diff --git a/src/app/api/auth/route.ts b/src/app/api/auth/route.ts index 9b55c91..c41c260 100644 --- a/src/app/api/auth/route.ts +++ b/src/app/api/auth/route.ts @@ -65,13 +65,21 @@ export async function POST(request: Request) { session.builderNm = result.data.data.builderNm session.isLoggedIn = true + /** + * - Admin_Sub: 2차 판매점 슈퍼/일반 유저 (groupId: 70000 (Musubi), builderNo: null, userAuthCd: B가 아닌 경우) + * - Builder: 2차 판매점 시공권한 유저 (groupId: 70000 (Musubi) 이고 builderNo가 null이 아닌 경우 또는 + * groupId: 70000 (Musubi) 이고 builderNo: null이고 userAuthCd: B인 경우) + */ if (result.data.data.userId === 'T01') { session.role = 'T01' } else if (result.data.data.groupId === '60000') { session.role = 'Admin' - } else if (result.data.data.groupId === '70000' && result.data.data.builderNo === null) { + } else if (result.data.data.groupId === '70000' && result.data.data.builderNo === null && result.data.data.userAuthCd !== 'B') { session.role = 'Admin_Sub' - } else if (result.data.data.groupId === '70000' && result.data.data.builderNo !== null) { + } else if ( + (result.data.data.groupId === '70000' && result.data.data.builderNo !== null) || + (result.data.data.groupId === '70000' && result.data.data.builderNo === null && result.data.data.userAuthCd === 'B') + ) { session.role = 'Builder' } else { session.role = 'User' diff --git a/src/app/api/survey-sales/service.ts b/src/app/api/survey-sales/service.ts index 6619e7c..a68946a 100644 --- a/src/app/api/survey-sales/service.ts +++ b/src/app/api/survey-sales/service.ts @@ -100,45 +100,56 @@ export class SurveySalesService { } /** - * @description 역할 기반 조건 생성 + * @description 권한 별 조회 조건 생성 * @returns {WhereCondition} 역할 기반 조건 * @exampleResult { AND: [{ STORE_ID: { equals: '1234567890' } }] } * * @description T01 : 임시저장되지 않은 전체 매물 조회 * @description Admin : 같은 판매점에서 작성된 매물, 2차점에게 제출받은 매물 조회 * @description Admin_Sub : 같은 판매점에서 작성된 매물, 시공권한 user에게 제출받은 매물 조회 - * @description Builder : 같은 시공점에서 작성된 매물 조회 - * @description Partner : 같은 시공점에서 작성된 매물 조회 + * @description Builder : 같은 시공점에서 작성된 매물 조회 | 본인이 작성한 매물 조회 + * @description Partner : 같은 시공점에서 작성된 매물 조회 | 본인이 작성한 매물 조회 */ private createRoleCondition(): WhereCondition { const where: WhereCondition = { AND: [] } switch (this.session?.role) { case 'Admin': - where.OR = [ - { AND: [{ STORE_ID: { equals: this.session?.storeId } }] }, - { AND: [{ SUBMISSION_TARGET_ID: { equals: this.session?.storeId } }, { SUBMISSION_STATUS: { equals: true } }] }, - { AND: [{ SUBMISSION_TARGET_NM: { equals: this.session?.storeNm } }, { SUBMISSION_STATUS: { equals: true } }] }, - ] + if (this.session?.storeId) { + where.OR = [ + { AND: [{ STORE_ID: { equals: this.session.storeId } }] }, + { AND: [{ SUBMISSION_TARGET_ID: { equals: this.session.storeId } }, { SUBMISSION_STATUS: { equals: true } }] }, + { AND: [{ SUBMISSION_TARGET_NM: { equals: this.session.storeNm } }, { SUBMISSION_STATUS: { equals: true } }] }, + ] + } else { + where.AND.push({ REPRESENTATIVE_ID: { equals: this.session.userId } }) + } break case 'Admin_Sub': - where.OR = [ - { AND: [{ STORE_ID: { equals: this.session?.storeId } }] }, - { AND: [{ SUBMISSION_TARGET_ID: { equals: this.session?.storeId } }, { SUBMISSION_STATUS: { equals: true } }] }, - { AND: [{ SUBMISSION_TARGET_NM: { equals: this.session?.storeNm } }, { SUBMISSION_STATUS: { equals: true } }] }, - ] + if (this.session?.storeId) { + where.OR = [ + { AND: [{ STORE_ID: { equals: this.session.storeId } }] }, + { AND: [{ SUBMISSION_TARGET_ID: { equals: this.session.storeId } }, { SUBMISSION_STATUS: { equals: true } }] }, + { AND: [{ SUBMISSION_TARGET_NM: { equals: this.session.storeNm } }, { SUBMISSION_STATUS: { equals: true } }] }, + ] + } else { + where.AND.push({ REPRESENTATIVE_ID: { equals: this.session.userId } }) + } break case 'Builder': case 'Partner': if (this.session?.builderId) { where.AND.push({ CONSTRUCTION_POINT_ID: { equals: this.session?.builderId } }) } else { - where.AND.push({ ID: { equals: -1 } }) + where.AND.push({ REPRESENTATIVE_ID: { equals: this.session?.userId } }) } break case 'T01': where.OR = [{ NOT: { SRL_NO: { startsWith: '一時保存' } } }, { STORE_ID: { equals: this.session?.storeId } }] break + default: + where.AND.push({ ID: { equals: -1 } }) + break } return where } @@ -383,8 +394,9 @@ export class SurveySalesService { T01: () => this.checkT01Role(survey, session.userId), Admin: () => this.checkAdminRole(survey, session.storeId, session.storeNm), Admin_Sub: () => this.checkAdminSubRole(survey, session.storeId, session.storeNm), - Partner: () => this.checkPartnerOrBuilderRole(survey, session.builderId), - Builder: () => this.checkPartnerOrBuilderRole(survey, session.builderId), + Partner: () => this.checkPartnerOrBuilderRole(survey, session.builderId, session.userId), + Builder: () => this.checkPartnerOrBuilderRole(survey, session.builderId, session.userId), + default: () => false, } return roleChecks[session.role as keyof typeof roleChecks]?.() ?? false @@ -413,7 +425,7 @@ export class SurveySalesService { * @returns {boolean} 해당 매물의 조회 권한 여부 (true: 권한 있음, false: 권한 없음) */ private checkAdminRole(survey: any, storeId: string | null, storeNm: string | null): boolean { - if (!storeId) return false + if (!storeId) return survey.REPRESENTATIVE_ID === this.session?.userId return survey.SUBMISSION_STATUS ? survey.SUBMISSION_TARGET_ID === storeId || survey.SUBMISSION_TARGET_NM === storeNm || survey.STORE_ID === storeId : survey.STORE_ID === storeId @@ -428,7 +440,7 @@ export class SurveySalesService { * @returns {boolean} 해당 매물의 조회 권한 여부 (true: 권한 있음, false: 권한 없음) */ private checkAdminSubRole(survey: any, storeId: string | null, storeNm: string | null): boolean { - if (!storeId) return false + if (!storeId) return survey.REPRESENTATIVE_ID === this.session?.userId return survey.SUBMISSION_STATUS ? survey.SUBMISSION_TARGET_ID === storeId || survey.SUBMISSION_TARGET_NM === storeNm || survey.STORE_ID === storeId : survey.STORE_ID === storeId @@ -437,14 +449,16 @@ export class SurveySalesService { /** * @description Partner 또는 Builder 권한 체크 * - 같은 시공점에서 작성한 매물 조회 가능 + * - 시공점ID가 없다면 본인이 작성한 매물 조회 가능 * * @param {any} survey 조사 매물 데이터 * @param {string | null} builderId 시공점 ID + * @param {string | null} userId 유저 ID * @returns {boolean} 해당 매물의 조회 권한 여부 (true: 권한 있음, false: 권한 없음) */ - private checkPartnerOrBuilderRole(survey: any, builderId: string | null): boolean { - if (!builderId) return false - return survey.CONSTRUCTION_POINT_ID === builderId + private checkPartnerOrBuilderRole(survey: any, builderId: string | null, userId: string | null): boolean { + if (builderId) return survey.CONSTRUCTION_POINT_ID === builderId + return survey.REPRESENTATIVE_ID === userId } /** diff --git a/src/components/survey-sale/detail/BasicForm.tsx b/src/components/survey-sale/detail/BasicForm.tsx index 570b7bd..1b5b3c3 100644 --- a/src/components/survey-sale/detail/BasicForm.tsx +++ b/src/components/survey-sale/detail/BasicForm.tsx @@ -57,17 +57,17 @@ export default function BasicForm({ basicInfo, setBasicInfo, mode, session }: Ba (session?.role === 'Builder' ? ( <> {storeInput(basicInfo, setBasicInfo, mode)} - {builderInput(basicInfo, setBasicInfo, mode)} + {builderInput(basicInfo, setBasicInfo, mode, session)} ) : session?.role === 'Partner' ? ( - <>{builderInput(basicInfo, setBasicInfo, mode)} + <>{builderInput(basicInfo, setBasicInfo, mode, session)} ) : ( <>{storeInput(basicInfo, setBasicInfo, mode)} ))} {mode === 'READ' && ( <> {basicInfo?.store && storeInput(basicInfo, setBasicInfo, mode)} - {basicInfo?.constructionPoint && builderInput(basicInfo, setBasicInfo, mode)} + {basicInfo?.constructionPoint && builderInput(basicInfo, setBasicInfo, mode, session)} )} @@ -166,15 +166,16 @@ const storeInput = (basicInfo: SurveyBasicRequest, setBasicInfo: (basicInfo: Sur ) } -/** 시공점 입력 창 */ -const builderInput = (basicInfo: SurveyBasicRequest, setBasicInfo: (basicInfo: SurveyBasicRequest) => void, mode: Mode) => { +/** 시공점 입력 창 - 2차점 시공권한 유저이지만(Builder) 시공점ID가 없는 경우에만 작성 가능 */ +const builderInput = (basicInfo: SurveyBasicRequest, setBasicInfo: (basicInfo: SurveyBasicRequest) => void, mode: Mode, session: SessionData) => { + const isWriteable = mode !== 'READ' && session?.role === 'Builder' && session?.builderId === null return (
施工店
setBasicInfo({ ...basicInfo, constructionPoint: e.target.value })} />