package incheon.ags.ias.userRole.web; import incheon.ags.ias.user.service.UserService; import incheon.ags.ias.user.vo.UserVO; import incheon.ags.ias.userRole.service.UserRoleService; import incheon.ags.ias.userRole.vo.UserRoleSearchVO; import incheon.ags.ias.userRole.vo.UserRoleVO; import incheon.com.security.annotation.RequireRole; import incheon.com.security.util.SecurityUtil; import incheon.com.security.vo.LoginVO; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.egovframe.rte.ptl.mvc.tags.ui.pagination.PaginationInfo; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestParam; import java.util.List; import java.util.Map; @Controller @RequiredArgsConstructor @Slf4j @RequireRole(system = "AGS", roles = {"ROLE_SUPER_ADMIN", "ROLE_AGS_ADMIN"}, description = "통합관리자 역할 접근 제어") public class UserRoleController { private final UserRoleService userRoleService; private final UserService userService; @GetMapping({"/ags/ias/userRole/userRoleList.do", "/ags/ias/authrt/userRoleMng/list.do"}) public String userRoleList( @RequestParam(defaultValue = "1") int page, @ModelAttribute UserRoleSearchVO searchVO, ModelMap model) throws Exception { log.info("=== userRoleList 조회 시작 ==="); // 권한 필터링: 통합관리자는 전체, 업무관리자는 해당 시스템만, 그 외는 조회 불가 LoginVO loginVO = SecurityUtil.getCurrentUser(); log.info("loginVO: {}, isSuperAdmin: {}, adminSysCds: {}", loginVO != null ? loginVO.getUserId() : "null", loginVO != null ? loginVO.isSuperAdmin() : "null", loginVO != null ? loginVO.getAdminSysCds() : "null"); boolean hasAdminAuthrt = true; if (loginVO != null && !loginVO.isSuperAdmin()) { List adminSysCds = loginVO.getAdminSysCds(); if (adminSysCds != null && !adminSysCds.isEmpty()) { // 업무관리자: 해당 시스템만 조회 searchVO.setSysCdList(adminSysCds); log.info("업무관리자 필터링 적용 - 시스템 코드: {}", adminSysCds); } else { // 일반 사용자: 조회 권한 없음 hasAdminAuthrt = false; log.info("일반 사용자 - 조회 권한 없음"); } } // 페이징 설정 PaginationInfo paginationInfo = new PaginationInfo(); paginationInfo.setRecordCountPerPage(searchVO.getRecordCountPerPage()); paginationInfo.setPageSize(searchVO.getPageSize()); int totalCount = 0; List> userRoleList = List.of(); if (hasAdminAuthrt) { // 권한이 있는 경우만 조회 totalCount = userRoleService.selectUserRoleCnt(searchVO); // 페이지 번호 보정 (totalCount 기준) int maxPage = (int) Math.ceil((double) totalCount / searchVO.getRecordCountPerPage()); if (maxPage > 0 && page > maxPage) { page = maxPage; } if (page < 1) page = 1; searchVO.setPageIndex(page); paginationInfo.setCurrentPageNo(page); searchVO.setFirstIndex(paginationInfo.getFirstRecordIndex()); searchVO.setLastIndex(paginationInfo.getLastRecordIndex()); userRoleList = userRoleService.selectUserRoleList(searchVO); } else { // 권한 없으면 빈 결과 page = 1; paginationInfo.setCurrentPageNo(page); } log.info("총 건수: {}", totalCount); paginationInfo.setTotalRecordCount(totalCount); model.addAttribute("paginationInfo", paginationInfo); model.addAttribute("userRoleList", userRoleList); model.addAttribute("searchVO", searchVO); return "ags/ias/userRole/userRoleList"; } @GetMapping({"/ags/ias/userRole/userRoleDetail.do", "/ags/ias/authrt/userRoleMng/detail.do"}) public String userRoleDetail( @RequestParam(defaultValue = "1") int page, ModelMap model, @RequestParam(required = false) String userId) throws Exception { UserRoleVO vo = new UserRoleVO(); vo.setUserId(userId); // 권한 필터링: 업무관리자는 담당 시스템만 조회 LoginVO loginVO = SecurityUtil.getCurrentUser(); if (loginVO != null && !loginVO.isSuperAdmin()) { List adminSysCds = loginVO.getAdminSysCds(); if (adminSysCds != null && !adminSysCds.isEmpty()) { vo.setSysCdList(adminSysCds); log.info("상세 - 업무관리자 필터링 적용 - 시스템 코드: {}", adminSysCds); } } List> userRole = userRoleService.selectUserRole(vo); UserRoleVO userRoleDetail = userRoleService.selectUserRoleDetail(vo); model.addAttribute("userRole", userRole); model.addAttribute("userRoleDetail", userRoleDetail); return "ags/ias/userRole/userRoleDetail"; } @GetMapping({"/ags/ias/userRole/userRoleModify.do", "/ags/ias/authrt/userRoleMng/modify.do"}) public String userRoleModify( @RequestParam(defaultValue = "1") int page, ModelMap model, @RequestParam(required = false) String userId) throws Exception { UserVO userVO = new UserVO(); userVO.setUserId(userId); UserVO userDetail = userService.selectUserDetail(userVO); model.addAttribute("userDetail", userDetail); UserRoleVO userRoleVO = new UserRoleVO(); userRoleVO.setUserId(userId); // 권한 필터링: 업무관리자는 담당 시스템만 표시 LoginVO loginVO = SecurityUtil.getCurrentUser(); if (loginVO != null && !loginVO.isSuperAdmin()) { List adminSysCds = loginVO.getAdminSysCds(); if (adminSysCds != null && !adminSysCds.isEmpty()) { userRoleVO.setSysCdList(adminSysCds); log.info("수정 - 업무관리자 필터링 적용 - 시스템 코드: {}", adminSysCds); } } List> userRoleWithCntList = userRoleService.selectSysListWithRoleCnt(userRoleVO); model.addAttribute("userRoleWithCntList", userRoleWithCntList); return "ags/ias/userRole/userRoleModify"; } @GetMapping("/ags/ias/userRole/userRoleAplyDetailPopup.do") public String userRoleAplyDetailPopup( @RequestParam Long aplySn, ModelMap model) throws Exception { log.info("신청 상세 팝업 - aplySn: {}", aplySn); List> roleList = userRoleService.selectUserRoleAplyDetail(aplySn); model.addAttribute("roleList", roleList); model.addAttribute("aplySn", aplySn); return "ags/ias/userRole/userRoleAplyDetailPopup"; } @GetMapping("/ags/ias/userRole/userSysRoleDetailPopup.do") public String userSysRoleDetailPopup( @RequestParam String userId, @RequestParam String sysCd, ModelMap model) throws Exception { log.info("시스템별 역할 상세 팝업 - userId: {}, sysCd: {}", userId, sysCd); UserRoleVO vo = new UserRoleVO(); vo.setUserId(userId); vo.setSysCd(sysCd); List> roleList = userRoleService.selectUserSysRoleDetail(vo); model.addAttribute("roleList", roleList); model.addAttribute("userId", userId); model.addAttribute("sysCd", sysCd); return "ags/ias/userRole/userSysRoleDetailPopup"; } }