feat(menu-permissions): 메뉴 API 연동으로 사이드바 권한 정비

- .env.development.example과 lib/core/config/environment.dart, lib/core/permissions/permission_manager.dart에서 PERMISSION__ 폴백을 view 전용으로 좁히고 기본 정책을 명시적으로 거부하도록 재정비했다 - lib/core/navigation/*, lib/core/routing/app_router.dart, lib/widgets/app_shell.dart, lib/main.dart에서 메뉴 매니페스트·카탈로그를 도입해 /menus 응답을 캐싱하고 라우터·사이드바·Breadcrumb가 동일 menu_code/route_path를 쓰도록 리팩터링했다 - lib/core/permissions/permission_resources.dart와 그룹 권한/메뉴 마스터 모듈을 menu_code 기반 CRUD 및 Catalog 경로 정합성 검사로 전환하고 PermissionSynchronizer·PermissionBootstrapper를 확장했다 - test/helpers/test_permissions.dart, test/widgets/app_shell_test.dart 등 신규 구조를 반영하는 테스트·골든과 doc/frontend_menu_permission_tasks.md 문서를 보강했다
2025-11-12 18:29:03 +09:00
parent f767c44573
commit 753f76e952
72 changed files with 1914 additions and 704 deletions
--- a/test/features/masters/group_permission/application/permission_synchronizer_test.dart
+++ b/test/features/masters/group_permission/application/permission_synchronizer_test.dart
@@ -2,11 +2,15 @@ import 'package:flutter_test/flutter_test.dart';
 import 'package:mocktail/mocktail.dart';

 import 'package:superport_v2/core/common/models/paginated_result.dart';
+import 'package:superport_v2/core/navigation/menu_catalog.dart';
+import 'package:superport_v2/core/navigation/route_paths.dart';
 import 'package:superport_v2/core/permissions/permission_manager.dart';
 import 'package:superport_v2/core/permissions/permission_resources.dart';
 import 'package:superport_v2/features/masters/group_permission/application/permission_synchronizer.dart';
 import 'package:superport_v2/features/masters/group_permission/domain/entities/group_permission.dart';
 import 'package:superport_v2/features/masters/group_permission/domain/repositories/group_permission_repository.dart';
+import 'package:superport_v2/features/masters/menu/domain/entities/menu.dart';
+import 'package:superport_v2/features/masters/menu/domain/repositories/menu_repository.dart';

 class _MockGroupPermissionRepository extends Mock
    implements GroupPermissionRepository {}
@@ -29,9 +33,9 @@ void main() {
        group: GroupPermissionGroup(id: 1, groupName: '관리자'),
        menu: GroupPermissionMenu(
          id: 10,
-          menuCode: 'INBOUND',
+          menuCode: 'inventory.receipts',
          menuName: '입고',
-          path: '/inventory/inbound',
+          path: inventoryReceiptsRoutePath,
        ),
        canCreate: true,
        canRead: true,
@@ -44,9 +48,9 @@ void main() {
        group: GroupPermissionGroup(id: 1, groupName: '관리자'),
        menu: GroupPermissionMenu(
          id: 11,
-          menuCode: 'OUTBOUND',
+          menuCode: 'inventory.issues',
          menuName: '출고',
-          path: '/inventory/outbound',
+          path: inventoryIssuesRoutePath,
        ),
        canCreate: false,
        canRead: true,
@@ -59,7 +63,7 @@ void main() {
          page: any(named: 'page'),
          pageSize: any(named: 'pageSize'),
          groupId: any(named: 'groupId'),
-          menuId: any(named: 'menuId'),
+          menuCode: any(named: 'menuCode'),
          isActive: any(named: 'isActive'),
          includeDeleted: any(named: 'includeDeleted'),
        ),
@@ -88,7 +92,7 @@ void main() {
          page: any(named: 'page'),
          pageSize: 1,
          groupId: 1,
-          menuId: null,
+          menuCode: null,
          isActive: true,
          includeDeleted: false,
        ),
@@ -131,7 +135,7 @@ void main() {
          page: any(named: 'page'),
          pageSize: any(named: 'pageSize'),
          groupId: any(named: 'groupId'),
-          menuId: any(named: 'menuId'),
+          menuCode: any(named: 'menuCode'),
          isActive: any(named: 'isActive'),
          includeDeleted: any(named: 'includeDeleted'),
        ),
@@ -166,5 +170,160 @@ void main() {
        contains(PermissionAction.view),
      );
    });
+
+    test('menu_code 경로 불일치는 Catalog 기준으로 보정한다', () async {
+      const legacyPath = '/legacy/inbound';
+      final repository = _MockGroupPermissionRepository();
+      final manager = PermissionManager();
+      final catalog = MenuCatalog(repository: _DummyMenuRepository());
+      catalog.replaceAll([
+        MenuItem(
+          id: 10,
+          menuCode: 'inventory.receipts',
+          menuName: '입고',
+          path: inventoryReceiptsRoutePath,
+        ),
+      ]);
+      final synchronizer = PermissionSynchronizer(
+        repository: repository,
+        manager: manager,
+        menuCatalog: catalog,
+      );
+
+      when(
+        () => repository.list(
+          page: any(named: 'page'),
+          pageSize: any(named: 'pageSize'),
+          groupId: any(named: 'groupId'),
+          menuCode: any(named: 'menuCode'),
+          isActive: any(named: 'isActive'),
+          includeDeleted: any(named: 'includeDeleted'),
+        ),
+      ).thenAnswer((_) async {
+        return PaginatedResult<GroupPermission>(
+          items: [
+            GroupPermission(
+              id: 1,
+              group: GroupPermissionGroup(id: 1, groupName: '관리자'),
+              menu: GroupPermissionMenu(
+                id: 10,
+                menuCode: 'inventory.receipts',
+                menuName: '입고',
+                path: legacyPath,
+              ),
+              canRead: true,
+            ),
+          ],
+          page: 1,
+          pageSize: 20,
+          total: 1,
+        );
+      });
+
+      await synchronizer.syncForGroup(1);
+
+      expect(
+        manager.can(inventoryReceiptsRoutePath, PermissionAction.view),
+        isTrue,
+      );
+      expect(
+        manager.can(legacyPath, PermissionAction.view),
+        isFalse,
+      );
+    });
+
+    test('menu path가 비어도 Catalog 경로를 적용한다', () async {
+      final repository = _MockGroupPermissionRepository();
+      final manager = PermissionManager();
+      final catalog = MenuCatalog(repository: _DummyMenuRepository());
+      catalog.replaceAll([
+        MenuItem(
+          id: 20,
+          menuCode: 'inventory.issues',
+          menuName: '출고',
+          path: inventoryIssuesRoutePath,
+        ),
+      ]);
+      final synchronizer = PermissionSynchronizer(
+        repository: repository,
+        manager: manager,
+        menuCatalog: catalog,
+      );
+
+      when(
+        () => repository.list(
+          page: any(named: 'page'),
+          pageSize: any(named: 'pageSize'),
+          groupId: any(named: 'groupId'),
+          menuCode: any(named: 'menuCode'),
+          isActive: any(named: 'isActive'),
+          includeDeleted: any(named: 'includeDeleted'),
+        ),
+      ).thenAnswer((_) async {
+        return PaginatedResult<GroupPermission>(
+          items: [
+            GroupPermission(
+              id: 2,
+              group: GroupPermissionGroup(id: 1, groupName: '관리자'),
+              menu: GroupPermissionMenu(
+                id: 20,
+                menuCode: 'inventory.issues',
+                menuName: '출고',
+              ),
+              canRead: true,
+            ),
+          ],
+          page: 1,
+          pageSize: 20,
+          total: 1,
+        );
+      });
+
+      await synchronizer.syncForGroup(1);
+
+      expect(
+        manager.can(inventoryIssuesRoutePath, PermissionAction.view),
+        isTrue,
+      );
+    });
  });
 }
+
+class _DummyMenuRepository implements MenuRepository {
+  @override
+  Future<MenuItem> create(MenuInput input) {
+    throw UnimplementedError();
+  }
+
+  @override
+  Future<void> delete(int id) {
+    throw UnimplementedError();
+  }
+
+  @override
+  Future<PaginatedResult<MenuItem>> list({
+    int page = 1,
+    int pageSize = 20,
+    String? query,
+    int? parentId,
+    bool? isActive,
+    bool includeDeleted = false,
+  }) async {
+    return PaginatedResult<MenuItem>(
+      items: const [],
+      page: page,
+      pageSize: pageSize,
+      total: 0,
+    );
+  }
+
+  @override
+  Future<MenuItem> restore(int id) {
+    throw UnimplementedError();
+  }
+
+  @override
+  Future<MenuItem> update(int id, MenuInput input) {
+    throw UnimplementedError();
+  }
+}