260707_4_대시보드 완료

This commit is contained in:
2026-07-08 20:51:20 +09:00
parent 76d91efcb8
commit bbda38a013
12 changed files with 935 additions and 361 deletions
+30 -14
View File
@@ -13,6 +13,7 @@ from .B01_Dashboard_Repository import (
count_company_admins,
create_company,
create_project_automation,
create_system_company,
delete_project_automation,
get_dashboard_me,
get_project,
@@ -78,7 +79,9 @@ def _same_company(session: dict[str, Any], company_id: int | None) -> bool:
def _can_edit_project(session: dict[str, Any], project: dict[str, Any]) -> bool:
if session["role"] == "SYSTEM_ADMIN":
return True
return _same_company(session, project.get("company_id"))
if session["role"] == "ADMIN":
return _same_company(session, project.get("company_id"))
return False
def _can_manage_automation(session: dict[str, Any], project: dict[str, Any]) -> bool:
@@ -227,8 +230,23 @@ async def dashboard_update_project(
@router.delete("/projects/{project_id}")
async def dashboard_delete_project(
project_id: str,
session: dict[str, Any] = Depends(require_system_admin),
session: dict[str, Any] = Depends(verify_session),
):
project = await get_project(project_id)
if not project:
raise HTTPException(status_code=404, detail="프로젝트를 찾을 수 없습니다.")
can_del = False
if session["role"] == "SYSTEM_ADMIN":
can_del = True
# 나중에 ADMIN도 소유 프로젝트 삭제 허용할 수 있으므로 주석 처리
# elif session["role"] == "ADMIN":
# if int(project.get("user_id") or 0) == int(session["user_id"]):
# can_del = True
if not can_del:
raise HTTPException(status_code=403, detail="프로젝트 삭제 권한이 없습니다.")
if not await soft_delete_project(project_id, int(session["user_id"])):
raise HTTPException(status_code=404, detail="프로젝트를 찾을 수 없습니다.")
return {"status": "success"}
@@ -240,6 +258,15 @@ async def system_companies(session: dict[str, Any] = Depends(require_system_admi
return {"status": "success", "companies": await list_all_companies()}
@router.post("/admin/companies")
async def system_create_company(
payload: CreateCompanyRequest,
session: dict[str, Any] = Depends(require_system_admin),
):
result = await create_company(int(session["user_id"]), payload.model_dump())
return {"status": "success", **result}
@router.get("/admin/users")
async def system_users(session: dict[str, Any] = Depends(require_system_admin)):
_ = session
@@ -250,7 +277,7 @@ async def system_users(session: dict[str, Any] = Depends(require_system_admin)):
async def system_change_role(
user_id: int,
payload: ChangeUserRoleRequest,
session: dict[str, Any] = Depends(verify_session),
session: dict[str, Any] = Depends(require_system_admin),
):
target = await get_user_admin_target(user_id)
if not target:
@@ -259,17 +286,6 @@ async def system_change_role(
raise HTTPException(
status_code=403, detail="시스템 관리자 역할은 API에서 변경할 수 없습니다."
)
if session["role"] == "ADMIN":
if not _same_company(session, target.get("company_id")):
raise HTTPException(status_code=403, detail="같은 회사 사용자만 변경할 수 있습니다.")
if target["role"] == "ADMIN" and payload.role == "USER":
admins = await count_company_admins(int(target["company_id"]))
if admins <= 1:
raise HTTPException(
status_code=409, detail="회사의 마지막 관리자는 변경할 수 없습니다."
)
elif session["role"] != "SYSTEM_ADMIN":
raise HTTPException(status_code=403, detail="역할 변경 권한이 없습니다.")
if not await change_user_role(user_id, payload.role):
raise HTTPException(status_code=404, detail="사용자를 찾을 수 없습니다.")
return {"status": "success"}