feat(menu-permissions): 메뉴 API 연동으로 사이드바 권한 정비
- .env.development.example과 lib/core/config/environment.dart, lib/core/permissions/permission_manager.dart에서 PERMISSION__ 폴백을 view 전용으로 좁히고 기본 정책을 명시적으로 거부하도록 재정비했다 - lib/core/navigation/*, lib/core/routing/app_router.dart, lib/widgets/app_shell.dart, lib/main.dart에서 메뉴 매니페스트·카탈로그를 도입해 /menus 응답을 캐싱하고 라우터·사이드바·Breadcrumb가 동일 menu_code/route_path를 쓰도록 리팩터링했다 - lib/core/permissions/permission_resources.dart와 그룹 권한/메뉴 마스터 모듈을 menu_code 기반 CRUD 및 Catalog 경로 정합성 검사로 전환하고 PermissionSynchronizer·PermissionBootstrapper를 확장했다 - test/helpers/test_permissions.dart, test/widgets/app_shell_test.dart 등 신규 구조를 반영하는 테스트·골든과 doc/frontend_menu_permission_tasks.md 문서를 보강했다
This commit is contained in:
JiWoong Sul
@@ -1,3 +1,4 @@
|
||||
import 'package:superport_v2/core/navigation/menu_catalog.dart';
|
||||
import 'package:superport_v2/core/permissions/permission_manager.dart';
|
||||
|
||||
import '../../features/auth/domain/entities/auth_session.dart';
|
||||
@@ -12,13 +13,16 @@ class PermissionBootstrapper {
|
||||
required PermissionManager manager,
|
||||
required GroupRepository groupRepository,
|
||||
required GroupPermissionRepository groupPermissionRepository,
|
||||
MenuCatalog? menuCatalog,
|
||||
}) : _manager = manager,
|
||||
_groupRepository = groupRepository,
|
||||
_groupPermissionRepository = groupPermissionRepository;
|
||||
_groupPermissionRepository = groupPermissionRepository,
|
||||
_menuCatalog = menuCatalog;
|
||||
|
||||
final PermissionManager _manager;
|
||||
final GroupRepository _groupRepository;
|
||||
final GroupPermissionRepository _groupPermissionRepository;
|
||||
final MenuCatalog? _menuCatalog;
|
||||
|
||||
/// 세션의 권한 목록과 그룹 권한을 적용한다.
|
||||
Future<void> apply(AuthSession session) async {
|
||||
@@ -71,6 +75,7 @@ class PermissionBootstrapper {
|
||||
final synchronizer = PermissionSynchronizer(
|
||||
repository: _groupPermissionRepository,
|
||||
manager: _manager,
|
||||
menuCatalog: _menuCatalog,
|
||||
);
|
||||
await synchronizer.syncForGroup(targetGroupId);
|
||||
}
|
||||
@@ -85,6 +90,7 @@ class PermissionBootstrapper {
|
||||
final synchronizer = PermissionSynchronizer(
|
||||
repository: _groupPermissionRepository,
|
||||
manager: _manager,
|
||||
menuCatalog: _menuCatalog,
|
||||
);
|
||||
return synchronizer.fetchPermissionMap(targetGroupId);
|
||||
}
|
||||
|
||||
@@ -45,7 +45,13 @@ class PermissionManager extends ChangeNotifier {
|
||||
return false;
|
||||
}
|
||||
|
||||
return Environment.hasPermission(key, action.name);
|
||||
// 서버/오버라이드 권한이 없으면 기본적으로 거부하고,
|
||||
// .env에 명시된 PERMISSION__ 항목만 허용한다.
|
||||
final fallbackAllowed = Environment.hasPermission(key, action.name);
|
||||
if (!fallbackAllowed) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/// 개발/테스트 환경에서 사용할 임시 오버라이드 값을 설정한다.
|
||||
|
||||
@@ -33,6 +33,9 @@ class PermissionResources {
|
||||
'/inventory/inbound': stockTransactions,
|
||||
'/inventory/outbound': stockTransactions,
|
||||
'/inventory/rental': stockTransactions,
|
||||
'/inventory/rentals': stockTransactions,
|
||||
'/inventory/receipts': stockTransactions,
|
||||
'/inventory/issues': stockTransactions,
|
||||
'/approvals/requests': approvals,
|
||||
'/approvals': approvals,
|
||||
'/approvals/steps': approvalSteps,
|
||||
@@ -45,22 +48,33 @@ class PermissionResources {
|
||||
'/approval-templates': approvalTemplates,
|
||||
'/inventory/summary': inventorySummary,
|
||||
'/masters/group-permissions': groupMenuPermissions,
|
||||
'/settings/group-permissions': groupMenuPermissions,
|
||||
'/group-menu-permissions': groupMenuPermissions,
|
||||
'/masters/vendors': vendors,
|
||||
'/inventory/vendors': vendors,
|
||||
'/inventory/manufacturers': vendors,
|
||||
'/vendors': vendors,
|
||||
'/masters/products': products,
|
||||
'/inventory/products': products,
|
||||
'/inventory/models': products,
|
||||
'/products': products,
|
||||
'/masters/warehouses': warehouses,
|
||||
'/inventory/warehouses': warehouses,
|
||||
'/warehouses': warehouses,
|
||||
'/masters/customers': customers,
|
||||
'/inventory/customers': customers,
|
||||
'/customers': customers,
|
||||
'/masters/users': users,
|
||||
'/settings/users': users,
|
||||
'/users': users,
|
||||
'/masters/groups': groups,
|
||||
'/settings/groups': groups,
|
||||
'/groups': groups,
|
||||
'/masters/menus': menus,
|
||||
'/settings/menus': menus,
|
||||
'/menus': menus,
|
||||
'/utilities/postal-search': postalSearch,
|
||||
'/utilities/zipcodes': postalSearch,
|
||||
'/zipcodes': postalSearch,
|
||||
'/reports': reports,
|
||||
'/reports/transactions': reportsTransactions,
|
||||
|
||||
Reference in New Issue
Block a user