From cc69b452abd1e813952298111eec74f97cda5701 Mon Sep 17 00:00:00 2001 From: Hyungi Ahn Date: Wed, 1 Apr 2026 14:50:16 +0900 Subject: [PATCH] =?UTF-8?q?fix(auth):=20pageAccessRoutes=20=EB=B6=80?= =?UTF-8?q?=EC=84=9C=20=EC=A1=B0=ED=9A=8C=EC=97=90=20sso=5Fusers=20fallbac?= =?UTF-8?q?k=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit workers 테이블에 없는 사용자(55명 중 45명)의 department_id가 0이 되어 부서 권한 매칭 실패 → 모든 페이지 접근 차단되던 문제. COALESCE(w.department_id, su.department_id) fallback 적용. Co-Authored-By: Claude Opus 4.6 (1M context) --- system1-factory/api/routes/pageAccessRoutes.js | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/system1-factory/api/routes/pageAccessRoutes.js b/system1-factory/api/routes/pageAccessRoutes.js index 121834e..3445407 100644 --- a/system1-factory/api/routes/pageAccessRoutes.js +++ b/system1-factory/api/routes/pageAccessRoutes.js @@ -69,9 +69,12 @@ router.get('/users/:userId/page-access', requireAuth, async (req, res) => { return res.json({ success: true, data: { user, pageAccess } }); } - // 사용자의 부서 조회 + // 사용자의 부서 조회 (workers 우선, 없으면 sso_users fallback) const [workerRows] = await db.query(` - SELECT w.department_id FROM workers w WHERE w.user_id = ? + SELECT COALESCE(w.department_id, su2.department_id, 0) AS department_id + FROM sso_users su2 + LEFT JOIN workers w ON su2.user_id = w.user_id + WHERE su2.user_id = ? `, [userId]); const departmentId = workerRows[0]?.department_id || 0;