260707_4_대시보드 완료
This commit is contained in:
@@ -13,6 +13,7 @@ from .B01_Dashboard_Repository import (
|
||||
count_company_admins,
|
||||
create_company,
|
||||
create_project_automation,
|
||||
create_system_company,
|
||||
delete_project_automation,
|
||||
get_dashboard_me,
|
||||
get_project,
|
||||
@@ -78,7 +79,9 @@ def _same_company(session: dict[str, Any], company_id: int | None) -> bool:
|
||||
def _can_edit_project(session: dict[str, Any], project: dict[str, Any]) -> bool:
|
||||
if session["role"] == "SYSTEM_ADMIN":
|
||||
return True
|
||||
return _same_company(session, project.get("company_id"))
|
||||
if session["role"] == "ADMIN":
|
||||
return _same_company(session, project.get("company_id"))
|
||||
return False
|
||||
|
||||
|
||||
def _can_manage_automation(session: dict[str, Any], project: dict[str, Any]) -> bool:
|
||||
@@ -227,8 +230,23 @@ async def dashboard_update_project(
|
||||
@router.delete("/projects/{project_id}")
|
||||
async def dashboard_delete_project(
|
||||
project_id: str,
|
||||
session: dict[str, Any] = Depends(require_system_admin),
|
||||
session: dict[str, Any] = Depends(verify_session),
|
||||
):
|
||||
project = await get_project(project_id)
|
||||
if not project:
|
||||
raise HTTPException(status_code=404, detail="프로젝트를 찾을 수 없습니다.")
|
||||
|
||||
can_del = False
|
||||
if session["role"] == "SYSTEM_ADMIN":
|
||||
can_del = True
|
||||
# 나중에 ADMIN도 소유 프로젝트 삭제 허용할 수 있으므로 주석 처리
|
||||
# elif session["role"] == "ADMIN":
|
||||
# if int(project.get("user_id") or 0) == int(session["user_id"]):
|
||||
# can_del = True
|
||||
|
||||
if not can_del:
|
||||
raise HTTPException(status_code=403, detail="프로젝트 삭제 권한이 없습니다.")
|
||||
|
||||
if not await soft_delete_project(project_id, int(session["user_id"])):
|
||||
raise HTTPException(status_code=404, detail="프로젝트를 찾을 수 없습니다.")
|
||||
return {"status": "success"}
|
||||
@@ -240,6 +258,15 @@ async def system_companies(session: dict[str, Any] = Depends(require_system_admi
|
||||
return {"status": "success", "companies": await list_all_companies()}
|
||||
|
||||
|
||||
@router.post("/admin/companies")
|
||||
async def system_create_company(
|
||||
payload: CreateCompanyRequest,
|
||||
session: dict[str, Any] = Depends(require_system_admin),
|
||||
):
|
||||
result = await create_company(int(session["user_id"]), payload.model_dump())
|
||||
return {"status": "success", **result}
|
||||
|
||||
|
||||
@router.get("/admin/users")
|
||||
async def system_users(session: dict[str, Any] = Depends(require_system_admin)):
|
||||
_ = session
|
||||
@@ -250,7 +277,7 @@ async def system_users(session: dict[str, Any] = Depends(require_system_admin)):
|
||||
async def system_change_role(
|
||||
user_id: int,
|
||||
payload: ChangeUserRoleRequest,
|
||||
session: dict[str, Any] = Depends(verify_session),
|
||||
session: dict[str, Any] = Depends(require_system_admin),
|
||||
):
|
||||
target = await get_user_admin_target(user_id)
|
||||
if not target:
|
||||
@@ -259,17 +286,6 @@ async def system_change_role(
|
||||
raise HTTPException(
|
||||
status_code=403, detail="시스템 관리자 역할은 API에서 변경할 수 없습니다."
|
||||
)
|
||||
if session["role"] == "ADMIN":
|
||||
if not _same_company(session, target.get("company_id")):
|
||||
raise HTTPException(status_code=403, detail="같은 회사 사용자만 변경할 수 있습니다.")
|
||||
if target["role"] == "ADMIN" and payload.role == "USER":
|
||||
admins = await count_company_admins(int(target["company_id"]))
|
||||
if admins <= 1:
|
||||
raise HTTPException(
|
||||
status_code=409, detail="회사의 마지막 관리자는 변경할 수 없습니다."
|
||||
)
|
||||
elif session["role"] != "SYSTEM_ADMIN":
|
||||
raise HTTPException(status_code=403, detail="역할 변경 권한이 없습니다.")
|
||||
if not await change_user_role(user_id, payload.role):
|
||||
raise HTTPException(status_code=404, detail="사용자를 찾을 수 없습니다.")
|
||||
return {"status": "success"}
|
||||
|
||||
Reference in New Issue
Block a user