From f7adbabb0fca66e43049bacbf105e1761e79e7c3 Mon Sep 17 00:00:00 2001 From: Hyungi Ahn Date: Wed, 1 Apr 2026 07:02:56 +0900 Subject: [PATCH] =?UTF-8?q?fix(permissions):=20=EA=B0=9C=EC=9D=B8=20?= =?UTF-8?q?=EA=B6=8C=ED=95=9C=20=ED=85=8C=EC=9D=B4=EB=B8=94=20=EB=B6=88?= =?UTF-8?q?=EC=9D=BC=EC=B9=98=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit tkuser는 user_page_permissions에 저장하지만 네비/대시보드는 user_page_access에서 읽던 문제. user_page_permissions 기반으로 통일. - pageAccessRoutes.js: user_page_access → user_page_permissions JOIN - dashboardModel.js: 개인 권한 쿼리 page_name 기반으로 변경 Co-Authored-By: Claude Opus 4.6 (1M context) --- system1-factory/api/models/dashboardModel.js | 16 ++++++++++------ system1-factory/api/routes/pageAccessRoutes.js | 8 +++++--- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/system1-factory/api/models/dashboardModel.js b/system1-factory/api/models/dashboardModel.js index fa4bc60..3e7b1f0 100644 --- a/system1-factory/api/models/dashboardModel.js +++ b/system1-factory/api/models/dashboardModel.js @@ -101,13 +101,17 @@ const DashboardModel = { }); } - // 개인 권한 페이지 (page_id = pages.id) + // 개인 권한 페이지 (user_page_permissions.page_name 기반) const [personalRows] = await db.execute(` - SELECT upa.page_id - FROM user_page_access upa - WHERE upa.user_id = ? AND upa.can_access = 1 + SELECT upp.page_name + FROM user_page_permissions upp + WHERE upp.user_id = ? AND upp.can_access = 1 `, [userId]); - const personalPageIds = new Set(personalRows.map(r => r.page_id)); + const personalPageKeys = new Set(); + personalRows.forEach(r => { + const key = r.page_name.startsWith('s1.') ? r.page_name.slice(3) : r.page_name; + personalPageKeys.add(key); + }); // 분류 (부서 우선, 중복 없음 — 권한 있는 페이지만) const departmentPages = []; @@ -116,7 +120,7 @@ const DashboardModel = { for (const page of allPages) { if (deptPageKeys.has(page.page_key)) { departmentPages.push(formatPage(page)); - } else if (personalPageIds.has(page.id)) { + } else if (personalPageKeys.has(page.page_key)) { personalPages.push(formatPage(page)); } } diff --git a/system1-factory/api/routes/pageAccessRoutes.js b/system1-factory/api/routes/pageAccessRoutes.js index 768ac7b..4bc0474 100644 --- a/system1-factory/api/routes/pageAccessRoutes.js +++ b/system1-factory/api/routes/pageAccessRoutes.js @@ -84,10 +84,12 @@ router.get('/users/:userId/page-access', requireAuth, async (req, res) => { p.page_name, p.page_path, p.category, - COALESCE(upa.can_access, dpp.can_access, p.is_default_accessible, 0) as can_access, - upa.granted_at + COALESCE(upp.can_access, dpp.can_access, p.is_default_accessible, 0) as can_access, + upp.granted_at FROM pages p - LEFT JOIN user_page_access upa ON p.id = upa.page_id AND upa.user_id = ? + LEFT JOIN user_page_permissions upp + ON upp.user_id = ? + AND (upp.page_name = CONCAT('s1.', p.page_key) OR upp.page_name = p.page_key) LEFT JOIN department_page_permissions dpp ON dpp.department_id = ? AND (dpp.page_name = CONCAT('s1.', p.page_key) OR dpp.page_name = p.page_key)