From 3f97e4eac6ba435d944a91cbeb126026788f05e9 Mon Sep 17 00:00:00 2001
From: chpark <chpark@wace.me>
Date: Sun, 26 Apr 2026 00:26:57 +0900
Subject: [PATCH] =?UTF-8?q?fix(guard):=20plm=5Fadmin(FITO=20isAdmin)?=
 =?UTF-8?q?=EB=8F=84=20=EB=AA=A8=EB=AA=A8=20ADMIN=EC=9C=BC=EB=A1=9C=20?=
 =?UTF-8?q?=EC=9D=B8=EC=A0=95=20=E2=80=94=20403=20=ED=95=B4=EC=86=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/lib/momo-guard.ts | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/lib/momo-guard.ts b/src/lib/momo-guard.ts
index 0d556d3..b5f9898 100644
--- a/src/lib/momo-guard.ts
+++ b/src/lib/momo-guard.ts
@@ -6,16 +6,16 @@ import type { User } from "@/types";
 export async function requireMomoUser(): Promise<{ user: User } | NextResponse> {
   const user = await getSession();
   if (!user) return NextResponse.json({ success: false, message: "로그인이 필요합니다." }, { status: 401 });
-  if (user.role !== "USER" && user.role !== "ADMIN") {
-    return NextResponse.json({ success: false, message: "MOMO 사용자만 접근 가능합니다." }, { status: 403 });
-  }
+  // MOMO 가입자(role) + FITO 사용자 모두 통과
   return { user };
 }
 
 export async function requireMomoAdmin(): Promise<{ user: User } | NextResponse> {
   const r = await requireMomoUser();
   if (r instanceof NextResponse) return r;
-  if (r.user.role !== "ADMIN") {
+  // ADMIN 판정: MOMO role==='ADMIN' OR FITO isAdmin===true (plm_admin 등)
+  const isAdmin = r.user.role === "ADMIN" || r.user.isAdmin === true;
+  if (!isAdmin) {
     return NextResponse.json({ success: false, message: "관리자 권한이 필요합니다." }, { status: 403 });
   }
   return r;