fix(auth): 권한그룹 코드 입력칸 숨김 + 자동생성

- 권한그룹 생성 모달에서 권한CODE 입력 제거 (권한명만 입력) - 서버: 신규 등록 시 auth_code 비어있으면 GRP_<base36 timestamp> 자동 생성 - 좌측 권한 목록에서도 코드 노출 제거 (내부 식별자만 유지) - 수정 시 기존 auth_code 는 보존 (COALESCE) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-12 00:30:55 +09:00
parent 52db6eff53
commit 2ea2a6759e
2 changed files with 12 additions and 9 deletions
@@ -830,12 +830,11 @@ function AuthManagement() {
  const onCreate = async () => {
    const r = await Swal.fire({
      title: "권한그룹 생성",
-      html: `<input id="sw_name" class="swal2-input" placeholder="권한명 (예: 영업팀 권한)">
-             <input id="sw_code" class="swal2-input" placeholder="권한CODE (예: SALES_TEAM)">`,
+      html: `<input id="sw_name" class="swal2-input" placeholder="권한명 (예: 영업팀 권한)">`,
      showCancelButton: true, confirmButtonText: "생성",
      preConfirm: () => ({
        auth_name: (document.getElementById("sw_name") as HTMLInputElement).value,
-        auth_code: (document.getElementById("sw_code") as HTMLInputElement).value,
+        // auth_code 는 서버에서 자동 생성
      }),
    });
    if (!r.isConfirmed || !r.value?.auth_name) return;
@@ -848,12 +847,11 @@ function AuthManagement() {
  const onRename = async (g: AuthGroup) => {
    const r = await Swal.fire({
      title: "권한 그룹 수정", icon: "info",
-      html: `<input id="sw_name" class="swal2-input" value="${g.AUTH_NAME}">
-             <input id="sw_code" class="swal2-input" value="${g.AUTH_CODE ?? ""}">`,
+      html: `<input id="sw_name" class="swal2-input" value="${g.AUTH_NAME}">`,
      showCancelButton: true, showDenyButton: true, denyButtonText: "삭제", confirmButtonText: "저장",
      preConfirm: () => ({
        auth_name: (document.getElementById("sw_name") as HTMLInputElement).value,
-        auth_code: (document.getElementById("sw_code") as HTMLInputElement).value,
+        auth_code: g.AUTH_CODE ?? "", // 기존 코드 유지
      }),
    });
    if (r.isDenied) {
@@ -897,7 +895,6 @@ function AuthManagement() {
                title="더블클릭: 수정/삭제"
              >
                <div className="text-sm font-bold text-slate-800">{g.AUTH_NAME}</div>
-                <div className="text-[10px] text-slate-400 font-mono">{g.AUTH_CODE || "-"}</div>
              </button>
            ))}
          </div>
@@ -12,12 +12,18 @@ export async function POST(request: NextRequest) {
    const body = await request.json();
    const objid = body.objid || createObjectId();

+    // 신규 등록 시 권한CODE 자동 생성 (사용자에게 노출하지 않고 내부 식별자만 유지)
+    let authCode = (body.auth_code || "").trim();
+    if (!body.objid && !authCode) {
+      authCode = `GRP_${Date.now().toString(36).toUpperCase()}`;
+    }
+
    await execute(
      `INSERT INTO AUTHORITY_MASTER (OBJID, AUTH_NAME, AUTH_CODE, WRITER, REGDATE, STATUS)
       VALUES ($1::numeric, $2, $3, $4, now(), $5)
       ON CONFLICT (OBJID) DO UPDATE
-       SET AUTH_NAME = $2, AUTH_CODE = $3, STATUS = $5`,
-      [objid, body.auth_name || "", body.auth_code || "", user.userId, body.status || "active"]
+       SET AUTH_NAME = $2, AUTH_CODE = COALESCE(NULLIF($3, ''), AUTHORITY_MASTER.AUTH_CODE), STATUS = $5`,
+      [objid, body.auth_name || "", authCode, user.userId, body.status || "active"]
    );

    return NextResponse.json({ success: true, message: body.objid ? "수정되었습니다." : "등록되었습니다.", objid });