}[SECURITY] ${total} issue(s) found:${NC}" + echo -e "$results" + echo "" + + # MEDIUM 임계값 체크 + if [[ $medium_count -gt $MEDIUM_THRESHOLD ]]; then + echo -e "${RED}[SECURITY] MEDIUM violations ($medium_count) exceed threshold ($MEDIUM_THRESHOLD) — blocking${NC}" + violations=$((violations + 1)) + fi + + # strict 모드 + if [[ "${STRICT_MODE:-false}" == "true" && $medium_count -gt 0 ]]; then + echo -e "${RED}[SECURITY] --strict mode: MEDIUM violations also block${NC}" + violations=$((violations + 1)) + fi + + if [[ $violations -gt 0 ]]; then + echo -e "${RED}Push/commit rejected. Fix violations or use [SECURITY-BYPASS: 사유] in commit message.${NC}" + echo "" + return 1 + else + echo -e "${YELLOW}Warnings only — commit/push allowed.${NC}" + echo "" + return 0 + fi + fi + return 0 +} + +# --- 전체 파일 검사 (--all 모드) --- +scan_all() { + local violations=0 + local medium_count=0 + local results="" + + load_ignore_list + + local files + files=$(find "$PROJECT_ROOT" -type f \ + \( -name "*.js" -o -name "*.py" -o -name "*.ts" -o -name "*.jsx" -o -name "*.tsx" \ + -o -name "*.md" -o -name "*.sql" -o -name "*.yml" -o -name "*.yaml" \ + -o -name "*.json" -o -name "*.sh" -o -name "*.html" \) \ + ! -path "*/node_modules/*" \ + ! -path "*/.git/*" \ + ! -path "*/__pycache__/*" \ + ! -path "*/dist/*" \ + ! -path "*/build/*" \ + ! -path "*/coverage/*" \ + ! -path "*/.claude/worktrees/*" \ + ! -name "package-lock.json" \ + ! -name "*.min.js" \ + ! -name "*.min.css" \ + 2>/dev/null || true) + + while IFS= read -r filepath; do + [[ -z "$filepath" ]] && continue + local relpath="${filepath#$PROJECT_ROOT/}" + + # .securityignore 체크 + if is_ignored_file "$relpath"; then + continue + fi + + for i in "${!RULES[@]}"; do + parse_rule "${RULES[$i]}" + + local matches + matches=$(grep -nP "$RULE_PATTERN" "$filepath" 2>/dev/null || true) + [[ -z "$matches" ]] && continue + + while IFS= read -r match; do + local linenum content + linenum=$(echo "$match" | cut -d: -f1) + content=$(echo "$match" | cut -d: -f2- | sed 's/^[[:space:]]*//' | head -c 100) + + # 라인 단위 ignore + local full_line + full_line=$(sed -n "${linenum}p" "$filepath" 2>/dev/null || true) + if is_line_ignored "$full_line" "$RULE_NAME"; then + continue + fi + + local rule_num=$((i + 1)) + if [[ "$RULE_SEVERITY" == "CRITICAL" || "$RULE_SEVERITY" == "HIGH" ]]; then + results+="$(printf "\n ${RED}✗ [%s] #%d %s${NC} — %s\n → %s:%s\n %s\n" \ + "$RULE_SEVERITY" "$rule_num" "$RULE_NAME" "$RULE_DESC" \ + "$relpath" "$linenum" "$content")" + violations=$((violations + 1)) + else + results+="$(printf "\n ${YELLOW}⚠ [%s] #%d %s${NC} — %s\n → %s:%s\n %s\n" \ + "$RULE_SEVERITY" "$rule_num" "$RULE_NAME" "$RULE_DESC" \ + "$relpath" "$linenum" "$content")" + medium_count=$((medium_count + 1)) + fi + done <<< "$matches" + done + done <<< "$files" + + # 결과 출력 + local total=$((violations + medium_count)) + if [[ $total -gt 0 ]]; then + echo "" + echo -e "${BOLD}[SECURITY] Full scan: ${total} issue(s) found:${NC}" + echo -e "$results" + echo "" + + if [[ $medium_count -gt $MEDIUM_THRESHOLD ]]; then + echo -e "${RED}[SECURITY] MEDIUM violations ($medium_count) exceed threshold ($MEDIUM_THRESHOLD)${NC}" + violations=$((violations + 1)) + fi + if [[ "${STRICT_MODE:-false}" == "true" && $medium_count -gt 0 ]]; then + echo -e "${RED}[SECURITY] --strict mode: MEDIUM violations also count${NC}" + violations=$((violations + 1)) + fi + + if [[ $violations -gt 0 ]]; then + echo -e "${RED}${violations} blocking violation(s) found.${NC}" + return 1 + else + echo -e "${YELLOW}Warnings only (${medium_count} MEDIUM).${NC}" + return 0 + fi + else + echo -e "${GREEN}[SECURITY] Full scan: 0 violations found.${NC}" + return 0 + fi +} + +# --- 메인 --- +main() { + local mode="staged" + local old_rev="" new_rev="" + STRICT_MODE="false" + + while [[ $# -gt 0 ]]; do + case "$1" in + --staged) mode="staged"; shift ;; + --all) mode="all"; shift ;; + --diff) mode="diff"; old_rev="$2"; new_rev="$3"; shift 3 ;; + --strict) STRICT_MODE="true"; shift ;; + -h|--help) + echo "Usage: security-scan.sh [--staged|--all|--diff OLD NEW] [--strict]" + echo " --staged Check staged files (default, for pre-commit)" + echo " --all Scan entire project" + echo " --diff Check changes between two commits (for pre-receive)" + echo " --strict Block MEDIUM violations too" + exit 0 + ;; + *) echo "Unknown option: $1"; exit 1 ;; + esac + done + + load_ignore_list + + case "$mode" in + staged) + local diff_output + diff_output=$(git diff --cached -U0 --diff-filter=ACMRT 2>/dev/null || true) + if [[ -z "$diff_output" ]]; then + echo -e "${GREEN}[SECURITY] No staged changes to scan.${NC}" + exit 0 + fi + scan_diff "$diff_output" + ;; + all) + scan_all + ;; + diff) + if [[ -z "$old_rev" || -z "$new_rev" ]]; then + echo "Error: --diff requires OLD and NEW revisions" + exit 1 + fi + local diff_output + diff_output=$(git diff -U0 --diff-filter=ACMRT "$old_rev" "$new_rev" 2>/dev/null || true) + if [[ -z "$diff_output" ]]; then + echo -e "${GREEN}[SECURITY] No changes to scan.${NC}" + exit 0 + fi + scan_diff "$diff_output" + ;; + esac +} + +main "$@" diff --git a/system1-factory/api/db/migrations/20260313001000_create_push_subscriptions.sql b/system1-factory/api/db/migrations/20260313001000_create_push_subscriptions.sql index 8122b4d..797bcaa 100644 --- a/system1-factory/api/db/migrations/20260313001000_create_push_subscriptions.sql +++ b/system1-factory/api/db/migrations/20260313001000_create_push_subscriptions.sql @@ -1,5 +1,5 @@ -- Push 구독 테이블 생성 --- 실행: docker exec -i tk-mariadb mysql -uhyungi_user -p'hyung-ddfdf3-D341@' hyungi < db/migrations/20260313001000_create_push_subscriptions.sql +-- 실행: docker exec -i tk-mariadb mysql -uhyungi_user -p"$MYSQL_PASSWORD" hyungi < db/migrations/20260313001000_create_push_subscriptions.sql CREATE TABLE IF NOT EXISTS push_subscriptions ( id INT AUTO_INCREMENT PRIMARY KEY, diff --git a/system1-factory/web/logo 2.png b/system1-factory/web/logo 2.png deleted file mode 100644 index 5bbd962..0000000 Binary files a/system1-factory/web/logo 2.png and /dev/null differ diff --git a/system1-factory/web/components/sections/admin-sections.html b/system1-factory/web/public/components/sections/admin-sections.html similarity index 100% rename from system1-factory/web/components/sections/admin-sections.html rename to system1-factory/web/public/components/sections/admin-sections.html diff --git a/system1-factory/web/css/daily-patrol.css b/system1-factory/web/public/css/daily-patrol.css similarity index 100% rename from system1-factory/web/css/daily-patrol.css rename to system1-factory/web/public/css/daily-patrol.css diff --git a/system1-factory/web/css/daily-status.css b/system1-factory/web/public/css/daily-status.css similarity index 100% rename from system1-factory/web/css/daily-status.css rename to system1-factory/web/public/css/daily-status.css diff --git a/system1-factory/web/css/daily-work-report-mobile.css b/system1-factory/web/public/css/daily-work-report-mobile.css similarity index 100% rename from system1-factory/web/css/daily-work-report-mobile.css rename to system1-factory/web/public/css/daily-work-report-mobile.css diff --git a/system1-factory/web/css/daily-work-report.css b/system1-factory/web/public/css/daily-work-report.css similarity index 100% rename from system1-factory/web/css/daily-work-report.css rename to system1-factory/web/public/css/daily-work-report.css diff --git a/system1-factory/web/css/equipment-detail.css b/system1-factory/web/public/css/equipment-detail.css similarity index 100% rename from system1-factory/web/css/equipment-detail.css rename to system1-factory/web/public/css/equipment-detail.css diff --git a/system1-factory/web/css/equipment-management.css b/system1-factory/web/public/css/equipment-management.css similarity index 100% rename from system1-factory/web/css/equipment-management.css rename to system1-factory/web/public/css/equipment-management.css diff --git a/system1-factory/web/css/mobile.css b/system1-factory/web/public/css/mobile.css similarity index 100% rename from system1-factory/web/css/mobile.css rename to system1-factory/web/public/css/mobile.css diff --git a/system1-factory/web/css/modern-dashboard.css b/system1-factory/web/public/css/modern-dashboard.css similarity index 100% rename from system1-factory/web/css/modern-dashboard.css rename to system1-factory/web/public/css/modern-dashboard.css diff --git a/system1-factory/web/css/monthly-comparison.css b/system1-factory/web/public/css/monthly-comparison.css similarity index 100% rename from system1-factory/web/css/monthly-comparison.css rename to system1-factory/web/public/css/monthly-comparison.css diff --git a/system1-factory/web/css/my-monthly-confirm.css b/system1-factory/web/public/css/my-monthly-confirm.css similarity index 100% rename from system1-factory/web/css/my-monthly-confirm.css rename to system1-factory/web/public/css/my-monthly-confirm.css diff --git a/system1-factory/web/css/production-dashboard.css b/system1-factory/web/public/css/production-dashboard.css similarity index 100% rename from system1-factory/web/css/production-dashboard.css rename to system1-factory/web/public/css/production-dashboard.css diff --git a/system1-factory/web/css/proxy-input.css b/system1-factory/web/public/css/proxy-input.css similarity index 100% rename from system1-factory/web/css/proxy-input.css rename to system1-factory/web/public/css/proxy-input.css diff --git a/system1-factory/web/css/purchase-mobile.css b/system1-factory/web/public/css/purchase-mobile.css similarity index 100% rename from system1-factory/web/css/purchase-mobile.css rename to system1-factory/web/public/css/purchase-mobile.css diff --git a/system1-factory/web/css/tbm-mobile.css b/system1-factory/web/public/css/tbm-mobile.css similarity index 100% rename from system1-factory/web/css/tbm-mobile.css rename to system1-factory/web/public/css/tbm-mobile.css diff --git a/system1-factory/web/css/tbm.css b/system1-factory/web/public/css/tbm.css similarity index 100% rename from system1-factory/web/css/tbm.css rename to system1-factory/web/public/css/tbm.css diff --git a/system1-factory/web/css/vacation-allocation.css b/system1-factory/web/public/css/vacation-allocation.css similarity index 100% rename from system1-factory/web/css/vacation-allocation.css rename to system1-factory/web/public/css/vacation-allocation.css diff --git a/system1-factory/web/css/work-analysis.css b/system1-factory/web/public/css/work-analysis.css similarity index 100% rename from system1-factory/web/css/work-analysis.css rename to system1-factory/web/public/css/work-analysis.css diff --git a/system1-factory/web/css/work-report.css b/system1-factory/web/public/css/work-report.css similarity index 100% rename from system1-factory/web/css/work-report.css rename to system1-factory/web/public/css/work-report.css diff --git a/system1-factory/web/css/workplace-management.css b/system1-factory/web/public/css/workplace-management.css similarity index 100% rename from system1-factory/web/css/workplace-management.css rename to system1-factory/web/public/css/workplace-management.css diff --git a/system1-factory/web/css/zone-detail.css b/system1-factory/web/public/css/zone-detail.css similarity index 100% rename from system1-factory/web/css/zone-detail.css rename to system1-factory/web/public/css/zone-detail.css diff --git a/system1-factory/web/img/favicon.png b/system1-factory/web/public/img/favicon.png similarity index 100% rename from system1-factory/web/img/favicon.png rename to system1-factory/web/public/img/favicon.png diff --git a/system1-factory/web/img/icon-192x192.png b/system1-factory/web/public/img/icon-192x192.png similarity index 100% rename from system1-factory/web/img/icon-192x192.png rename to system1-factory/web/public/img/icon-192x192.png diff --git a/system1-factory/web/img/icon-512x512.png b/system1-factory/web/public/img/icon-512x512.png similarity index 100% rename from system1-factory/web/img/icon-512x512.png rename to system1-factory/web/public/img/icon-512x512.png diff --git a/system1-factory/web/img/login-bg.jpeg b/system1-factory/web/public/img/login-bg.jpeg similarity index 100% rename from system1-factory/web/img/login-bg.jpeg rename to system1-factory/web/public/img/login-bg.jpeg diff --git a/system1-factory/web/img/logo.png b/system1-factory/web/public/img/logo.png similarity index 100% rename from system1-factory/web/img/logo.png rename to system1-factory/web/public/img/logo.png diff --git a/system1-factory/web/img/technicalkorea Logo.jpg b/system1-factory/web/public/img/technicalkorea Logo.jpg similarity index 100% rename from system1-factory/web/img/technicalkorea Logo.jpg rename to system1-factory/web/public/img/technicalkorea Logo.jpg diff --git a/system1-factory/web/img/technicalkorea_Logo.ai b/system1-factory/web/public/img/technicalkorea_Logo.ai similarity index 100% rename from system1-factory/web/img/technicalkorea_Logo.ai rename to system1-factory/web/public/img/technicalkorea_Logo.ai diff --git a/system1-factory/web/img/technicalkorea_Logo.eps b/system1-factory/web/public/img/technicalkorea_Logo.eps similarity index 100% rename from system1-factory/web/img/technicalkorea_Logo.eps rename to system1-factory/web/public/img/technicalkorea_Logo.eps diff --git a/system1-factory/web/img/technicalkorea_Logo.svg b/system1-factory/web/public/img/technicalkorea_Logo.svg similarity index 100% rename from system1-factory/web/img/technicalkorea_Logo.svg rename to system1-factory/web/public/img/technicalkorea_Logo.svg diff --git a/system1-factory/web/index.html b/system1-factory/web/public/index.html similarity index 100% rename from system1-factory/web/index.html rename to system1-factory/web/public/index.html diff --git a/system1-factory/web/js/api-base.js b/system1-factory/web/public/js/api-base.js similarity index 100% rename from system1-factory/web/js/api-base.js rename to system1-factory/web/public/js/api-base.js diff --git a/system1-factory/web/js/api-config.js b/system1-factory/web/public/js/api-config.js similarity index 100% rename from system1-factory/web/js/api-config.js rename to system1-factory/web/public/js/api-config.js diff --git a/system1-factory/web/js/attendance-validation.js b/system1-factory/web/public/js/attendance-validation.js similarity index 100% rename from system1-factory/web/js/attendance-validation.js rename to system1-factory/web/public/js/attendance-validation.js diff --git a/system1-factory/web/js/attendance.js b/system1-factory/web/public/js/attendance.js similarity index 100% rename from system1-factory/web/js/attendance.js rename to system1-factory/web/public/js/attendance.js diff --git a/system1-factory/web/js/auth.js b/system1-factory/web/public/js/auth.js similarity index 100% rename from system1-factory/web/js/auth.js rename to system1-factory/web/public/js/auth.js diff --git a/system1-factory/web/js/calendar.js b/system1-factory/web/public/js/calendar.js similarity index 100% rename from system1-factory/web/js/calendar.js rename to system1-factory/web/public/js/calendar.js diff --git a/system1-factory/web/js/change-password.js b/system1-factory/web/public/js/change-password.js similarity index 100% rename from system1-factory/web/js/change-password.js rename to system1-factory/web/public/js/change-password.js diff --git a/system1-factory/web/js/common/base-state.js b/system1-factory/web/public/js/common/base-state.js similarity index 100% rename from system1-factory/web/js/common/base-state.js rename to system1-factory/web/public/js/common/base-state.js diff --git a/system1-factory/web/js/common/utils.js b/system1-factory/web/public/js/common/utils.js similarity index 100% rename from system1-factory/web/js/common/utils.js rename to system1-factory/web/public/js/common/utils.js diff --git a/system1-factory/web/js/config.js b/system1-factory/web/public/js/config.js similarity index 100% rename from system1-factory/web/js/config.js rename to system1-factory/web/public/js/config.js diff --git a/system1-factory/web/js/daily-issue-api.js b/system1-factory/web/public/js/daily-issue-api.js similarity index 100% rename from system1-factory/web/js/daily-issue-api.js rename to system1-factory/web/public/js/daily-issue-api.js diff --git a/system1-factory/web/js/daily-issue-ui.js b/system1-factory/web/public/js/daily-issue-ui.js similarity index 100% rename from system1-factory/web/js/daily-issue-ui.js rename to system1-factory/web/public/js/daily-issue-ui.js diff --git a/system1-factory/web/js/daily-issue.js b/system1-factory/web/public/js/daily-issue.js similarity index 100% rename from system1-factory/web/js/daily-issue.js rename to system1-factory/web/public/js/daily-issue.js diff --git a/system1-factory/web/js/daily-patrol.js b/system1-factory/web/public/js/daily-patrol.js similarity index 100% rename from system1-factory/web/js/daily-patrol.js rename to system1-factory/web/public/js/daily-patrol.js diff --git a/system1-factory/web/js/daily-status.js b/system1-factory/web/public/js/daily-status.js similarity index 100% rename from system1-factory/web/js/daily-status.js rename to system1-factory/web/public/js/daily-status.js diff --git a/system1-factory/web/js/daily-work-report-mobile.js b/system1-factory/web/public/js/daily-work-report-mobile.js similarity index 100% rename from system1-factory/web/js/daily-work-report-mobile.js rename to system1-factory/web/public/js/daily-work-report-mobile.js diff --git a/system1-factory/web/js/daily-work-report.js b/system1-factory/web/public/js/daily-work-report.js similarity index 100% rename from system1-factory/web/js/daily-work-report.js rename to system1-factory/web/public/js/daily-work-report.js diff --git a/system1-factory/web/js/daily-work-report/api.js b/system1-factory/web/public/js/daily-work-report/api.js similarity index 100% rename from system1-factory/web/js/daily-work-report/api.js rename to system1-factory/web/public/js/daily-work-report/api.js diff --git a/system1-factory/web/js/daily-work-report/state.js b/system1-factory/web/public/js/daily-work-report/state.js similarity index 100% rename from system1-factory/web/js/daily-work-report/state.js rename to system1-factory/web/public/js/daily-work-report/state.js diff --git a/system1-factory/web/js/daily-work-report/utils.js b/system1-factory/web/public/js/daily-work-report/utils.js similarity index 100% rename from system1-factory/web/js/daily-work-report/utils.js rename to system1-factory/web/public/js/daily-work-report/utils.js diff --git a/system1-factory/web/js/department-management.js b/system1-factory/web/public/js/department-management.js similarity index 100% rename from system1-factory/web/js/department-management.js rename to system1-factory/web/public/js/department-management.js diff --git a/system1-factory/web/js/equipment-detail.js b/system1-factory/web/public/js/equipment-detail.js similarity index 100% rename from system1-factory/web/js/equipment-detail.js rename to system1-factory/web/public/js/equipment-detail.js diff --git a/system1-factory/web/js/equipment-management.js b/system1-factory/web/public/js/equipment-management.js similarity index 100% rename from system1-factory/web/js/equipment-management.js rename to system1-factory/web/public/js/equipment-management.js diff --git a/system1-factory/web/js/factory-upload.js b/system1-factory/web/public/js/factory-upload.js similarity index 100% rename from system1-factory/web/js/factory-upload.js rename to system1-factory/web/public/js/factory-upload.js diff --git a/system1-factory/web/js/factory-view.js b/system1-factory/web/public/js/factory-view.js similarity index 100% rename from system1-factory/web/js/factory-view.js rename to system1-factory/web/public/js/factory-view.js diff --git a/system1-factory/web/js/group-leader-dashboard.js b/system1-factory/web/public/js/group-leader-dashboard.js similarity index 100% rename from system1-factory/web/js/group-leader-dashboard.js rename to system1-factory/web/public/js/group-leader-dashboard.js diff --git a/system1-factory/web/js/issue-category-manage.js b/system1-factory/web/public/js/issue-category-manage.js similarity index 100% rename from system1-factory/web/js/issue-category-manage.js rename to system1-factory/web/public/js/issue-category-manage.js diff --git a/system1-factory/web/js/login.js b/system1-factory/web/public/js/login.js similarity index 100% rename from system1-factory/web/js/login.js rename to system1-factory/web/public/js/login.js diff --git a/system1-factory/web/js/manage-issue.js b/system1-factory/web/public/js/manage-issue.js similarity index 100% rename from system1-factory/web/js/manage-issue.js rename to system1-factory/web/public/js/manage-issue.js diff --git a/system1-factory/web/js/manage-pipespec.js b/system1-factory/web/public/js/manage-pipespec.js similarity index 100% rename from system1-factory/web/js/manage-pipespec.js rename to system1-factory/web/public/js/manage-pipespec.js diff --git a/system1-factory/web/js/manage-project.js b/system1-factory/web/public/js/manage-project.js similarity index 100% rename from system1-factory/web/js/manage-project.js rename to system1-factory/web/public/js/manage-project.js diff --git a/system1-factory/web/js/manage-worker.js b/system1-factory/web/public/js/manage-worker.js similarity index 100% rename from system1-factory/web/js/manage-worker.js rename to system1-factory/web/public/js/manage-worker.js diff --git a/system1-factory/web/js/management-dashboard.js b/system1-factory/web/public/js/management-dashboard.js similarity index 100% rename from system1-factory/web/js/management-dashboard.js rename to system1-factory/web/public/js/management-dashboard.js diff --git a/system1-factory/web/js/meeting-detail.js b/system1-factory/web/public/js/meeting-detail.js similarity index 100% rename from system1-factory/web/js/meeting-detail.js rename to system1-factory/web/public/js/meeting-detail.js diff --git a/system1-factory/web/js/meetings.js b/system1-factory/web/public/js/meetings.js similarity index 100% rename from system1-factory/web/js/meetings.js rename to system1-factory/web/public/js/meetings.js diff --git a/system1-factory/web/js/mobile-dashboard.js b/system1-factory/web/public/js/mobile-dashboard.js similarity index 100% rename from system1-factory/web/js/mobile-dashboard.js rename to system1-factory/web/public/js/mobile-dashboard.js diff --git a/system1-factory/web/js/modern-dashboard.js b/system1-factory/web/public/js/modern-dashboard.js similarity index 100% rename from system1-factory/web/js/modern-dashboard.js rename to system1-factory/web/public/js/modern-dashboard.js diff --git a/system1-factory/web/js/monthly-comparison.js b/system1-factory/web/public/js/monthly-comparison.js similarity index 100% rename from system1-factory/web/js/monthly-comparison.js rename to system1-factory/web/public/js/monthly-comparison.js diff --git a/system1-factory/web/js/my-attendance.js b/system1-factory/web/public/js/my-attendance.js similarity index 100% rename from system1-factory/web/js/my-attendance.js rename to system1-factory/web/public/js/my-attendance.js diff --git a/system1-factory/web/js/my-dashboard.js b/system1-factory/web/public/js/my-dashboard.js similarity index 100% rename from system1-factory/web/js/my-dashboard.js rename to system1-factory/web/public/js/my-dashboard.js diff --git a/system1-factory/web/js/my-monthly-confirm.js b/system1-factory/web/public/js/my-monthly-confirm.js similarity index 100% rename from system1-factory/web/js/my-monthly-confirm.js rename to system1-factory/web/public/js/my-monthly-confirm.js diff --git a/system1-factory/web/js/my-profile.js b/system1-factory/web/public/js/my-profile.js similarity index 100% rename from system1-factory/web/js/my-profile.js rename to system1-factory/web/public/js/my-profile.js diff --git a/system1-factory/web/js/navigation.js b/system1-factory/web/public/js/navigation.js similarity index 100% rename from system1-factory/web/js/navigation.js rename to system1-factory/web/public/js/navigation.js diff --git a/system1-factory/web/js/nonconformity-list.js b/system1-factory/web/public/js/nonconformity-list.js similarity index 100% rename from system1-factory/web/js/nonconformity-list.js rename to system1-factory/web/public/js/nonconformity-list.js diff --git a/system1-factory/web/js/production-dashboard.js b/system1-factory/web/public/js/production-dashboard.js similarity index 100% rename from system1-factory/web/js/production-dashboard.js rename to system1-factory/web/public/js/production-dashboard.js diff --git a/system1-factory/web/js/project-analysis-api.js b/system1-factory/web/public/js/project-analysis-api.js similarity index 100% rename from system1-factory/web/js/project-analysis-api.js rename to system1-factory/web/public/js/project-analysis-api.js diff --git a/system1-factory/web/js/project-analysis-ui.js b/system1-factory/web/public/js/project-analysis-ui.js similarity index 100% rename from system1-factory/web/js/project-analysis-ui.js rename to system1-factory/web/public/js/project-analysis-ui.js diff --git a/system1-factory/web/js/project-analysis.js b/system1-factory/web/public/js/project-analysis.js similarity index 100% rename from system1-factory/web/js/project-analysis.js rename to system1-factory/web/public/js/project-analysis.js diff --git a/system1-factory/web/js/project-management.js b/system1-factory/web/public/js/project-management.js similarity index 100% rename from system1-factory/web/js/project-management.js rename to system1-factory/web/public/js/project-management.js diff --git a/system1-factory/web/js/proxy-input.js b/system1-factory/web/public/js/proxy-input.js similarity index 100% rename from system1-factory/web/js/proxy-input.js rename to system1-factory/web/public/js/proxy-input.js diff --git a/system1-factory/web/js/schedule.js b/system1-factory/web/public/js/schedule.js similarity index 100% rename from system1-factory/web/js/schedule.js rename to system1-factory/web/public/js/schedule.js diff --git a/system1-factory/web/js/sso-relay.js b/system1-factory/web/public/js/sso-relay.js similarity index 100% rename from system1-factory/web/js/sso-relay.js rename to system1-factory/web/public/js/sso-relay.js diff --git a/system1-factory/web/js/system-dashboard.js b/system1-factory/web/public/js/system-dashboard.js similarity index 100% rename from system1-factory/web/js/system-dashboard.js rename to system1-factory/web/public/js/system-dashboard.js diff --git a/system1-factory/web/js/task-management.js b/system1-factory/web/public/js/task-management.js similarity index 100% rename from system1-factory/web/js/task-management.js rename to system1-factory/web/public/js/task-management.js diff --git a/system1-factory/web/js/tbm-create.js b/system1-factory/web/public/js/tbm-create.js similarity index 100% rename from system1-factory/web/js/tbm-create.js rename to system1-factory/web/public/js/tbm-create.js diff --git a/system1-factory/web/js/tbm-mobile.js b/system1-factory/web/public/js/tbm-mobile.js similarity index 100% rename from system1-factory/web/js/tbm-mobile.js rename to system1-factory/web/public/js/tbm-mobile.js diff --git a/system1-factory/web/js/tbm.js b/system1-factory/web/public/js/tbm.js similarity index 100% rename from system1-factory/web/js/tbm.js rename to system1-factory/web/public/js/tbm.js diff --git a/system1-factory/web/js/tbm/api.js b/system1-factory/web/public/js/tbm/api.js similarity index 100% rename from system1-factory/web/js/tbm/api.js rename to system1-factory/web/public/js/tbm/api.js diff --git a/system1-factory/web/js/tbm/state.js b/system1-factory/web/public/js/tbm/state.js similarity index 100% rename from system1-factory/web/js/tbm/state.js rename to system1-factory/web/public/js/tbm/state.js diff --git a/system1-factory/web/js/tbm/utils.js b/system1-factory/web/public/js/tbm/utils.js similarity index 100% rename from system1-factory/web/js/tbm/utils.js rename to system1-factory/web/public/js/tbm/utils.js diff --git a/system1-factory/web/js/user-dashboard.js b/system1-factory/web/public/js/user-dashboard.js similarity index 100% rename from system1-factory/web/js/user-dashboard.js rename to system1-factory/web/public/js/user-dashboard.js diff --git a/system1-factory/web/js/vacation-allocation.js b/system1-factory/web/public/js/vacation-allocation.js similarity index 100% rename from system1-factory/web/js/vacation-allocation.js rename to system1-factory/web/public/js/vacation-allocation.js diff --git a/system1-factory/web/js/vacation-common.js b/system1-factory/web/public/js/vacation-common.js similarity index 100% rename from system1-factory/web/js/vacation-common.js rename to system1-factory/web/public/js/vacation-common.js diff --git a/system1-factory/web/js/work-analysis.js b/system1-factory/web/public/js/work-analysis.js similarity index 100% rename from system1-factory/web/js/work-analysis.js rename to system1-factory/web/public/js/work-analysis.js diff --git a/system1-factory/web/js/work-analysis/api-client.js b/system1-factory/web/public/js/work-analysis/api-client.js similarity index 100% rename from system1-factory/web/js/work-analysis/api-client.js rename to system1-factory/web/public/js/work-analysis/api-client.js diff --git a/system1-factory/web/js/work-analysis/chart-renderer.js b/system1-factory/web/public/js/work-analysis/chart-renderer.js similarity index 100% rename from system1-factory/web/js/work-analysis/chart-renderer.js rename to system1-factory/web/public/js/work-analysis/chart-renderer.js diff --git a/system1-factory/web/js/work-analysis/data-processor.js b/system1-factory/web/public/js/work-analysis/data-processor.js similarity index 100% rename from system1-factory/web/js/work-analysis/data-processor.js rename to system1-factory/web/public/js/work-analysis/data-processor.js diff --git a/system1-factory/web/js/work-analysis/main-controller.js b/system1-factory/web/public/js/work-analysis/main-controller.js similarity index 100% rename from system1-factory/web/js/work-analysis/main-controller.js rename to system1-factory/web/public/js/work-analysis/main-controller.js diff --git a/system1-factory/web/js/work-analysis/module-loader.js b/system1-factory/web/public/js/work-analysis/module-loader.js similarity index 100% rename from system1-factory/web/js/work-analysis/module-loader.js rename to system1-factory/web/public/js/work-analysis/module-loader.js diff --git a/system1-factory/web/js/work-analysis/state-manager.js b/system1-factory/web/public/js/work-analysis/state-manager.js similarity index 100% rename from system1-factory/web/js/work-analysis/state-manager.js rename to system1-factory/web/public/js/work-analysis/state-manager.js diff --git a/system1-factory/web/js/work-analysis/table-renderer.js b/system1-factory/web/public/js/work-analysis/table-renderer.js similarity index 100% rename from system1-factory/web/js/work-analysis/table-renderer.js rename to system1-factory/web/public/js/work-analysis/table-renderer.js diff --git a/system1-factory/web/js/work-management.js b/system1-factory/web/public/js/work-management.js similarity index 100% rename from system1-factory/web/js/work-management.js rename to system1-factory/web/public/js/work-management.js diff --git a/system1-factory/web/js/work-report-manage.js b/system1-factory/web/public/js/work-report-manage.js similarity index 100% rename from system1-factory/web/js/work-report-manage.js rename to system1-factory/web/public/js/work-report-manage.js diff --git a/system1-factory/web/js/work-report-review.js b/system1-factory/web/public/js/work-report-review.js similarity index 100% rename from system1-factory/web/js/work-report-review.js rename to system1-factory/web/public/js/work-report-review.js diff --git a/system1-factory/web/js/work-review.js b/system1-factory/web/public/js/work-review.js similarity index 100% rename from system1-factory/web/js/work-review.js rename to system1-factory/web/public/js/work-review.js diff --git a/system1-factory/web/js/worker-individual-report.js b/system1-factory/web/public/js/worker-individual-report.js similarity index 100% rename from system1-factory/web/js/worker-individual-report.js rename to system1-factory/web/public/js/worker-individual-report.js diff --git a/system1-factory/web/js/workplace-layout-map.js b/system1-factory/web/public/js/workplace-layout-map.js similarity index 100% rename from system1-factory/web/js/workplace-layout-map.js rename to system1-factory/web/public/js/workplace-layout-map.js diff --git a/system1-factory/web/js/workplace-management.js b/system1-factory/web/public/js/workplace-management.js similarity index 100% rename from system1-factory/web/js/workplace-management.js rename to system1-factory/web/public/js/workplace-management.js diff --git a/system1-factory/web/js/workplace-management/api.js b/system1-factory/web/public/js/workplace-management/api.js similarity index 100% rename from system1-factory/web/js/workplace-management/api.js rename to system1-factory/web/public/js/workplace-management/api.js diff --git a/system1-factory/web/js/workplace-management/index.js b/system1-factory/web/public/js/workplace-management/index.js similarity index 100% rename from system1-factory/web/js/workplace-management/index.js rename to system1-factory/web/public/js/workplace-management/index.js diff --git a/system1-factory/web/js/workplace-management/state.js b/system1-factory/web/public/js/workplace-management/state.js similarity index 100% rename from system1-factory/web/js/workplace-management/state.js rename to system1-factory/web/public/js/workplace-management/state.js diff --git a/system1-factory/web/js/workplace-management/utils.js b/system1-factory/web/public/js/workplace-management/utils.js similarity index 100% rename from system1-factory/web/js/workplace-management/utils.js rename to system1-factory/web/public/js/workplace-management/utils.js diff --git a/system1-factory/web/js/workplace-status.js b/system1-factory/web/public/js/workplace-status.js similarity index 100% rename from system1-factory/web/js/workplace-status.js rename to system1-factory/web/public/js/workplace-status.js diff --git a/system1-factory/web/js/zone-detail.js b/system1-factory/web/public/js/zone-detail.js similarity index 100% rename from system1-factory/web/js/zone-detail.js rename to system1-factory/web/public/js/zone-detail.js diff --git a/system1-factory/web/logo.png b/system1-factory/web/public/logo.png similarity index 100% rename from system1-factory/web/logo.png rename to system1-factory/web/public/logo.png diff --git a/system1-factory/web/manifest.json b/system1-factory/web/public/manifest.json similarity index 100% rename from system1-factory/web/manifest.json rename to system1-factory/web/public/manifest.json diff --git a/system1-factory/web/pages/admin/.gitkeep b/system1-factory/web/public/pages/admin/.gitkeep similarity index 100% rename from system1-factory/web/pages/admin/.gitkeep rename to system1-factory/web/public/pages/admin/.gitkeep diff --git a/system1-factory/web/pages/admin/attendance-report.html b/system1-factory/web/public/pages/admin/attendance-report.html similarity index 100% rename from system1-factory/web/pages/admin/attendance-report.html rename to system1-factory/web/public/pages/admin/attendance-report.html diff --git a/system1-factory/web/pages/admin/departments.html b/system1-factory/web/public/pages/admin/departments.html similarity index 100% rename from system1-factory/web/pages/admin/departments.html rename to system1-factory/web/public/pages/admin/departments.html diff --git a/system1-factory/web/pages/admin/equipment-detail.html b/system1-factory/web/public/pages/admin/equipment-detail.html similarity index 100% rename from system1-factory/web/pages/admin/equipment-detail.html rename to system1-factory/web/public/pages/admin/equipment-detail.html diff --git a/system1-factory/web/pages/admin/equipments.html b/system1-factory/web/public/pages/admin/equipments.html similarity index 100% rename from system1-factory/web/pages/admin/equipments.html rename to system1-factory/web/public/pages/admin/equipments.html diff --git a/system1-factory/web/pages/admin/issue-categories.html b/system1-factory/web/public/pages/admin/issue-categories.html similarity index 100% rename from system1-factory/web/pages/admin/issue-categories.html rename to system1-factory/web/public/pages/admin/issue-categories.html diff --git a/system1-factory/web/pages/admin/notifications.html b/system1-factory/web/public/pages/admin/notifications.html similarity index 100% rename from system1-factory/web/pages/admin/notifications.html rename to system1-factory/web/public/pages/admin/notifications.html diff --git a/system1-factory/web/pages/admin/projects.html b/system1-factory/web/public/pages/admin/projects.html similarity index 100% rename from system1-factory/web/pages/admin/projects.html rename to system1-factory/web/public/pages/admin/projects.html diff --git a/system1-factory/web/pages/admin/purchase-analysis.html b/system1-factory/web/public/pages/admin/purchase-analysis.html similarity index 100% rename from system1-factory/web/pages/admin/purchase-analysis.html rename to system1-factory/web/public/pages/admin/purchase-analysis.html diff --git a/system1-factory/web/pages/admin/repair-management.html b/system1-factory/web/public/pages/admin/repair-management.html similarity index 100% rename from system1-factory/web/pages/admin/repair-management.html rename to system1-factory/web/public/pages/admin/repair-management.html diff --git a/system1-factory/web/pages/admin/tasks.html b/system1-factory/web/public/pages/admin/tasks.html similarity index 100% rename from system1-factory/web/pages/admin/tasks.html rename to system1-factory/web/public/pages/admin/tasks.html diff --git a/system1-factory/web/pages/admin/workplaces.html b/system1-factory/web/public/pages/admin/workplaces.html similarity index 100% rename from system1-factory/web/pages/admin/workplaces.html rename to system1-factory/web/public/pages/admin/workplaces.html diff --git a/system1-factory/web/pages/attendance/annual-overview.html b/system1-factory/web/public/pages/attendance/annual-overview.html similarity index 100% rename from system1-factory/web/pages/attendance/annual-overview.html rename to system1-factory/web/public/pages/attendance/annual-overview.html diff --git a/system1-factory/web/pages/attendance/checkin.html b/system1-factory/web/public/pages/attendance/checkin.html similarity index 100% rename from system1-factory/web/pages/attendance/checkin.html rename to system1-factory/web/public/pages/attendance/checkin.html diff --git a/system1-factory/web/pages/attendance/daily.html b/system1-factory/web/public/pages/attendance/daily.html similarity index 100% rename from system1-factory/web/pages/attendance/daily.html rename to system1-factory/web/public/pages/attendance/daily.html diff --git a/system1-factory/web/pages/attendance/monthly-comparison.html b/system1-factory/web/public/pages/attendance/monthly-comparison.html similarity index 100% rename from system1-factory/web/pages/attendance/monthly-comparison.html rename to system1-factory/web/public/pages/attendance/monthly-comparison.html diff --git a/system1-factory/web/pages/attendance/monthly.html b/system1-factory/web/public/pages/attendance/monthly.html similarity index 100% rename from system1-factory/web/pages/attendance/monthly.html rename to system1-factory/web/public/pages/attendance/monthly.html diff --git a/system1-factory/web/pages/attendance/my-monthly-confirm.html b/system1-factory/web/public/pages/attendance/my-monthly-confirm.html similarity index 100% rename from system1-factory/web/pages/attendance/my-monthly-confirm.html rename to system1-factory/web/public/pages/attendance/my-monthly-confirm.html diff --git a/system1-factory/web/pages/attendance/my-vacation-info.html b/system1-factory/web/public/pages/attendance/my-vacation-info.html similarity index 100% rename from system1-factory/web/pages/attendance/my-vacation-info.html rename to system1-factory/web/public/pages/attendance/my-vacation-info.html diff --git a/system1-factory/web/pages/attendance/vacation-allocation.html b/system1-factory/web/public/pages/attendance/vacation-allocation.html similarity index 100% rename from system1-factory/web/pages/attendance/vacation-allocation.html rename to system1-factory/web/public/pages/attendance/vacation-allocation.html diff --git a/system1-factory/web/pages/attendance/vacation-approval.html b/system1-factory/web/public/pages/attendance/vacation-approval.html similarity index 100% rename from system1-factory/web/pages/attendance/vacation-approval.html rename to system1-factory/web/public/pages/attendance/vacation-approval.html diff --git a/system1-factory/web/pages/attendance/vacation-input.html b/system1-factory/web/public/pages/attendance/vacation-input.html similarity index 100% rename from system1-factory/web/pages/attendance/vacation-input.html rename to system1-factory/web/public/pages/attendance/vacation-input.html diff --git a/system1-factory/web/pages/attendance/vacation-management.html b/system1-factory/web/public/pages/attendance/vacation-management.html similarity index 100% rename from system1-factory/web/pages/attendance/vacation-management.html rename to system1-factory/web/public/pages/attendance/vacation-management.html diff --git a/system1-factory/web/pages/attendance/vacation-request.html b/system1-factory/web/public/pages/attendance/vacation-request.html similarity index 100% rename from system1-factory/web/pages/attendance/vacation-request.html rename to system1-factory/web/public/pages/attendance/vacation-request.html diff --git a/system1-factory/web/pages/attendance/work-status.html b/system1-factory/web/public/pages/attendance/work-status.html similarity index 100% rename from system1-factory/web/pages/attendance/work-status.html rename to system1-factory/web/public/pages/attendance/work-status.html diff --git a/system1-factory/web/pages/dashboard-new.html b/system1-factory/web/public/pages/dashboard-new.html similarity index 100% rename from system1-factory/web/pages/dashboard-new.html rename to system1-factory/web/public/pages/dashboard-new.html diff --git a/system1-factory/web/pages/dashboard.html b/system1-factory/web/public/pages/dashboard.html similarity index 100% rename from system1-factory/web/pages/dashboard.html rename to system1-factory/web/public/pages/dashboard.html diff --git a/system1-factory/web/pages/inspection/daily-patrol.html b/system1-factory/web/public/pages/inspection/daily-patrol.html similarity index 100% rename from system1-factory/web/pages/inspection/daily-patrol.html rename to system1-factory/web/public/pages/inspection/daily-patrol.html diff --git a/system1-factory/web/pages/inspection/zone-detail.html b/system1-factory/web/public/pages/inspection/zone-detail.html similarity index 100% rename from system1-factory/web/pages/inspection/zone-detail.html rename to system1-factory/web/public/pages/inspection/zone-detail.html diff --git a/system1-factory/web/pages/profile/info.html b/system1-factory/web/public/pages/profile/info.html similarity index 100% rename from system1-factory/web/pages/profile/info.html rename to system1-factory/web/public/pages/profile/info.html diff --git a/system1-factory/web/pages/profile/password.html b/system1-factory/web/public/pages/profile/password.html similarity index 100% rename from system1-factory/web/pages/profile/password.html rename to system1-factory/web/public/pages/profile/password.html diff --git a/system1-factory/web/pages/purchase/request-mobile.html b/system1-factory/web/public/pages/purchase/request-mobile.html similarity index 100% rename from system1-factory/web/pages/purchase/request-mobile.html rename to system1-factory/web/public/pages/purchase/request-mobile.html diff --git a/system1-factory/web/pages/purchase/request.html b/system1-factory/web/public/pages/purchase/request.html similarity index 100% rename from system1-factory/web/pages/purchase/request.html rename to system1-factory/web/public/pages/purchase/request.html diff --git a/system1-factory/web/pages/work/.gitkeep b/system1-factory/web/public/pages/work/.gitkeep similarity index 100% rename from system1-factory/web/pages/work/.gitkeep rename to system1-factory/web/public/pages/work/.gitkeep diff --git a/system1-factory/web/pages/work/analysis.html b/system1-factory/web/public/pages/work/analysis.html similarity index 100% rename from system1-factory/web/pages/work/analysis.html rename to system1-factory/web/public/pages/work/analysis.html diff --git a/system1-factory/web/pages/work/daily-status.html b/system1-factory/web/public/pages/work/daily-status.html similarity index 100% rename from system1-factory/web/pages/work/daily-status.html rename to system1-factory/web/public/pages/work/daily-status.html diff --git a/system1-factory/web/pages/work/meeting-detail.html b/system1-factory/web/public/pages/work/meeting-detail.html similarity index 100% rename from system1-factory/web/pages/work/meeting-detail.html rename to system1-factory/web/public/pages/work/meeting-detail.html diff --git a/system1-factory/web/pages/work/meetings.html b/system1-factory/web/public/pages/work/meetings.html similarity index 100% rename from system1-factory/web/pages/work/meetings.html rename to system1-factory/web/public/pages/work/meetings.html diff --git a/system1-factory/web/pages/work/proxy-input.html b/system1-factory/web/public/pages/work/proxy-input.html similarity index 100% rename from system1-factory/web/pages/work/proxy-input.html rename to system1-factory/web/public/pages/work/proxy-input.html diff --git a/system1-factory/web/pages/work/report-create-mobile.html b/system1-factory/web/public/pages/work/report-create-mobile.html similarity index 100% rename from system1-factory/web/pages/work/report-create-mobile.html rename to system1-factory/web/public/pages/work/report-create-mobile.html diff --git a/system1-factory/web/pages/work/report-create.html b/system1-factory/web/public/pages/work/report-create.html similarity index 100% rename from system1-factory/web/pages/work/report-create.html rename to system1-factory/web/public/pages/work/report-create.html diff --git a/system1-factory/web/pages/work/schedule.html b/system1-factory/web/public/pages/work/schedule.html similarity index 100% rename from system1-factory/web/pages/work/schedule.html rename to system1-factory/web/public/pages/work/schedule.html diff --git a/system1-factory/web/pages/work/tbm-create.html b/system1-factory/web/public/pages/work/tbm-create.html similarity index 100% rename from system1-factory/web/pages/work/tbm-create.html rename to system1-factory/web/public/pages/work/tbm-create.html diff --git a/system1-factory/web/pages/work/tbm-mobile.html b/system1-factory/web/public/pages/work/tbm-mobile.html similarity index 100% rename from system1-factory/web/pages/work/tbm-mobile.html rename to system1-factory/web/public/pages/work/tbm-mobile.html diff --git a/system1-factory/web/pages/work/tbm.html b/system1-factory/web/public/pages/work/tbm.html similarity index 100% rename from system1-factory/web/pages/work/tbm.html rename to system1-factory/web/public/pages/work/tbm.html diff --git a/system1-factory/web/static/css/tkfb.css b/system1-factory/web/public/static/css/tkfb.css similarity index 100% rename from system1-factory/web/static/css/tkfb.css rename to system1-factory/web/public/static/css/tkfb.css diff --git a/system1-factory/web/static/js/purchase-analysis.js b/system1-factory/web/public/static/js/purchase-analysis.js similarity index 100% rename from system1-factory/web/static/js/purchase-analysis.js rename to system1-factory/web/public/static/js/purchase-analysis.js diff --git a/system1-factory/web/static/js/purchase-request-mobile.js b/system1-factory/web/public/static/js/purchase-request-mobile.js similarity index 100% rename from system1-factory/web/static/js/purchase-request-mobile.js rename to system1-factory/web/public/static/js/purchase-request-mobile.js diff --git a/system1-factory/web/static/js/purchase-request.js b/system1-factory/web/public/static/js/purchase-request.js similarity index 100% rename from system1-factory/web/static/js/purchase-request.js rename to system1-factory/web/public/static/js/purchase-request.js diff --git a/system1-factory/web/static/js/shared-bottom-nav.js b/system1-factory/web/public/static/js/shared-bottom-nav.js similarity index 100% rename from system1-factory/web/static/js/shared-bottom-nav.js rename to system1-factory/web/public/static/js/shared-bottom-nav.js diff --git a/system1-factory/web/static/js/tkfb-core.js b/system1-factory/web/public/static/js/tkfb-core.js similarity index 100% rename from system1-factory/web/static/js/tkfb-core.js rename to system1-factory/web/public/static/js/tkfb-core.js diff --git a/system1-factory/web/static/js/tkfb-dashboard.js b/system1-factory/web/public/static/js/tkfb-dashboard.js similarity index 100% rename from system1-factory/web/static/js/tkfb-dashboard.js rename to system1-factory/web/public/static/js/tkfb-dashboard.js diff --git a/system1-factory/web/sw.js b/system1-factory/web/public/sw.js similarity index 100% rename from system1-factory/web/sw.js rename to system1-factory/web/public/sw.js diff --git a/system2-report/web/css/chat-report.css b/system2-report/web/public/css/chat-report.css similarity index 100% rename from system2-report/web/css/chat-report.css rename to system2-report/web/public/css/chat-report.css diff --git a/system2-report/web/css/common.css b/system2-report/web/public/css/common.css similarity index 100% rename from system2-report/web/css/common.css rename to system2-report/web/public/css/common.css diff --git a/system2-report/web/css/design-system.css b/system2-report/web/public/css/design-system.css similarity index 100% rename from system2-report/web/css/design-system.css rename to system2-report/web/public/css/design-system.css diff --git a/system2-report/web/css/project-management.css b/system2-report/web/public/css/project-management.css similarity index 100% rename from system2-report/web/css/project-management.css rename to system2-report/web/public/css/project-management.css diff --git a/system2-report/web/img/favicon.png b/system2-report/web/public/img/favicon.png similarity index 100% rename from system2-report/web/img/favicon.png rename to system2-report/web/public/img/favicon.png diff --git a/system2-report/web/js/api-base.js b/system2-report/web/public/js/api-base.js similarity index 100% rename from system2-report/web/js/api-base.js rename to system2-report/web/public/js/api-base.js diff --git a/system2-report/web/js/app-init.js b/system2-report/web/public/js/app-init.js similarity index 100% rename from system2-report/web/js/app-init.js rename to system2-report/web/public/js/app-init.js diff --git a/system2-report/web/js/chat-report.js b/system2-report/web/public/js/chat-report.js similarity index 100% rename from system2-report/web/js/chat-report.js rename to system2-report/web/public/js/chat-report.js diff --git a/system2-report/web/js/cross-nav.js b/system2-report/web/public/js/cross-nav.js similarity index 100% rename from system2-report/web/js/cross-nav.js rename to system2-report/web/public/js/cross-nav.js diff --git a/system2-report/web/js/issue-category-manage.js b/system2-report/web/public/js/issue-category-manage.js similarity index 100% rename from system2-report/web/js/issue-category-manage.js rename to system2-report/web/public/js/issue-category-manage.js diff --git a/system2-report/web/js/issue-detail.js b/system2-report/web/public/js/issue-detail.js similarity index 100% rename from system2-report/web/js/issue-detail.js rename to system2-report/web/public/js/issue-detail.js diff --git a/system2-report/web/js/issue-report.js b/system2-report/web/public/js/issue-report.js similarity index 100% rename from system2-report/web/js/issue-report.js rename to system2-report/web/public/js/issue-report.js diff --git a/system2-report/web/js/safety-report-list.js b/system2-report/web/public/js/safety-report-list.js similarity index 100% rename from system2-report/web/js/safety-report-list.js rename to system2-report/web/public/js/safety-report-list.js diff --git a/system2-report/web/js/sso-relay.js b/system2-report/web/public/js/sso-relay.js similarity index 100% rename from system2-report/web/js/sso-relay.js rename to system2-report/web/public/js/sso-relay.js diff --git a/system2-report/web/js/work-issue-report.js b/system2-report/web/public/js/work-issue-report.js similarity index 100% rename from system2-report/web/js/work-issue-report.js rename to system2-report/web/public/js/work-issue-report.js diff --git a/system2-report/web/pages/safety/chat-report.html b/system2-report/web/public/pages/safety/chat-report.html similarity index 100% rename from system2-report/web/pages/safety/chat-report.html rename to system2-report/web/public/pages/safety/chat-report.html diff --git a/system2-report/web/pages/safety/issue-detail.html b/system2-report/web/public/pages/safety/issue-detail.html similarity index 100% rename from system2-report/web/pages/safety/issue-detail.html rename to system2-report/web/public/pages/safety/issue-detail.html diff --git a/system2-report/web/pages/safety/issue-report.html b/system2-report/web/public/pages/safety/issue-report.html similarity index 100% rename from system2-report/web/pages/safety/issue-report.html rename to system2-report/web/public/pages/safety/issue-report.html diff --git a/system2-report/web/pages/safety/report-status.html b/system2-report/web/public/pages/safety/report-status.html similarity index 100% rename from system2-report/web/pages/safety/report-status.html rename to system2-report/web/public/pages/safety/report-status.html diff --git a/system2-report/web/push-sw.js b/system2-report/web/public/push-sw.js similarity index 100% rename from system2-report/web/push-sw.js rename to system2-report/web/public/push-sw.js diff --git a/system3-nonconformance/web/ai-assistant.html b/system3-nonconformance/web/public/ai-assistant.html similarity index 100% rename from system3-nonconformance/web/ai-assistant.html rename to system3-nonconformance/web/public/ai-assistant.html diff --git a/system3-nonconformance/web/app.html b/system3-nonconformance/web/public/app.html similarity index 100% rename from system3-nonconformance/web/app.html rename to system3-nonconformance/web/public/app.html diff --git a/system3-nonconformance/web/favicon.ico b/system3-nonconformance/web/public/favicon.ico similarity index 100% rename from system3-nonconformance/web/favicon.ico rename to system3-nonconformance/web/public/favicon.ico diff --git a/system3-nonconformance/web/issue-view.html b/system3-nonconformance/web/public/issue-view.html similarity index 99% rename from system3-nonconformance/web/issue-view.html rename to system3-nonconformance/web/public/issue-view.html index ae96a9e..88ea7ed 100644 --- a/system3-nonconformance/web/issue-view.html +++ b/system3-nonconformance/web/public/issue-view.html @@ -117,6 +117,6 @@ - + diff --git a/system3-nonconformance/web/issues-archive.html b/system3-nonconformance/web/public/issues-archive.html similarity index 100% rename from system3-nonconformance/web/issues-archive.html rename to system3-nonconformance/web/public/issues-archive.html diff --git a/system3-nonconformance/web/issues-dashboard.html b/system3-nonconformance/web/public/issues-dashboard.html similarity index 100% rename from system3-nonconformance/web/issues-dashboard.html rename to system3-nonconformance/web/public/issues-dashboard.html diff --git a/system3-nonconformance/web/issues-inbox.html b/system3-nonconformance/web/public/issues-inbox.html similarity index 100% rename from system3-nonconformance/web/issues-inbox.html rename to system3-nonconformance/web/public/issues-inbox.html diff --git a/system3-nonconformance/web/issues-management.html b/system3-nonconformance/web/public/issues-management.html similarity index 100% rename from system3-nonconformance/web/issues-management.html rename to system3-nonconformance/web/public/issues-management.html diff --git a/system3-nonconformance/web/m/dashboard.html b/system3-nonconformance/web/public/m/dashboard.html similarity index 100% rename from system3-nonconformance/web/m/dashboard.html rename to system3-nonconformance/web/public/m/dashboard.html diff --git a/system3-nonconformance/web/m/inbox.html b/system3-nonconformance/web/public/m/inbox.html similarity index 100% rename from system3-nonconformance/web/m/inbox.html rename to system3-nonconformance/web/public/m/inbox.html diff --git a/system3-nonconformance/web/m/management.html b/system3-nonconformance/web/public/m/management.html similarity index 100% rename from system3-nonconformance/web/m/management.html rename to system3-nonconformance/web/public/m/management.html diff --git a/system3-nonconformance/web/push-sw.js b/system3-nonconformance/web/public/push-sw.js similarity index 100% rename from system3-nonconformance/web/push-sw.js rename to system3-nonconformance/web/public/push-sw.js diff --git a/system3-nonconformance/web/reports-daily.html b/system3-nonconformance/web/public/reports-daily.html similarity index 100% rename from system3-nonconformance/web/reports-daily.html rename to system3-nonconformance/web/public/reports-daily.html diff --git a/system3-nonconformance/web/reports-monthly.html b/system3-nonconformance/web/public/reports-monthly.html similarity index 100% rename from system3-nonconformance/web/reports-monthly.html rename to system3-nonconformance/web/public/reports-monthly.html diff --git a/system3-nonconformance/web/reports-weekly.html b/system3-nonconformance/web/public/reports-weekly.html similarity index 100% rename from system3-nonconformance/web/reports-weekly.html rename to system3-nonconformance/web/public/reports-weekly.html diff --git a/system3-nonconformance/web/reports.html b/system3-nonconformance/web/public/reports.html similarity index 100% rename from system3-nonconformance/web/reports.html rename to system3-nonconformance/web/public/reports.html diff --git a/system3-nonconformance/web/static/css/ai-assistant.css b/system3-nonconformance/web/public/static/css/ai-assistant.css similarity index 100% rename from system3-nonconformance/web/static/css/ai-assistant.css rename to system3-nonconformance/web/public/static/css/ai-assistant.css diff --git a/system3-nonconformance/web/static/css/issue-view.css b/system3-nonconformance/web/public/static/css/issue-view.css similarity index 100% rename from system3-nonconformance/web/static/css/issue-view.css rename to system3-nonconformance/web/public/static/css/issue-view.css diff --git a/system3-nonconformance/web/static/css/issues-archive.css b/system3-nonconformance/web/public/static/css/issues-archive.css similarity index 100% rename from system3-nonconformance/web/static/css/issues-archive.css rename to system3-nonconformance/web/public/static/css/issues-archive.css diff --git a/system3-nonconformance/web/static/css/issues-dashboard.css b/system3-nonconformance/web/public/static/css/issues-dashboard.css similarity index 100% rename from system3-nonconformance/web/static/css/issues-dashboard.css rename to system3-nonconformance/web/public/static/css/issues-dashboard.css diff --git a/system3-nonconformance/web/static/css/issues-inbox.css b/system3-nonconformance/web/public/static/css/issues-inbox.css similarity index 100% rename from system3-nonconformance/web/static/css/issues-inbox.css rename to system3-nonconformance/web/public/static/css/issues-inbox.css diff --git a/system3-nonconformance/web/static/css/issues-management.css b/system3-nonconformance/web/public/static/css/issues-management.css similarity index 100% rename from system3-nonconformance/web/static/css/issues-management.css rename to system3-nonconformance/web/public/static/css/issues-management.css diff --git a/system3-nonconformance/web/static/css/m-common.css b/system3-nonconformance/web/public/static/css/m-common.css similarity index 100% rename from system3-nonconformance/web/static/css/m-common.css rename to system3-nonconformance/web/public/static/css/m-common.css diff --git a/system3-nonconformance/web/static/css/mobile-calendar.css b/system3-nonconformance/web/public/static/css/mobile-calendar.css similarity index 100% rename from system3-nonconformance/web/static/css/mobile-calendar.css rename to system3-nonconformance/web/public/static/css/mobile-calendar.css diff --git a/system3-nonconformance/web/static/css/tkqc-common.css b/system3-nonconformance/web/public/static/css/tkqc-common.css similarity index 100% rename from system3-nonconformance/web/static/css/tkqc-common.css rename to system3-nonconformance/web/public/static/css/tkqc-common.css diff --git a/system3-nonconformance/web/static/js/api.js b/system3-nonconformance/web/public/static/js/api.js similarity index 100% rename from system3-nonconformance/web/static/js/api.js rename to system3-nonconformance/web/public/static/js/api.js diff --git a/system3-nonconformance/web/static/js/app.js b/system3-nonconformance/web/public/static/js/app.js similarity index 100% rename from system3-nonconformance/web/static/js/app.js rename to system3-nonconformance/web/public/static/js/app.js diff --git a/system3-nonconformance/web/static/js/components/common-header.js b/system3-nonconformance/web/public/static/js/components/common-header.js similarity index 100% rename from system3-nonconformance/web/static/js/components/common-header.js rename to system3-nonconformance/web/public/static/js/components/common-header.js diff --git a/system3-nonconformance/web/static/js/components/mobile-bottom-nav.js b/system3-nonconformance/web/public/static/js/components/mobile-bottom-nav.js similarity index 100% rename from system3-nonconformance/web/static/js/components/mobile-bottom-nav.js rename to system3-nonconformance/web/public/static/js/components/mobile-bottom-nav.js diff --git a/system3-nonconformance/web/static/js/components/mobile-calendar.js b/system3-nonconformance/web/public/static/js/components/mobile-calendar.js similarity index 100% rename from system3-nonconformance/web/static/js/components/mobile-calendar.js rename to system3-nonconformance/web/public/static/js/components/mobile-calendar.js diff --git a/system3-nonconformance/web/static/js/core/auth-manager.js b/system3-nonconformance/web/public/static/js/core/auth-manager.js similarity index 100% rename from system3-nonconformance/web/static/js/core/auth-manager.js rename to system3-nonconformance/web/public/static/js/core/auth-manager.js diff --git a/system3-nonconformance/web/static/js/core/keyboard-shortcuts.js b/system3-nonconformance/web/public/static/js/core/keyboard-shortcuts.js similarity index 100% rename from system3-nonconformance/web/static/js/core/keyboard-shortcuts.js rename to system3-nonconformance/web/public/static/js/core/keyboard-shortcuts.js diff --git a/system3-nonconformance/web/static/js/core/page-manager.js b/system3-nonconformance/web/public/static/js/core/page-manager.js similarity index 100% rename from system3-nonconformance/web/static/js/core/page-manager.js rename to system3-nonconformance/web/public/static/js/core/page-manager.js diff --git a/system3-nonconformance/web/static/js/core/page-preloader.js b/system3-nonconformance/web/public/static/js/core/page-preloader.js similarity index 100% rename from system3-nonconformance/web/static/js/core/page-preloader.js rename to system3-nonconformance/web/public/static/js/core/page-preloader.js diff --git a/system3-nonconformance/web/static/js/core/permissions.js b/system3-nonconformance/web/public/static/js/core/permissions.js similarity index 100% rename from system3-nonconformance/web/static/js/core/permissions.js rename to system3-nonconformance/web/public/static/js/core/permissions.js diff --git a/system3-nonconformance/web/static/js/date-utils.js b/system3-nonconformance/web/public/static/js/date-utils.js similarity index 100% rename from system3-nonconformance/web/static/js/date-utils.js rename to system3-nonconformance/web/public/static/js/date-utils.js diff --git a/system3-nonconformance/web/static/js/image-utils.js b/system3-nonconformance/web/public/static/js/image-utils.js similarity index 100% rename from system3-nonconformance/web/static/js/image-utils.js rename to system3-nonconformance/web/public/static/js/image-utils.js diff --git a/system3-nonconformance/web/static/js/lib/purify.min.js b/system3-nonconformance/web/public/static/js/lib/purify.min.js similarity index 100% rename from system3-nonconformance/web/static/js/lib/purify.min.js rename to system3-nonconformance/web/public/static/js/lib/purify.min.js diff --git a/system3-nonconformance/web/static/js/m/m-common.js b/system3-nonconformance/web/public/static/js/m/m-common.js similarity index 100% rename from system3-nonconformance/web/static/js/m/m-common.js rename to system3-nonconformance/web/public/static/js/m/m-common.js diff --git a/system3-nonconformance/web/static/js/m/m-dashboard.js b/system3-nonconformance/web/public/static/js/m/m-dashboard.js similarity index 100% rename from system3-nonconformance/web/static/js/m/m-dashboard.js rename to system3-nonconformance/web/public/static/js/m/m-dashboard.js diff --git a/system3-nonconformance/web/static/js/m/m-inbox.js b/system3-nonconformance/web/public/static/js/m/m-inbox.js similarity index 100% rename from system3-nonconformance/web/static/js/m/m-inbox.js rename to system3-nonconformance/web/public/static/js/m/m-inbox.js diff --git a/system3-nonconformance/web/static/js/m/m-management.js b/system3-nonconformance/web/public/static/js/m/m-management.js similarity index 100% rename from system3-nonconformance/web/static/js/m/m-management.js rename to system3-nonconformance/web/public/static/js/m/m-management.js diff --git a/system3-nonconformance/web/static/js/pages/ai-assistant.js b/system3-nonconformance/web/public/static/js/pages/ai-assistant.js similarity index 100% rename from system3-nonconformance/web/static/js/pages/ai-assistant.js rename to system3-nonconformance/web/public/static/js/pages/ai-assistant.js diff --git a/system3-nonconformance/web/static/js/pages/issue-view.js b/system3-nonconformance/web/public/static/js/pages/issue-view.js similarity index 98% rename from system3-nonconformance/web/static/js/pages/issue-view.js rename to system3-nonconformance/web/public/static/js/pages/issue-view.js index 9a26b90..0fc0954 100644 --- a/system3-nonconformance/web/static/js/pages/issue-view.js +++ b/system3-nonconformance/web/public/static/js/pages/issue-view.js @@ -673,13 +673,20 @@ async function handlePasswordChange(e) { // 현재 비밀번호 확인 (localStorage 기반) let users = JSON.parse(localStorage.getItem('work-report-users') || '[]'); + // 임시 비밀번호 생성 (클라이언트에 하드코딩하지 않음) + function generateTempPassword() { + const arr = new Uint8Array(12); + crypto.getRandomValues(arr); + return Array.from(arr, b => b.toString(36).padStart(2, '0')).join('').slice(0, 16); + } + // 기본 사용자가 없으면 생성 if (users.length === 0) { users = [ { username: 'hyungi', full_name: '관리자', - password: 'djg3-jj34-X3Q3', + password: generateTempPassword(), role: 'admin' } ]; @@ -694,7 +701,7 @@ async function handlePasswordChange(e) { user = { username: username, full_name: username === 'hyungi' ? '관리자' : username, - password: 'djg3-jj34-X3Q3', + password: generateTempPassword(), role: username === 'hyungi' ? 'admin' : 'user' }; users.push(user); diff --git a/system3-nonconformance/web/static/js/pages/issues-archive.js b/system3-nonconformance/web/public/static/js/pages/issues-archive.js similarity index 100% rename from system3-nonconformance/web/static/js/pages/issues-archive.js rename to system3-nonconformance/web/public/static/js/pages/issues-archive.js diff --git a/system3-nonconformance/web/static/js/pages/issues-dashboard.js b/system3-nonconformance/web/public/static/js/pages/issues-dashboard.js similarity index 100% rename from system3-nonconformance/web/static/js/pages/issues-dashboard.js rename to system3-nonconformance/web/public/static/js/pages/issues-dashboard.js diff --git a/system3-nonconformance/web/static/js/pages/issues-inbox.js b/system3-nonconformance/web/public/static/js/pages/issues-inbox.js similarity index 100% rename from system3-nonconformance/web/static/js/pages/issues-inbox.js rename to system3-nonconformance/web/public/static/js/pages/issues-inbox.js diff --git a/system3-nonconformance/web/static/js/pages/issues-management.js b/system3-nonconformance/web/public/static/js/pages/issues-management.js similarity index 100% rename from system3-nonconformance/web/static/js/pages/issues-management.js rename to system3-nonconformance/web/public/static/js/pages/issues-management.js diff --git a/system3-nonconformance/web/static/js/sso-relay.js b/system3-nonconformance/web/public/static/js/sso-relay.js similarity index 100% rename from system3-nonconformance/web/static/js/sso-relay.js rename to system3-nonconformance/web/public/static/js/sso-relay.js diff --git a/system3-nonconformance/web/static/js/utils/issue-helpers.js b/system3-nonconformance/web/public/static/js/utils/issue-helpers.js similarity index 100% rename from system3-nonconformance/web/static/js/utils/issue-helpers.js rename to system3-nonconformance/web/public/static/js/utils/issue-helpers.js diff --git a/system3-nonconformance/web/static/js/utils/photo-modal.js b/system3-nonconformance/web/public/static/js/utils/photo-modal.js similarity index 100% rename from system3-nonconformance/web/static/js/utils/photo-modal.js rename to system3-nonconformance/web/public/static/js/utils/photo-modal.js diff --git a/system3-nonconformance/web/static/js/utils/toast.js b/system3-nonconformance/web/public/static/js/utils/toast.js similarity index 100% rename from system3-nonconformance/web/static/js/utils/toast.js rename to system3-nonconformance/web/public/static/js/utils/toast.js diff --git a/system3-nonconformance/web/sw.js b/system3-nonconformance/web/public/sw.js similarity index 100% rename from system3-nonconformance/web/sw.js rename to system3-nonconformance/web/public/sw.js diff --git a/user-management/api/controllers/pushSubscriptionController.js b/user-management/api/controllers/pushSubscriptionController.js index 8bb3328..3a61479 100644 --- a/user-management/api/controllers/pushSubscriptionController.js +++ b/user-management/api/controllers/pushSubscriptionController.js @@ -61,7 +61,7 @@ const pushSubscriptionController = { topic, serverUrl: process.env.NTFY_EXTERNAL_URL || 'https://ntfy.technicalkorea.net', username: 'subscriber', - password: 'tkfactory-sub-2026' + password: process.env.NTFY_SUB_PASSWORD || '' } }); } catch (error) {