hyungi/tk-factory-services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: worker_id 잔재 제거 - user_id 기반으로 완전 전환

Browse Source 
- workerModel: remove()를 user_id 기반 cascading delete로 전환
- workerController: 계정 생성/해제를 workers.user_id 연결 방식으로 변경
- userController: JOIN 방향 전환 (u.worker_id→w.worker_id 에서 w.user_id→u.user_id)
- authController, systemController, authRoutes: 모든 CRUD에서 worker_id 참조 제거
- DB: UNIQUE KEY 5개 교체, FK 7개 삭제, daily_worker_summary user_id 추가

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Hyungi Ahn
2026-03-06 07:47:01 +09:00
parent 7089548722
commit d385ce7ac1
6 changed files with 110 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
system1-factory/api/controllers/authController.js
View File

@@ -33,7 +33,7 @@ const login = asyncHandler(async (req, res) => {
// ✅ 사용자 등록 기능 추가
const register = async (req, res) => {
try {
const { username, password, name, access_level, worker_id } = req.body;
const { username, password, name, access_level } = req.body;
const db = await getDb();
// 필수 필드 검증
@@ -72,9 +72,9 @@ const register = async (req, res) => {
// 사용자 등록
const [result] = await db.query(
`INSERT INTO users (username, password, name, role, access_level, worker_id)
VALUES (?, ?, ?, ?, ?, ?)`,
[username, hashedPassword, name, role, access_level, worker_id]
`INSERT INTO users (username, password, name, role, access_level)
VALUES (?, ?, ?, ?, ?)`,
[username, hashedPassword, name, role, access_level]
);
console.log('[사용자 등록 성공]', username);
@@ -141,8 +141,8 @@ const getAllUsers = async (req, res) => {
// 비밀번호 제외하고 조회
const [rows] = await db.query(
`SELECT user_id, username, name, role, access_level, worker_id, created_at
FROM users
`SELECT user_id, username, name, role, access_level, created_at
FROM users
ORDER BY created_at DESC`
);

41
system1-factory/api/controllers/systemController.js
View File

@@ -243,21 +243,20 @@ exports.getAllUsers = asyncHandler(async (req, res) => {
const db = await getDb();
const [users] = await db.query(`
SELECT
SELECT
user_id,
username,
name,
email,
role,
access_level,
worker_id,
is_active,
last_login_at,
failed_login_attempts,
locked_until,
created_at,
updated_at
FROM users
FROM users
ORDER BY created_at DESC
`);
@@ -272,20 +271,20 @@ exports.getAllUsers = asyncHandler(async (req, res) => {
* 사용자 생성
*/
exports.createUser = asyncHandler(async (req, res) => {
const { username, password, name, email, role, access_level, worker_id } = req.body;
const { username, password, name, email, role, access_level } = req.body;
// 스키마 기반 유효성 검사
validateSchema(req.body, schemas.createUser);
try {
const db = await getDb();
// 사용자명 중복 확인
const [existing] = await db.query('SELECT user_id FROM users WHERE username = ?', [username]);
if (existing.length > 0) {
throw new ApiError('이미 존재하는 사용자명입니다.', 409);
}
// 이메일 중복 확인 (이메일이 제공된 경우)
if (email) {
const [existingEmail] = await db.query('SELECT user_id FROM users WHERE email = ?', [email]);
@@ -293,15 +292,15 @@ exports.createUser = asyncHandler(async (req, res) => {
throw new ApiError('이미 사용 중인 이메일입니다.', 409);
}
}
// 비밀번호 해시화
const hashedPassword = await bcrypt.hash(password, 10);
// 사용자 생성
const [result] = await db.query(`
INSERT INTO users (username, password, name, email, role, access_level, worker_id, is_active, created_at, password_changed_at)
VALUES (?, ?, ?, ?, ?, ?, ?, 1, NOW(), NOW())
`, [username, hashedPassword, name, email || null, role, access_level || role, worker_id || null]);
INSERT INTO users (username, password, name, email, role, access_level, is_active, created_at, password_changed_at)
VALUES (?, ?, ?, ?, ?, ?, 1, NOW(), NOW())
`, [username, hashedPassword, name, email || null, role, access_level || role]);
// 비밀번호 변경 로그 기록
await db.query(`
@@ -322,9 +321,9 @@ exports.createUser = asyncHandler(async (req, res) => {
exports.updateUser = async (req, res) => {
try {
const { id } = req.params;
const { name, email, role, access_level, is_active, worker_id } = req.body;
const { name, email, role, access_level, is_active } = req.body;
const db = await getDb();
// 사용자 존재 확인
const [user] = await db.query('SELECT user_id FROM users WHERE user_id = ?', [id]);
if (user.length === 0) {
@@ -333,11 +332,11 @@ exports.updateUser = async (req, res) => {
error: '해당 사용자를 찾을 수 없습니다.'
});
}
// 이메일 중복 확인 (다른 사용자가 사용 중인지)
if (email) {
const [existingEmail] = await db.query(
'SELECT user_id FROM users WHERE email = ? AND user_id != ?',
'SELECT user_id FROM users WHERE email = ? AND user_id != ?',
[email, id]
);
if (existingEmail.length > 0) {
@@ -347,13 +346,13 @@ exports.updateUser = async (req, res) => {
});
}
}
// 사용자 정보 업데이트
await db.query(`
UPDATE users
SET name = ?, email = ?, role = ?, access_level = ?, is_active = ?, worker_id = ?, updated_at = NOW()
UPDATE users
SET name = ?, email = ?, role = ?, access_level = ?, is_active = ?, updated_at = NOW()
WHERE user_id = ?
`, [name, email || null, role, access_level || role, is_active ? 1 : 0, worker_id || null, id]);
`, [name, email || null, role, access_level || role, is_active ? 1 : 0, id]);
res.json({
success: true,

23
system1-factory/api/controllers/userController.js
View File

@@ -43,7 +43,6 @@ const getAllUsers = asyncHandler(async (req, res) => {
r.name as role,
u._access_level_old as access_level,
u.is_active,
u.worker_id,
w.worker_name,
w.department_id,
d.department_name,
@@ -52,7 +51,7 @@ const getAllUsers = asyncHandler(async (req, res) => {
u.last_login_at as last_login
FROM users u
LEFT JOIN roles r ON u.role_id = r.id
LEFT JOIN workers w ON u.worker_id = w.worker_id
LEFT JOIN workers w ON w.user_id = u.user_id
LEFT JOIN departments d ON w.department_id = d.department_id
ORDER BY u.created_at DESC
`;
@@ -224,7 +223,7 @@ const updateUser = asyncHandler(async (req, res) => {
checkAdminPermission(req.user);
const { id } = req.params;
const { username, name, email, role, role_id, password, worker_id } = req.body;
const { username, name, email, role, role_id, password } = req.body;
if (!id || isNaN(id)) {
throw new ValidationError('유효하지 않은 사용자 ID입니다');
@@ -233,7 +232,7 @@ const updateUser = asyncHandler(async (req, res) => {
logger.info('사용자 수정 요청', { userId: id, body: req.body });
// 최소 하나의 수정 필드가 필요
if (!username && !name && email === undefined && !role && !role_id && !password && worker_id === undefined) {
if (!username && !name && email === undefined && !role && !role_id && !password) {
throw new ValidationError('수정할 필드가 없습니다');
}
@@ -324,22 +323,6 @@ const updateUser = asyncHandler(async (req, res) => {
values.push(hashedPassword);
}
// worker_id 업데이트 (null도 허용 - 연결 해제)
if (worker_id !== undefined) {
if (worker_id !== null) {
// worker_id가 유효한지 확인
const [workerCheck] = await db.execute('SELECT worker_id, worker_name FROM workers WHERE worker_id = ?', [worker_id]);
if (workerCheck.length === 0) {
throw new ValidationError('유효하지 않은 작업자 ID입니다');
}
logger.info('작업자 연결', { userId: id, worker_id, worker_name: workerCheck[0].worker_name });
} else {
logger.info('작업자 연결 해제', { userId: id });
}
updates.push('worker_id = ?');
values.push(worker_id);
}
updates.push('updated_at = NOW()');
values.push(id);

80
system1-factory/api/controllers/workerController.js
View File

@@ -28,7 +28,7 @@ exports.createWorker = asyncHandler(async (req, res) => {
const lastID = await workerModel.create(workerData);
// 계정 생성 요청이 있으면 users 테이블에 계정 생성
// 계정 생성 요청이 있으면 users 테이블에 계정 생성 + workers.user_id 연결
if (createAccount && workerData.worker_name) {
try {
const db = await getDb();
@@ -39,13 +39,17 @@ exports.createWorker = asyncHandler(async (req, res) => {
const [userRole] = await db.query('SELECT id FROM roles WHERE name = ?', ['User']);
if (userRole && userRole.length > 0) {
await db.query(
`INSERT INTO users (username, password, name, worker_id, role_id, created_at, updated_at)
VALUES (?, ?, ?, ?, ?, NOW(), NOW())`,
[username, hashedPassword, workerData.worker_name, lastID, userRole[0].id]
const [insertResult] = await db.query(
`INSERT INTO users (username, password, name, role_id, created_at, updated_at)
VALUES (?, ?, ?, ?, NOW(), NOW())`,
[username, hashedPassword, workerData.worker_name, userRole[0].id]
);
logger.info('작업자 계정 자동 생성 성공', { worker_id: lastID, username });
// workers.user_id 연결
const newUserId = insertResult.insertId;
await db.query('UPDATE workers SET user_id = ? WHERE worker_id = ?', [newUserId, lastID]);
logger.info('작업자 계정 자동 생성 성공', { worker_id: lastID, user_id: newUserId, username });
}
} catch (accountError) {
logger.error('계정 생성 실패 (작업자는 생성됨)', { worker_id: lastID, error: accountError.message });
@@ -109,7 +113,7 @@ exports.getWorkerById = asyncHandler(async (req, res) => {
throw new ValidationError('유효하지 않은 작업자 ID입니다');
}
const row = await workerModel.getById(id);
const row = await workerModel.getByUserId(id);
if (!row) {
throw new NotFoundError('작업자를 찾을 수 없습니다');
@@ -132,18 +136,18 @@ exports.updateWorker = asyncHandler(async (req, res) => {
throw new ValidationError('유효하지 않은 작업자 ID입니다');
}
const workerData = { ...req.body, worker_id: id };
const workerData = { ...req.body, user_id: id };
const createAccount = req.body.create_account;
console.log('🔧 작업자 수정 요청:', {
worker_id: id,
user_id: id,
받은데이터: req.body,
처리할데이터: workerData,
create_account: createAccount
});
// 먼저 현재 작업자 정보 조회 (계정 여부 확인용)
const currentWorker = await workerModel.getById(id);
// 먼저 현재 작업자 정보 조회 (계정 여부 확인용, user_id 기준)
const currentWorker = await workerModel.getByUserId(id);
if (!currentWorker) {
throw new NotFoundError('작업자를 찾을 수 없습니다');
@@ -158,61 +162,43 @@ exports.updateWorker = asyncHandler(async (req, res) => {
let accountAction = null;
let accountUsername = null;
console.log('🔍 계정 생성 체크:', {
createAccount,
hasAccount,
currentWorker_user_id: currentWorker.user_id,
worker_name: workerData.worker_name
});
if (createAccount && !hasAccount && workerData.worker_name) {
// 계정 생성
console.log('✅ 계정 생성 로직 시작');
try {
console.log('🔑 사용자명 생성 중...');
const username = await generateUniqueUsername(workerData.worker_name, db);
console.log('🔑 생성된 사용자명:', username);
const hashedPassword = await bcrypt.hash('1234', 10);
console.log('🔒 비밀번호 해싱 완료');
// User 역할 조회
console.log('👤 User 역할 조회 중...');
const [userRole] = await db.query('SELECT id FROM roles WHERE name = ?', ['User']);
console.log('👤 User 역할 조회 결과:', userRole);
if (userRole && userRole.length > 0) {
console.log('💾 계정 DB 삽입 시작...');
await db.query(
`INSERT INTO users (username, password, name, worker_id, role_id, created_at, updated_at)
VALUES (?, ?, ?, ?, ?, NOW(), NOW())`,
[username, hashedPassword, workerData.worker_name, id, userRole[0].id]
const [insertResult] = await db.query(
`INSERT INTO users (username, password, name, role_id, created_at, updated_at)
VALUES (?, ?, ?, ?, NOW(), NOW())`,
[username, hashedPassword, workerData.worker_name, userRole[0].id]
);
console.log('✅ 계정 DB 삽입 완료');
// workers.user_id 연결
const newUserId = insertResult.insertId;
await db.query('UPDATE workers SET user_id = ? WHERE user_id = ?', [newUserId, id]);
accountAction = 'created';
accountUsername = username;
logger.info('작업자 계정 생성 성공', { worker_id: id, username });
} else {
console.log('❌ User 역할을 찾을 수 없음');
logger.info('작업자 계정 생성 성공', { user_id: id, new_user_id: newUserId, username });
}
} catch (accountError) {
console.error('계정 생성 오류:', accountError);
logger.error('계정 생성 실패', { worker_id: id, error: accountError.message });
logger.error('계정 생성 실패', { user_id: id, error: accountError.message });
accountAction = 'failed';
}
} else {
console.log('⏭️ 계정 생성 조건 불만족:', { createAccount, hasAccount, hasWorkerName: !!workerData.worker_name });
}
if (!createAccount && hasAccount) {
// 계정 연동 해제 (users.worker_id = NULL)
// 계정 연동 해제 (workers.user_id = NULL)
try {
await db.query('UPDATE users SET worker_id = NULL WHERE worker_id = ?', [id]);
await db.query('UPDATE workers SET user_id = NULL WHERE user_id = ?', [id]);
accountAction = 'unlinked';
logger.info('작업자 계정 연동 해제 성공', { worker_id: id });
logger.info('작업자 계정 연동 해제 성공', { user_id: id });
} catch (unlinkError) {
logger.error('계정 연동 해제 실패', { worker_id: id, error: unlinkError.message });
logger.error('계정 연동 해제 실패', { user_id: id, error: unlinkError.message });
accountAction = 'unlink_failed';
}
} else if (createAccount && hasAccount) {
@@ -220,10 +206,10 @@ exports.updateWorker = asyncHandler(async (req, res) => {
}
// 작업자 관련 캐시 무효화
logger.info('작업자 수정 후 캐시 무효화', { worker_id: id });
logger.info('작업자 수정 후 캐시 무효화', { user_id: id });
await cache.invalidateCache.worker();
logger.info('작업자 수정 성공', { worker_id: id });
logger.info('작업자 수정 성공', { user_id: id });
// 응답 메시지 구성
let message = '작업자 정보가 성공적으로 수정되었습니다';
@@ -265,11 +251,11 @@ exports.removeWorker = asyncHandler(async (req, res) => {
}
// 작업자 관련 캐시 무효화
logger.info('작업자 삭제 후 캐시 무효화 시작', { worker_id: id });
logger.info('작업자 삭제 후 캐시 무효화 시작', { user_id: id });
await cache.invalidateCache.worker();
await cache.delPattern('workers:*');
await cache.flush();
logger.info('작업자 삭제 후 캐시 무효화 완료', { worker_id: id });
logger.info('작업자 삭제 후 캐시 무효화 완료', { user_id: id });
res.json({
success: true,

34
system1-factory/api/models/workerModel.js
View File

@@ -166,32 +166,34 @@ const update = async (worker) => {
return result.affectedRows;
};
// 5. 삭제 (외래키 제약조건 처리)
const remove = async (worker_id) => {
// 5. 삭제 (user_id 기반 - 외래키 제약조건 처리)
const remove = async (userId) => {
const db = await getDb();
const conn = await db.getConnection();
try {
await conn.beginTransaction();
console.log(`🗑️ 작업자 삭제 시작: worker_id=${worker_id}`);
console.log(`🗑️ 작업자 삭제 시작: user_id=${userId}`);
// 안전한 삭제: 각 테이블을 개별적으로 처리하고 오류가 발생해도 계속 진행
const tables = [
{ name: 'users', query: 'UPDATE users SET worker_id = NULL WHERE worker_id = ?', action: '업데이트' },
{ name: 'Users', query: 'UPDATE Users SET worker_id = NULL WHERE worker_id = ?', action: '업데이트' },
{ name: 'daily_issue_reports', query: 'DELETE FROM daily_issue_reports WHERE worker_id = ?', action: '삭제' },
{ name: 'DailyIssueReports', query: 'DELETE FROM DailyIssueReports WHERE worker_id = ?', action: '삭제' },
{ name: 'work_reports', query: 'DELETE FROM work_reports WHERE worker_id = ?', action: '삭제' },
{ name: 'WorkReports', query: 'DELETE FROM WorkReports WHERE worker_id = ?', action: '삭제' },
{ name: 'daily_work_reports', query: 'DELETE FROM daily_work_reports WHERE worker_id = ?', action: '삭제' },
{ name: 'monthly_worker_status', query: 'DELETE FROM monthly_worker_status WHERE worker_id = ?', action: '삭제' },
{ name: 'worker_groups', query: 'DELETE FROM worker_groups WHERE worker_id = ?', action: '삭제' }
{ name: 'DailyIssueReports', query: 'DELETE FROM DailyIssueReports WHERE user_id = ?', action: '삭제' },
{ name: 'WorkReports', query: 'DELETE FROM WorkReports WHERE user_id = ?', action: '삭제' },
{ name: 'daily_work_reports', query: 'DELETE FROM daily_work_reports WHERE user_id = ?', action: '삭제' },
{ name: 'daily_attendance_records', query: 'DELETE FROM daily_attendance_records WHERE user_id = ?', action: '삭제' },
{ name: 'daily_worker_summary', query: 'DELETE FROM daily_worker_summary WHERE user_id = ?', action: '삭제' },
{ name: 'tbm_team_assignments', query: 'DELETE FROM tbm_team_assignments WHERE user_id = ?', action: '삭제' },
{ name: 'tbm_transfers', query: 'DELETE FROM tbm_transfers WHERE user_id = ?', action: '삭제' },
{ name: 'vacation_requests', query: 'DELETE FROM vacation_requests WHERE user_id = ?', action: '삭제' },
{ name: 'vacation_balance_details', query: 'DELETE FROM vacation_balance_details WHERE user_id = ?', action: '삭제' },
{ name: 'worker_vacation_balance', query: 'DELETE FROM worker_vacation_balance WHERE user_id = ?', action: '삭제' },
{ name: 'worker_groups', query: 'DELETE FROM worker_groups WHERE user_id = ?', action: '삭제' }
];
for (const table of tables) {
try {
const [result] = await conn.query(table.query, [worker_id]);
const [result] = await conn.query(table.query, [userId]);
if (result.affectedRows > 0) {
console.log(`${table.name} 테이블 ${table.action}: ${result.affectedRows}`);
}
@@ -202,8 +204,8 @@ const remove = async (worker_id) => {
// 마지막으로 작업자 삭제
const [result] = await conn.query(
`DELETE FROM workers WHERE worker_id = ?`,
[worker_id]
`DELETE FROM workers WHERE user_id = ?`,
[userId]
);
console.log(`✅ 작업자 삭제 완료: ${result.affectedRows}`);
@@ -212,7 +214,7 @@ const remove = async (worker_id) => {
} catch (err) {
await conn.rollback();
console.error(`❌ 작업자 삭제 오류 (worker_id: ${worker_id}):`, err);
console.error(`❌ 작업자 삭제 오류 (user_id: ${userId}):`, err);
throw new Error(`작업자 삭제 중 오류가 발생했습니다: ${err.message}`);
} finally {
conn.release();

70
system1-factory/api/routes/authRoutes.js
View File

@@ -161,11 +161,10 @@ router.post('/refresh-token', async (req, res) => {
// 새 토큰 발급
const newToken = jwt.sign(
{
{
user_id: user.user_id,
username: user.username,
access_level: user.access_level,
worker_id: user.worker_id,
name: user.name || user.username
},
process.env.JWT_SECRET || 'your-secret-key',
@@ -456,10 +455,10 @@ router.get('/me', verifyToken, async (req, res) => {
connection = await mysql.createConnection(dbConfig);
const [rows] = await connection.execute(
'SELECT user_id, username, name, email, access_level, worker_id, last_login_at, created_at FROM users WHERE user_id = ?',
'SELECT user_id, username, name, email, access_level, last_login_at, created_at FROM users WHERE user_id = ?',
[userId]
);
if (rows.length === 0) {
return res.status(404).json({ error: '사용자를 찾을 수 없습니다.' });
}
@@ -471,7 +470,6 @@ router.get('/me', verifyToken, async (req, res) => {
name: user.name || user.username,
email: user.email,
access_level: user.access_level,
worker_id: user.worker_id,
last_login_at: user.last_login_at,
created_at: user.created_at
});
@@ -493,43 +491,43 @@ router.post('/register', verifyToken, async (req, res) => {
let connection;
try {
const { username, password, name, email, access_level, worker_id } = req.body;
const { username, password, name, email, access_level } = req.body;
// 권한 확인 (admin 이상만 사용자 등록 가능)
if (!['admin', 'system'].includes(req.user.access_level)) {
return res.status(403).json({
return res.status(403).json({
success: false,
error: '사용자 등록 권한이 없습니다.'
error: '사용자 등록 권한이 없습니다.'
});
}
if (!username || !password || !name || !access_level) {
return res.status(400).json({
return res.status(400).json({
success: false,
error: '필수 항목을 모두 입력해주세요.'
error: '필수 항목을 모두 입력해주세요.'
});
}
// 비밀번호 강도 검증
if (password.length < 6) {
return res.status(400).json({
return res.status(400).json({
success: false,
error: '비밀번호는 최소 6자 이상이어야 합니다.'
error: '비밀번호는 최소 6자 이상이어야 합니다.'
});
}
connection = await mysql.createConnection(dbConfig);
// 사용자명 중복 체크
const [existing] = await connection.execute(
'SELECT user_id FROM users WHERE username = ?',
[username]
);
if (existing.length > 0) {
return res.status(409).json({
return res.status(409).json({
success: false,
error: '이미 존재하는 사용자명입니다.'
error: '이미 존재하는 사용자명입니다.'
});
}
@@ -539,11 +537,11 @@ router.post('/register', verifyToken, async (req, res) => {
'SELECT user_id FROM users WHERE email = ?',
[email]
);
if (existingEmail.length > 0) {
return res.status(409).json({
return res.status(409).json({
success: false,
error: '이미 사용 중인 이메일입니다.'
error: '이미 사용 중인 이메일입니다.'
});
}
}
@@ -553,9 +551,9 @@ router.post('/register', verifyToken, async (req, res) => {
// 사용자 추가
const [result] = await connection.execute(
`INSERT INTO Users (username, password, name, email, access_level, worker_id, is_active, created_at, password_changed_at)
VALUES (?, ?, ?, ?, ?, ?, TRUE, NOW(), NOW())`,
[username, hashedPassword, name, email || null, access_level, worker_id || null]
`INSERT INTO Users (username, password, name, email, access_level, is_active, created_at, password_changed_at)
VALUES (?, ?, ?, ?, ?, TRUE, NOW(), NOW())`,
[username, hashedPassword, name, email || null, access_level]
);
// 비밀번호 변경 로그 기록 (초기 설정)
@@ -578,8 +576,7 @@ router.post('/register', verifyToken, async (req, res) => {
username,
name,
email: email || null,
access_level,
worker_id: worker_id || null
access_level
}
});
@@ -615,7 +612,6 @@ router.get('/users', verifyToken, async (req, res) => {
u.role_id,
r.name as role_name,
u._access_level_old as access_level,
u.worker_id,
u.is_active,
u.last_login_at,
u.created_at
@@ -649,8 +645,7 @@ router.get('/users', verifyToken, async (req, res) => {
email: user.email,
role_id: user.role_id,
role_name: user.role_name,
access_level: user.access_level || user.role_name?.toLowerCase(), // 하위 호환성
worker_id: user.worker_id,
access_level: user.access_level || user.role_name?.toLowerCase(),
is_active: user.is_active,
last_login_at: user.last_login_at,
created_at: user.created_at
@@ -676,22 +671,22 @@ router.put('/users/:id', verifyToken, async (req, res) => {
try {
const userId = parseInt(req.params.id);
const { name, email, access_level, worker_id, password, is_active } = req.body;
const { name, email, access_level, password, is_active } = req.body;
// 권한 확인
if (!['admin', 'system'].includes(req.user.access_level)) {
// 일반 사용자는 자신의 정보만 수정 가능 (이름, 이메일만)
if (userId !== req.user.user_id) {
return res.status(403).json({
return res.status(403).json({
success: false,
error: '다른 사용자의 정보를 수정할 권한이 없습니다.'
error: '다른 사용자의 정보를 수정할 권한이 없습니다.'
});
}
if (access_level || worker_id || is_active !== undefined) {
return res.status(403).json({
if (access_level || is_active !== undefined) {
return res.status(403).json({
success: false,
error: '권한, 작업자 ID, 활성화 상태는 관리자만 수정할 수 있습니다.'
error: '권한, 활성화 상태는 관리자만 수정할 수 있습니다.'
});
}
}
@@ -744,11 +739,6 @@ router.put('/users/:id', verifyToken, async (req, res) => {
updateValues.push(access_level);
}
if (worker_id !== undefined && ['admin', 'system'].includes(req.user.access_level)) {
updateFields.push('worker_id = ?');
updateValues.push(worker_id || null);
}
if (is_active !== undefined && ['admin', 'system'].includes(req.user.access_level)) {
updateFields.push('is_active = ?');
updateValues.push(is_active);
@@ -794,7 +784,7 @@ router.put('/users/:id', verifyToken, async (req, res) => {
// 업데이트된 사용자 정보 조회
const [updated] = await connection.execute(
'SELECT user_id, username, name, email, access_level, worker_id, is_active FROM users WHERE user_id = ?',
'SELECT user_id, username, name, email, access_level, is_active FROM users WHERE user_id = ?',
[userId]
);