Merge pull request 'feature/auth' (#108) from feature/auth into dev

Reviewed-on: #108
2025-07-17 14:58:42 +09:00 · 2025-07-17 14:58:42 +09:00 · cdaf57349c
commit cdaf57349c
parent 3a1cb52b9f a14e597c1a
3 changed files with 52 additions and 29 deletions
--- a/src/app/api/auth/route.ts
+++ b/src/app/api/auth/route.ts
@ -65,13 +65,21 @@ export async function POST(request: Request) {
    session.builderNm = result.data.data.builderNm
    session.isLoggedIn = true

+    /**
+     * - Admin_Sub: 2차 판매점 슈퍼/일반 유저 (groupId: 70000 (Musubi), builderNo: null, userAuthCd: B가 아닌 경우)
+     * - Builder: 2차 판매점 시공권한 유저 (groupId: 70000 (Musubi) 이고 builderNo가 null이 아닌 경우 또는
+     *           groupId: 70000 (Musubi) 이고 builderNo: null이고 userAuthCd: B인 경우)
+     */
    if (result.data.data.userId === 'T01') {
      session.role = 'T01'
    } else if (result.data.data.groupId === '60000') {
      session.role = 'Admin'
-    } else if (result.data.data.groupId === '70000' && result.data.data.builderNo === null) {
+    } else if (result.data.data.groupId === '70000' && result.data.data.builderNo === null && result.data.data.userAuthCd !== 'B') {
      session.role = 'Admin_Sub'
-    } else if (result.data.data.groupId === '70000' && result.data.data.builderNo !== null) {
+    } else if (
+      (result.data.data.groupId === '70000' && result.data.data.builderNo !== null) ||
+      (result.data.data.groupId === '70000' && result.data.data.builderNo === null && result.data.data.userAuthCd === 'B')
+    ) {
      session.role = 'Builder'
    } else {
      session.role = 'User'
--- a/src/app/api/survey-sales/service.ts
+++ b/src/app/api/survey-sales/service.ts
@ -100,45 +100,56 @@ export class SurveySalesService {
  }

  /**
-   * @description 역할 기반 조건 생성
+   * @description 권한 별 조회 조건 생성
   * @returns {WhereCondition} 역할 기반 조건
   * @exampleResult { AND: [{ STORE_ID: { equals: '1234567890' } }] }
   *
   * @description T01 : 임시저장되지 않은 전체 매물 조회
   * @description Admin : 같은 판매점에서 작성된 매물, 2차점에게 제출받은 매물 조회
   * @description Admin_Sub : 같은 판매점에서 작성된 매물, 시공권한 user에게 제출받은 매물 조회
-   * @description Builder : 같은 시공점에서 작성된 매물 조회
-   * @description Partner : 같은 시공점에서 작성된 매물 조회
+   * @description Builder : 같은 시공점에서 작성된 매물 조회 | 본인이 작성한 매물 조회
+   * @description Partner : 같은 시공점에서 작성된 매물 조회 | 본인이 작성한 매물 조회
   */
  private createRoleCondition(): WhereCondition {
    const where: WhereCondition = { AND: [] }

    switch (this.session?.role) {
      case 'Admin':
-        where.OR = [
-          { AND: [{ STORE_ID: { equals: this.session?.storeId } }] },
-          { AND: [{ SUBMISSION_TARGET_ID: { equals: this.session?.storeId } }, { SUBMISSION_STATUS: { equals: true } }] },
-          { AND: [{ SUBMISSION_TARGET_NM: { equals: this.session?.storeNm } }, { SUBMISSION_STATUS: { equals: true } }] },
-        ]
+        if (this.session?.storeId) {
+          where.OR = [
+            { AND: [{ STORE_ID: { equals: this.session.storeId } }] },
+            { AND: [{ SUBMISSION_TARGET_ID: { equals: this.session.storeId } }, { SUBMISSION_STATUS: { equals: true } }] },
+            { AND: [{ SUBMISSION_TARGET_NM: { equals: this.session.storeNm } }, { SUBMISSION_STATUS: { equals: true } }] },
+          ]
+        } else {
+          where.AND.push({ REPRESENTATIVE_ID: { equals: this.session.userId } })
+        }
        break
      case 'Admin_Sub':
-        where.OR = [
-          { AND: [{ STORE_ID: { equals: this.session?.storeId } }] },
-          { AND: [{ SUBMISSION_TARGET_ID: { equals: this.session?.storeId } }, { SUBMISSION_STATUS: { equals: true } }] },
-          { AND: [{ SUBMISSION_TARGET_NM: { equals: this.session?.storeNm } }, { SUBMISSION_STATUS: { equals: true } }] },
-        ]
+        if (this.session?.storeId) {
+          where.OR = [
+            { AND: [{ STORE_ID: { equals: this.session.storeId } }] },
+            { AND: [{ SUBMISSION_TARGET_ID: { equals: this.session.storeId } }, { SUBMISSION_STATUS: { equals: true } }] },
+            { AND: [{ SUBMISSION_TARGET_NM: { equals: this.session.storeNm } }, { SUBMISSION_STATUS: { equals: true } }] },
+          ]
+        } else {
+          where.AND.push({ REPRESENTATIVE_ID: { equals: this.session.userId } })
+        }
        break
      case 'Builder':
      case 'Partner':
        if (this.session?.builderId) {
          where.AND.push({ CONSTRUCTION_POINT_ID: { equals: this.session?.builderId } })
        } else {
-          where.AND.push({ ID: { equals: -1 } })
+          where.AND.push({ REPRESENTATIVE_ID: { equals: this.session?.userId } })
        }
        break
      case 'T01':
        where.OR = [{ NOT: { SRL_NO: { startsWith: '一時保存' } } }, { STORE_ID: { equals: this.session?.storeId } }]
        break
+      default:
+        where.AND.push({ ID: { equals: -1 } })
+        break
    }
    return where
  }
@ -383,8 +394,9 @@ export class SurveySalesService {
      T01: () => this.checkT01Role(survey, session.userId),
      Admin: () => this.checkAdminRole(survey, session.storeId, session.storeNm),
      Admin_Sub: () => this.checkAdminSubRole(survey, session.storeId, session.storeNm),
-      Partner: () => this.checkPartnerOrBuilderRole(survey, session.builderId),
-      Builder: () => this.checkPartnerOrBuilderRole(survey, session.builderId),
+      Partner: () => this.checkPartnerOrBuilderRole(survey, session.builderId, session.userId),
+      Builder: () => this.checkPartnerOrBuilderRole(survey, session.builderId, session.userId),
+      default: () => false,
    }

    return roleChecks[session.role as keyof typeof roleChecks]?.() ?? false
@ -413,7 +425,7 @@ export class SurveySalesService {
   * @returns {boolean} 해당 매물의 조회 권한 여부 (true: 권한 있음, false: 권한 없음)
   */
  private checkAdminRole(survey: any, storeId: string | null, storeNm: string | null): boolean {
-    if (!storeId) return false
+    if (!storeId) return survey.REPRESENTATIVE_ID === this.session?.userId
    return survey.SUBMISSION_STATUS
      ? survey.SUBMISSION_TARGET_ID === storeId || survey.SUBMISSION_TARGET_NM === storeNm || survey.STORE_ID === storeId
      : survey.STORE_ID === storeId
@ -428,7 +440,7 @@ export class SurveySalesService {
   * @returns {boolean} 해당 매물의 조회 권한 여부 (true: 권한 있음, false: 권한 없음)
   */
  private checkAdminSubRole(survey: any, storeId: string | null, storeNm: string | null): boolean {
-    if (!storeId) return false
+    if (!storeId) return survey.REPRESENTATIVE_ID === this.session?.userId
    return survey.SUBMISSION_STATUS
      ? survey.SUBMISSION_TARGET_ID === storeId || survey.SUBMISSION_TARGET_NM === storeNm || survey.STORE_ID === storeId
      : survey.STORE_ID === storeId
@ -437,14 +449,16 @@ export class SurveySalesService {
  /**
   * @description Partner 또는 Builder 권한 체크
   * - 같은 시공점에서 작성한 매물 조회 가능
+   * - 시공점ID가 없다면 본인이 작성한 매물 조회 가능
   *
   * @param {any} survey 조사 매물 데이터
   * @param {string | null} builderId 시공점 ID
+   * @param {string | null} userId 유저 ID
   * @returns {boolean} 해당 매물의 조회 권한 여부 (true: 권한 있음, false: 권한 없음)
   */
-  private checkPartnerOrBuilderRole(survey: any, builderId: string | null): boolean {
-    if (!builderId) return false
-    return survey.CONSTRUCTION_POINT_ID === builderId
+  private checkPartnerOrBuilderRole(survey: any, builderId: string | null, userId: string | null): boolean {
+    if (builderId) return survey.CONSTRUCTION_POINT_ID === builderId
+    return survey.REPRESENTATIVE_ID === userId
  }

  /**
--- a/src/components/survey-sale/detail/BasicForm.tsx
+++ b/src/components/survey-sale/detail/BasicForm.tsx
@ -57,17 +57,17 @@ export default function BasicForm({ basicInfo, setBasicInfo, mode, session }: Ba
                (session?.role === 'Builder' ? (
                  <>
                    {storeInput(basicInfo, setBasicInfo, mode)}
-                    {builderInput(basicInfo, setBasicInfo, mode)}
+                    {builderInput(basicInfo, setBasicInfo, mode, session)}
                  </>
                ) : session?.role === 'Partner' ? (
-                  <>{builderInput(basicInfo, setBasicInfo, mode)}</>
+                  <>{builderInput(basicInfo, setBasicInfo, mode, session)}</>
                ) : (
                  <>{storeInput(basicInfo, setBasicInfo, mode)}</>
                ))}
              {mode === 'READ' && (
                <>
                  {basicInfo?.store && storeInput(basicInfo, setBasicInfo, mode)}
-                  {basicInfo?.constructionPoint && builderInput(basicInfo, setBasicInfo, mode)}
+                  {basicInfo?.constructionPoint && builderInput(basicInfo, setBasicInfo, mode, session)}
                </>
              )}
            </div>
@ -166,15 +166,16 @@ const storeInput = (basicInfo: SurveyBasicRequest, setBasicInfo: (basicInfo: Sur
  )
 }

-/** 시공점 입력 창 */
-const builderInput = (basicInfo: SurveyBasicRequest, setBasicInfo: (basicInfo: SurveyBasicRequest) => void, mode: Mode) => {
+/** 시공점 입력 창 - 2차점 시공권한 유저이지만(Builder) 시공점ID가 없는 경우에만 작성 가능 */
+const builderInput = (basicInfo: SurveyBasicRequest, setBasicInfo: (basicInfo: SurveyBasicRequest) => void, mode: Mode, session: SessionData) => {
+  const isWriteable = mode !== 'READ' && session?.role === 'Builder' && session?.builderId === null
  return (
    <div className="data-input-form-bx">
      <div className="data-input-form-tit">施工店</div>
      <input
        type="text"
        className="input-frame"
-        readOnly
+        readOnly={!isWriteable}
        value={basicInfo?.constructionPoint ?? ''}
        onChange={(e) => setBasicInfo({ ...basicInfo, constructionPoint: e.target.value })}
      />