From 0f3954bf57e65caef7b7dd14ea5fccb63fdb2bef Mon Sep 17 00:00:00 2001
From: joonhoekim <26rote@gmail.com>
Date: Thu, 4 Dec 2025 11:17:15 +0900
Subject: (김준회) 권한관리 환경변수로 제어: 개발 간 불편 줄이기 위함
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .env.development                 |  5 +++--
 .env.production                  |  6 ++++--
 app/[lng]/evcp/(evcp)/layout.tsx | 11 ++++++++---
 3 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/.env.development b/.env.development
index 30a88aa9..df02cd91 100644
--- a/.env.development
+++ b/.env.development
@@ -197,5 +197,6 @@ NEXT_PUBLIC_HIDE_PARTNERS_MENU_BEFORE_OPEN=false
 # DOLCE Local Uplaod Directory (only for v3. currently not used)
 DOLCE_LOCAL_UPLOAD_ABSOLUTE_DIRECTORY="/evcp/data/dolce"
 
-# 서버액션 고차컴포넌트가 실제로 인가에 따라 실행을 막을지를 결정하는 환경변수 (권한 셋업이 되기 전까지는 false)
-CHECK_NONSAP_AUTH_HOC=false
\ No newline at end of file
+# 권한관리
+SKIP_ORACLE_PERMISSION_CHECK=true # 화면 조회 권한 확인 여부
+CHECK_NONSAP_AUTH_HOC=false # 서버액션 고차컴포넌트가 실제로 인가에 따라 실행을 막을지를 결정하는 환경변수 (권한 셋업이 되기 전까지는 false)
\ No newline at end of file
diff --git a/.env.production b/.env.production
index a8121cf6..0ad720c0 100644
--- a/.env.production
+++ b/.env.production
@@ -199,5 +199,7 @@ NEXT_PUBLIC_HIDE_PARTNERS_MENU_BEFORE_OPEN=false
 # DOLCE Local Uplaod Directory (only for v3. currently not used)
 DOLCE_LOCAL_UPLOAD_ABSOLUTE_DIRECTORY="/evcp/data/dolce"
 
-# 서버액션 고차컴포넌트가 실제로 인가에 따라 실행을 막을지를 결정하는 환경변수 (권한 셋업이 되기 전까지는 false)
-CHECK_NONSAP_AUTH_HOC=false
\ No newline at end of file
+# 권한관리
+SKIP_ORACLE_PERMISSION_CHECK=true # 화면 조회 권한 확인 여부
+CHECK_NONSAP_AUTH_HOC=false # 서버액션 고차컴포넌트가 실제로 인가에 따라 실행을 막을지를 결정하는 환경변수 (권한 셋업이 되기 전까지는 false)
+
diff --git a/app/[lng]/evcp/(evcp)/layout.tsx b/app/[lng]/evcp/(evcp)/layout.tsx
index 7fe7f3e7..c5e75a4c 100644
--- a/app/[lng]/evcp/(evcp)/layout.tsx
+++ b/app/[lng]/evcp/(evcp)/layout.tsx
@@ -12,8 +12,11 @@ export default async function EvcpLayout({ children }: { children: ReactNode })
     let isAuthorized = true;
     let authMessage = "";
 
-    // Only check permission if user is logged in
-    if (session?.user?.id) {
+    // Skip permission check if environment variable is set
+    const skipPermissionCheck = process.env.SKIP_ORACLE_PERMISSION_CHECK === 'true';
+
+    // Only check permission if user is logged in and check is not skipped
+    if (session?.user?.id && !skipPermissionCheck) {
         try {
             const result = await verifyNonsapPermission(
                 parseInt(session.user.id), 
@@ -34,7 +37,9 @@ export default async function EvcpLayout({ children }: { children: ReactNode })
         <div className="relative flex min-h-svh flex-col bg-background">
         {/* <div className="relative flex min-h-svh flex-col bg-slate-100 "> */}
             <Header />
-            <PermissionChecker authorized={isAuthorized} message={authMessage} />
+            {!skipPermissionCheck && (
+                <PermissionChecker authorized={isAuthorized} message={authMessage} />
+            )}
             <main className="flex flex-1 flex-col">
                 <div className='container-wrapper'>
                         {children}
-- 
cgit v1.2.3