(대표님) 구매 권한설정, data room 등

1 files changed, 74 insertions, 14 deletions

diff --git a/lib/permissions/service.ts b/lib/permissions/service.ts
index 3ef1ff04..b3e6b4bc 100644
--- a/lib/permissions/service.ts
+++ b/lib/permissions/service.ts
@@ -3,7 +3,7 @@
 "use server";
 
 import db from "@/db/db";
-import { eq, and, inArray, or, ilike } from "drizzle-orm";
+import { eq, and, inArray, or, ilike, sql } from "drizzle-orm";
 import {
     permissions,
     rolePermissions,
@@ -70,21 +70,58 @@ export async function assignPermissionsToRole(
 
 
 // 역할의 권한 목록 조회
+// 역할 권한 조회 (기존 함수)
 export async function getRolePermissions(roleId: number) {
-    const allPermissions = await db.select().from(permissions)
-        .where(eq(permissions.isActive, true));
-
-    const rolePerms = await db.select({
-        permissionId: rolePermissions.permissionId,
-    })
+    try {
+      // 역할에 할당된 권한 조회
+      const assignedPermissions = await db
+        .select({
+          id: permissions.id,
+          permissionKey: permissions.permissionKey,
+          name: permissions.name,
+          description: permissions.description,
+          resource: permissions.resource,
+          action: permissions.action,
+          permissionType: permissions.permissionType,
+          scope: permissions.scope,
+          menuPath: permissions.menuPath,
+        })
         .from(rolePermissions)
-        .where(eq(rolePermissions.roleId, roleId));
-
-    return {
+        .innerJoin(permissions, eq(permissions.id, rolePermissions.permissionId))
+        .where(
+          and(
+            eq(rolePermissions.roleId, roleId),
+            eq(rolePermissions.isActive, true)
+          )
+        );
+  
+      // 모든 활성 권한 조회
+      const allPermissions = await db
+        .select({
+          id: permissions.id,
+          permissionKey: permissions.permissionKey,
+          name: permissions.name,
+          description: permissions.description,
+          resource: permissions.resource,
+          action: permissions.action,
+          permissionType: permissions.permissionType,
+          scope: permissions.scope,
+          menuPath: permissions.menuPath,
+        })
+        .from(permissions)
+        .where(eq(permissions.isActive, true))
+        .orderBy(permissions.resource, permissions.name);
+  
+      return {
         permissions: allPermissions,
-        assignedPermissionIds: rolePerms.map(rp => rp.permissionId),
-    };
-}
+        assignedPermissionIds: assignedPermissions.map(p => p.id)
+      };
+    } catch (error) {
+      console.error('Failed to get role permissions:', error);
+      throw new Error('역할 권한 조회에 실패했습니다.');
+    }
+  }
+
 
 // 권한 체크 함수
 export async function checkUserPermission(
@@ -431,4 +468,27 @@ export async function updateMenuPermissions(
             );
         }
     });
-}
\ No newline at end of file
+}
+
+// 역할 목록 조회
+export async function getRoles() {
+    try {
+      const rolesData = await db
+        .select({
+          id: roles.id,
+          name: roles.name,
+          domain: roles.domain,
+          description: roles.description,
+          userCount: sql<number>`count(distinct ${userRoles.userId})`.mapWith(Number),
+        })
+        .from(roles)
+        .leftJoin(userRoles, eq(userRoles.roleId, roles.id))
+        .groupBy(roles.id)
+        .orderBy(roles.domain, roles.name);
+  
+      return rolesData;
+    } catch (error) {
+      console.log('Failed to get roles:', error);
+      throw new Error('역할 목록 조회에 실패했습니다.');
+    }
+  }
\ No newline at end of file