feat(approvals): 결재 접근 차단 대응과 전표 전이 메모 전달 강화
- approvals 모듈에서 APPROVAL_ACCESS_DENIED 응답을 포착하여 ApprovalAccessDeniedException으로 변환하고 접근 거부 시 토스트·대시보드 리다이렉트를 처리 - approval history 조회가 서버 action id에 맞춰 필터링되도록 repository·controller·테스트를 보강 - 재고 트랜잭션 상태 전이 API 호출에 note를 전달하도록 repository·컨트롤러·통합/단위 테스트를 업데이트 - 승인 플로우 QA 체크리스트 및 연동 문서를 최신 계약과 테스트 흐름으로 업데이트
This commit is contained in:
JiWoong Sul
@@ -101,6 +101,16 @@ void main() {
|
||||
approvalRepository = _MockApprovalRepository();
|
||||
recallUseCase = _MockRecallApprovalUseCase();
|
||||
resubmitUseCase = _MockResubmitApprovalUseCase();
|
||||
when(
|
||||
() =>
|
||||
approvalRepository.listActions(activeOnly: any(named: 'activeOnly')),
|
||||
).thenAnswer(
|
||||
(_) async => [
|
||||
ApprovalAction(id: 11, name: 'approve', code: 'approve'),
|
||||
ApprovalAction(id: 12, name: 'reject', code: 'reject'),
|
||||
ApprovalAction(id: 13, name: 'comment', code: 'comment'),
|
||||
],
|
||||
);
|
||||
controller = ApprovalHistoryController(
|
||||
repository: repository,
|
||||
approvalRepository: approvalRepository,
|
||||
@@ -115,7 +125,7 @@ void main() {
|
||||
page: any(named: 'page'),
|
||||
pageSize: any(named: 'pageSize'),
|
||||
query: any(named: 'query'),
|
||||
action: any(named: 'action'),
|
||||
approvalActionId: any(named: 'approvalActionId'),
|
||||
from: any(named: 'from'),
|
||||
to: any(named: 'to'),
|
||||
),
|
||||
@@ -130,7 +140,7 @@ void main() {
|
||||
page: 1,
|
||||
pageSize: 20,
|
||||
query: null,
|
||||
action: null,
|
||||
approvalActionId: null,
|
||||
from: null,
|
||||
to: null,
|
||||
),
|
||||
@@ -143,7 +153,7 @@ void main() {
|
||||
page: any(named: 'page'),
|
||||
pageSize: any(named: 'pageSize'),
|
||||
query: any(named: 'query'),
|
||||
action: any(named: 'action'),
|
||||
approvalActionId: any(named: 'approvalActionId'),
|
||||
from: any(named: 'from'),
|
||||
to: any(named: 'to'),
|
||||
),
|
||||
@@ -160,7 +170,7 @@ void main() {
|
||||
page: 2,
|
||||
pageSize: 20,
|
||||
query: 'APP',
|
||||
action: 'approve',
|
||||
approvalActionId: 11,
|
||||
from: DateTime(2024, 4, 1),
|
||||
to: DateTime(2024, 4, 30),
|
||||
),
|
||||
@@ -173,7 +183,7 @@ void main() {
|
||||
page: any(named: 'page'),
|
||||
pageSize: any(named: 'pageSize'),
|
||||
query: any(named: 'query'),
|
||||
action: any(named: 'action'),
|
||||
approvalActionId: any(named: 'approvalActionId'),
|
||||
from: any(named: 'from'),
|
||||
to: any(named: 'to'),
|
||||
),
|
||||
@@ -254,7 +264,7 @@ void main() {
|
||||
page: any(named: 'page'),
|
||||
pageSize: any(named: 'pageSize'),
|
||||
query: any(named: 'query'),
|
||||
action: any(named: 'action'),
|
||||
approvalActionId: any(named: 'approvalActionId'),
|
||||
from: any(named: 'from'),
|
||||
to: any(named: 'to'),
|
||||
),
|
||||
@@ -282,7 +292,7 @@ void main() {
|
||||
page: 1,
|
||||
pageSize: 20,
|
||||
query: null,
|
||||
action: null,
|
||||
approvalActionId: null,
|
||||
from: null,
|
||||
to: null,
|
||||
),
|
||||
@@ -319,7 +329,7 @@ void main() {
|
||||
page: any(named: 'page'),
|
||||
pageSize: any(named: 'pageSize'),
|
||||
query: any(named: 'query'),
|
||||
action: any(named: 'action'),
|
||||
approvalActionId: any(named: 'approvalActionId'),
|
||||
from: any(named: 'from'),
|
||||
to: any(named: 'to'),
|
||||
),
|
||||
|
||||
@@ -8,12 +8,13 @@ import 'package:shadcn_ui/shadcn_ui.dart';
|
||||
import 'package:superport_v2/core/common/models/paginated_result.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/entities/approval.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/entities/approval_flow.dart';
|
||||
import 'package:superport_v2/features/approvals/history/domain/entities/approval_history_record.dart';
|
||||
import 'package:superport_v2/features/approvals/history/domain/repositories/approval_history_repository.dart';
|
||||
import 'package:superport_v2/features/approvals/history/presentation/pages/approval_history_page.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/repositories/approval_repository.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/usecases/recall_approval_use_case.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/usecases/resubmit_approval_use_case.dart';
|
||||
import 'package:superport_v2/features/approvals/history/domain/entities/approval_history_record.dart';
|
||||
import 'package:superport_v2/features/approvals/history/domain/repositories/approval_history_repository.dart';
|
||||
import 'package:superport_v2/features/approvals/history/presentation/controllers/approval_history_controller.dart';
|
||||
import 'package:superport_v2/features/approvals/history/presentation/pages/approval_history_page.dart';
|
||||
import 'package:superport_v2/features/auth/application/auth_service.dart';
|
||||
import 'package:superport_v2/features/auth/domain/entities/auth_permission.dart';
|
||||
import 'package:superport_v2/features/auth/domain/entities/auth_session.dart';
|
||||
@@ -214,6 +215,17 @@ void main() {
|
||||
sl.registerLazySingleton<ResubmitApprovalUseCase>(() => resubmitUseCase);
|
||||
sl.registerLazySingleton<AuthService>(() => authService);
|
||||
|
||||
when(
|
||||
() =>
|
||||
approvalRepository.listActions(activeOnly: any(named: 'activeOnly')),
|
||||
).thenAnswer(
|
||||
(_) async => [
|
||||
ApprovalAction(id: 11, name: 'approve', code: 'approve'),
|
||||
ApprovalAction(id: 12, name: 'reject', code: 'reject'),
|
||||
ApprovalAction(id: 13, name: 'comment', code: 'comment'),
|
||||
],
|
||||
);
|
||||
|
||||
when(
|
||||
() => approvalRepository.fetchDetail(
|
||||
any(),
|
||||
@@ -259,7 +271,7 @@ void main() {
|
||||
page: any(named: 'page'),
|
||||
pageSize: any(named: 'pageSize'),
|
||||
query: any(named: 'query'),
|
||||
action: any(named: 'action'),
|
||||
approvalActionId: any(named: 'approvalActionId'),
|
||||
from: any(named: 'from'),
|
||||
to: any(named: 'to'),
|
||||
),
|
||||
@@ -288,13 +300,54 @@ void main() {
|
||||
page: any(named: 'page'),
|
||||
pageSize: 20,
|
||||
query: 'APP-2024',
|
||||
action: null,
|
||||
approvalActionId: null,
|
||||
from: null,
|
||||
to: null,
|
||||
),
|
||||
).called(greaterThanOrEqualTo(1));
|
||||
});
|
||||
|
||||
testWidgets('행위 필터 선택 시 approval_action_id로 재조회한다', (tester) async {
|
||||
dotenv.testLoad(fileInput: 'FEATURE_APPROVALS_ENABLED=true\n');
|
||||
|
||||
final capturedActionIds = <int?>[];
|
||||
when(
|
||||
() => historyRepository.list(
|
||||
page: any(named: 'page'),
|
||||
pageSize: any(named: 'pageSize'),
|
||||
query: any(named: 'query'),
|
||||
approvalActionId: any(named: 'approvalActionId'),
|
||||
from: any(named: 'from'),
|
||||
to: any(named: 'to'),
|
||||
),
|
||||
).thenAnswer((invocation) async {
|
||||
capturedActionIds.add(
|
||||
invocation.namedArguments[#approvalActionId] as int?,
|
||||
);
|
||||
return PaginatedResult<ApprovalHistoryRecord>(
|
||||
items: [record, secondRecord],
|
||||
page: 1,
|
||||
pageSize: 20,
|
||||
total: 2,
|
||||
);
|
||||
});
|
||||
|
||||
await tester.pumpWidget(_buildApp(const ApprovalHistoryPage()));
|
||||
await tester.pumpAndSettle();
|
||||
|
||||
final controller = tester
|
||||
.widgetList<AnimatedBuilder>(find.byType(AnimatedBuilder))
|
||||
.map((builder) => builder.animation)
|
||||
.whereType<ApprovalHistoryController>()
|
||||
.first;
|
||||
|
||||
controller.updateActionFilter(ApprovalHistoryActionFilter.approve);
|
||||
await controller.fetch(page: 1);
|
||||
await tester.pump();
|
||||
|
||||
expect(capturedActionIds, contains(11));
|
||||
});
|
||||
|
||||
testWidgets('회수 시 상세 재조회 실패 안내를 노출한다', (tester) async {
|
||||
dotenv.testLoad(fileInput: 'FEATURE_APPROVALS_ENABLED=true\n');
|
||||
|
||||
@@ -303,7 +356,7 @@ void main() {
|
||||
page: any(named: 'page'),
|
||||
pageSize: any(named: 'pageSize'),
|
||||
query: any(named: 'query'),
|
||||
action: any(named: 'action'),
|
||||
approvalActionId: any(named: 'approvalActionId'),
|
||||
from: any(named: 'from'),
|
||||
to: any(named: 'to'),
|
||||
),
|
||||
|
||||
@@ -8,6 +8,7 @@ import 'package:superport_v2/features/approvals/domain/entities/approval.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/entities/approval_draft.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/entities/approval_template.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/entities/approval_proceed_status.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/errors/approval_access_denied_exception.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/repositories/approval_repository.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/repositories/approval_template_repository.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/usecases/get_approval_draft_use_case.dart';
|
||||
@@ -163,6 +164,29 @@ void main() {
|
||||
expect(statusCodes, isNull);
|
||||
});
|
||||
|
||||
test('403 접근 거부 시 accessDenied 플래그를 노출한다', () async {
|
||||
when(
|
||||
() => repository.list(
|
||||
page: any(named: 'page'),
|
||||
pageSize: any(named: 'pageSize'),
|
||||
transactionId: any(named: 'transactionId'),
|
||||
approvalStatusId: any(named: 'approvalStatusId'),
|
||||
requestedById: any(named: 'requestedById'),
|
||||
statusCodes: any(named: 'statusCodes'),
|
||||
includePending: any(named: 'includePending'),
|
||||
includeHistories: any(named: 'includeHistories'),
|
||||
includeSteps: any(named: 'includeSteps'),
|
||||
),
|
||||
).thenThrow(const ApprovalAccessDeniedException(message: '테스트 접근 제한'));
|
||||
|
||||
await controller.fetch();
|
||||
|
||||
expect(controller.isAccessDenied, isTrue);
|
||||
expect(controller.accessDeniedMessage, '테스트 접근 제한');
|
||||
expect(controller.result, isNull);
|
||||
expect(controller.errorMessage, isNull);
|
||||
});
|
||||
|
||||
// 검색어/상태/기간 필터가 Repository 호출에 반영되는지 확인한다.
|
||||
test('필터 전달을 검증한다', () async {
|
||||
controller.updateTransactionFilter(55);
|
||||
@@ -316,6 +340,23 @@ void main() {
|
||||
expect(controller.canProceedSelected, isTrue);
|
||||
});
|
||||
|
||||
test('상세 조회에서 접근 거부 시 accessDenied를 기록한다', () async {
|
||||
when(
|
||||
() => repository.fetchDetail(
|
||||
any(),
|
||||
includeSteps: any(named: 'includeSteps'),
|
||||
includeHistories: any(named: 'includeHistories'),
|
||||
),
|
||||
).thenThrow(const ApprovalAccessDeniedException(message: '상세 접근 제한'));
|
||||
|
||||
await controller.selectApproval(sampleApproval.id!);
|
||||
|
||||
expect(controller.isAccessDenied, isTrue);
|
||||
expect(controller.accessDeniedMessage, '상세 접근 제한');
|
||||
expect(controller.selected, isNull);
|
||||
verifyNever(() => repository.canProceed(any()));
|
||||
});
|
||||
|
||||
test('에러 발생 시 errorMessage 설정', () async {
|
||||
when(
|
||||
() => repository.fetchDetail(
|
||||
|
||||
@@ -9,6 +9,7 @@ import 'package:superport_v2/core/common/models/paginated_result.dart';
|
||||
import 'package:superport_v2/core/permissions/permission_manager.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/entities/approval.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/entities/approval_template.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/errors/approval_access_denied_exception.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/repositories/approval_repository.dart';
|
||||
import 'package:superport_v2/features/approvals/domain/repositories/approval_template_repository.dart';
|
||||
import 'package:superport_v2/features/approvals/presentation/controllers/approval_controller.dart';
|
||||
@@ -111,6 +112,8 @@ void main() {
|
||||
transactionId: any(named: 'transactionId'),
|
||||
approvalStatusId: any(named: 'approvalStatusId'),
|
||||
requestedById: any(named: 'requestedById'),
|
||||
statusCodes: any(named: 'statusCodes'),
|
||||
includePending: any(named: 'includePending'),
|
||||
includeHistories: any(named: 'includeHistories'),
|
||||
includeSteps: any(named: 'includeSteps'),
|
||||
),
|
||||
@@ -137,5 +140,27 @@ void main() {
|
||||
await tester.pumpAndSettle();
|
||||
expect(find.text('승인대기'), findsWidgets);
|
||||
});
|
||||
|
||||
testWidgets('접근 거부 시 경고 토스트를 노출한다', (tester) async {
|
||||
when(
|
||||
() => repository.list(
|
||||
page: any(named: 'page'),
|
||||
pageSize: any(named: 'pageSize'),
|
||||
transactionId: any(named: 'transactionId'),
|
||||
approvalStatusId: any(named: 'approvalStatusId'),
|
||||
requestedById: any(named: 'requestedById'),
|
||||
statusCodes: any(named: 'statusCodes'),
|
||||
includePending: any(named: 'includePending'),
|
||||
includeHistories: any(named: 'includeHistories'),
|
||||
includeSteps: any(named: 'includeSteps'),
|
||||
),
|
||||
).thenThrow(const ApprovalAccessDeniedException(message: '열람 권한이 없습니다.'));
|
||||
|
||||
await tester.pumpWidget(_buildApp(const ApprovalPage()));
|
||||
await tester.pump();
|
||||
await tester.pump(const Duration(milliseconds: 50));
|
||||
|
||||
expect(find.text('열람 권한이 없습니다.'), findsWidgets);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user