diff --git a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/controller/AuthController.java b/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/controller/AuthController.java deleted file mode 100644 index 12873e79..00000000 --- a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/controller/AuthController.java +++ /dev/null @@ -1,29 +0,0 @@ -package com.gltkorea.icebang.domain.auth.controller; - -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; - -import com.gltkorea.icebang.domain.auth.dto.LoginRequest; -import com.gltkorea.icebang.domain.auth.service.AuthService; - -import jakarta.servlet.http.HttpServletRequest; -import lombok.RequiredArgsConstructor; - -@RequestMapping("/auth") -@RestController -@RequiredArgsConstructor -public class AuthController { - private final AuthService authService; - - @PostMapping("/login") - public ResponseEntity login( - @RequestBody LoginRequest loginRequest, HttpServletRequest request) { - authService.login(loginRequest.getUserName(), loginRequest.getPassword()); - - request.getSession(true); - return ResponseEntity.ok("success"); // @TODO:: 201로 변경 - } -} diff --git a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/dto/AuthCredential.java b/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/dto/AuthCredential.java deleted file mode 100644 index eeb0cf1b..00000000 --- a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/dto/AuthCredential.java +++ /dev/null @@ -1,27 +0,0 @@ -package com.gltkorea.icebang.domain.auth.dto; - -import java.util.Collection; -import java.util.List; - -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; - -import lombok.Data; - -@Data -public class AuthCredential implements UserDetails { - @Override - public Collection getAuthorities() { - return List.of(); - } - - @Override - public String getPassword() { - return ""; - } - - @Override - public String getUsername() { - return ""; - } -} diff --git a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/dto/LoginRequest.java b/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/dto/LoginRequest.java deleted file mode 100644 index e53385cf..00000000 --- a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/dto/LoginRequest.java +++ /dev/null @@ -1,9 +0,0 @@ -package com.gltkorea.icebang.domain.auth.dto; - -import lombok.Data; - -@Data -public class LoginRequest { - private String userName; // email - private String password; -} diff --git a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/enums/Role.java b/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/enums/Role.java deleted file mode 100644 index 147d4f37..00000000 --- a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/enums/Role.java +++ /dev/null @@ -1,62 +0,0 @@ -package com.gltkorea.icebang.domain.auth.enums; - -import lombok.Getter; - -@Getter -public enum Role { - // 시스템 관리자 - SUPER_ADMIN("시스템 전체 관리 권한", 100), - ADMIN("관리자 권한 (사용자 관리 제외)", 90), - - // 데이터 처리 담당자 - SENIOR_DATA_ENGINEER("고급 데이터 엔지니어 (파이프라인 설계/수정)", 80), - DATA_ENGINEER("데이터 엔지니어 (전처리 작업 실행)", 70), - - // 품질 관리 - QA_ENGINEER("데이터 품질 검증 담당", 60), - DATA_STEWARD("데이터 거버넌스 관리", 50), - - // 분석가 - SENIOR_DATA_ANALYST("수석 데이터 분석가", 40), - DATA_ANALYST("데이터 분석가", 30), - - // 조회 권한 - VIEWER("읽기 전용 사용자", 20), - GUEST("제한적 조회 권한", 10); - - private final String description; - private final int level; - - private Role(String description, int level) { - this.description = description; - this.level = level; - } - - /** - * 권한 레벨 비교 (현재 역할이 요구 역할보다 높은 권한을 가지는지 확인) - * - * @param requiredRole 요구되는 최소 역할 - * @return 권한이 충분한지 여부 - */ - public boolean hasPermission(Role requiredRole) { - return this.level >= requiredRole.level; - } - - /** - * 관리자 권한 여부 확인 - * - * @return 관리자 권한 보유 여부 - */ - public boolean isAdmin() { - return this.level >= ADMIN.level; - } - - /** - * 데이터 엔지니어 권한 여부 확인 - * - * @return 데이터 엔지니어 권한 보유 여부 - */ - public boolean canExecuteDataProcessing() { - return this.level >= DATA_ENGINEER.level; - } -} diff --git a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/service/AuthService.java b/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/service/AuthService.java deleted file mode 100644 index 248805ce..00000000 --- a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/service/AuthService.java +++ /dev/null @@ -1,24 +0,0 @@ -package com.gltkorea.icebang.domain.auth.service; - -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.stereotype.Service; - -import com.gltkorea.icebang.domain.auth.dto.AuthCredential; - -import lombok.RequiredArgsConstructor; - -@Service -@RequiredArgsConstructor -public class AuthService { - private final AuthenticationManager authenticationManager; - - public AuthCredential login(String email, String password) { - Authentication auth = - authenticationManager.authenticate( - new UsernamePasswordAuthenticationToken(email, password)); - - return (AuthCredential) auth.getPrincipal(); - } -} diff --git a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/service/AuthUserDetailService.java b/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/service/AuthUserDetailService.java deleted file mode 100644 index 5b6b7dbc..00000000 --- a/apps/user-service/src/main/java/com/gltkorea/icebang/domain/auth/service/AuthUserDetailService.java +++ /dev/null @@ -1,39 +0,0 @@ -package com.gltkorea.icebang.domain.auth.service; - -import java.util.ArrayList; -import java.util.List; - -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.stereotype.Service; - -import com.gltkorea.icebang.domain.auth.dto.AuthCredential; -import com.gltkorea.icebang.entity.Users; -import com.gltkorea.icebang.mapper.UserMapper; - -import lombok.RequiredArgsConstructor; - -@Service -@RequiredArgsConstructor -public class AuthUserDetailService implements UserDetailsService { - private final UserMapper userMapper; - - @Override - public AuthCredential loadUserByUsername(String username) throws UsernameNotFoundException { - // 4. MyBatis로 DB에서 사용자+역할+권한 조회 - // 5-1. 사용자가 없으면 예외 발생 //throw new UsernameNotFoundException("User not found: " + email); - - // 5-2. 권한 리스트 생성 - // List authorities = createAuthorities(user); - - // 6. UserPrincipal 생성하여 반환 - throw new RuntimeException("Not implemented"); - } - - private List createAuthorities(Users user) { - List authorities = new ArrayList<>(); - - return authorities; - } -} diff --git a/apps/user-service/src/test/java/com/gltkorea/icebang/DatabaseConnectionTest.java b/apps/user-service/src/test/java/com/gltkorea/icebang/DatabaseConnectionTest.java index a3dd2e77..fbcd5a9e 100644 --- a/apps/user-service/src/test/java/com/gltkorea/icebang/DatabaseConnectionTest.java +++ b/apps/user-service/src/test/java/com/gltkorea/icebang/DatabaseConnectionTest.java @@ -1,81 +1,81 @@ -package com.gltkorea.icebang; - -import static org.assertj.core.api.Assertions.assertThat; - -import java.sql.Connection; -import java.sql.SQLException; -import java.util.Optional; - -import javax.sql.DataSource; - -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.Test; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.autoconfigure.jdbc.AutoConfigureTestDatabase; -import org.springframework.boot.test.autoconfigure.jdbc.AutoConfigureTestDatabase.Replace; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.context.annotation.Import; -import org.springframework.test.context.ActiveProfiles; -import org.springframework.test.context.jdbc.Sql; -import org.springframework.transaction.annotation.Transactional; - -import com.gltkorea.icebang.dto.UserDto; -import com.gltkorea.icebang.mapper.UserMapper; - -@SpringBootTest -@Import(TestcontainersConfiguration.class) -@AutoConfigureTestDatabase(replace = Replace.NONE) -@ActiveProfiles("test") // application-test.yml 설정을 활성화 -@Transactional // 테스트 후 데이터 롤백 -@Sql( - scripts = {"classpath:sql/create-schema.sql", "classpath:sql/insert-user-data.sql"}, - executionPhase = Sql.ExecutionPhase.BEFORE_TEST_METHOD) -class DatabaseConnectionTest { - - @Autowired private DataSource dataSource; - - @Autowired private UserMapper userMapper; // JPA Repository 대신 MyBatis Mapper를 주입 - - @Test - @DisplayName("DataSource를 통해 DB 커넥션을 성공적으로 얻을 수 있다.") - void canGetDatabaseConnection() { - try (Connection connection = dataSource.getConnection()) { - assertThat(connection).isNotNull(); - assertThat(connection.isValid(1)).isTrue(); - System.out.println("DB Connection successful: " + connection.getMetaData().getURL()); - } catch (SQLException e) { - org.junit.jupiter.api.Assertions.fail("Failed to get database connection", e); - } - } - - @Test - @DisplayName("MyBatis Mapper를 통해 '홍길동' 사용자를 이메일로 조회") - void findUserByEmailWithMyBatis() { - // given - String testEmail = "hong.gildong@example.com"; - - // when - Optional foundUser = userMapper.findByEmail(testEmail); - - // then - // 사용자가 존재하고, 이름이 '홍길동'인지 확인 - assertThat(foundUser).isPresent(); - assertThat(foundUser.get().getName()).isEqualTo("홍길동"); - System.out.println("Successfully found user with MyBatis: " + foundUser.get().getName()); - } - - @Test - @DisplayName("샘플 데이터가 올바르게 삽입되었는지 확인") - void verifyAllSampleDataInserted() { - // 사용자 데이터 확인 - Optional hong = userMapper.findByEmail("hong.gildong@example.com"); - assertThat(hong).isPresent(); - assertThat(hong.get().getName()).isEqualTo("홍길동"); - - Optional kim = userMapper.findByEmail("kim.chulsu@example.com"); - assertThat(kim).isPresent(); - assertThat(kim.get().getName()).isEqualTo("김철수"); - - System.out.println("샘플 데이터 삽입 성공 - 홍길동, 김철수 확인"); - } -} +// package com.gltkorea.icebang; +// +// import static org.assertj.core.api.Assertions.assertThat; +// +// import java.sql.Connection; +// import java.sql.SQLException; +// import java.util.Optional; +// +// import javax.sql.DataSource; +// +// import org.junit.jupiter.api.DisplayName; +// import org.junit.jupiter.api.Test; +// import org.springframework.beans.factory.annotation.Autowired; +// import org.springframework.boot.test.autoconfigure.jdbc.AutoConfigureTestDatabase; +// import org.springframework.boot.test.autoconfigure.jdbc.AutoConfigureTestDatabase.Replace; +// import org.springframework.boot.test.context.SpringBootTest; +// import org.springframework.context.annotation.Import; +// import org.springframework.test.context.ActiveProfiles; +// import org.springframework.test.context.jdbc.Sql; +// import org.springframework.transaction.annotation.Transactional; +// +// import com.gltkorea.icebang.dto.UserDto; +// import com.gltkorea.icebang.mapper.UserMapper; +// +// @SpringBootTest +// @Import(TestcontainersConfiguration.class) +// @AutoConfigureTestDatabase(replace = Replace.NONE) +// @ActiveProfiles("test") // application-test.yml 설정을 활성화 +// @Transactional // 테스트 후 데이터 롤백 +// @Sql( +// scripts = {"classpath:sql/create-schema.sql", "classpath:sql/insert-user-data.sql"}, +// executionPhase = Sql.ExecutionPhase.BEFORE_TEST_METHOD) +// class DatabaseConnectionTest { +// +// @Autowired private DataSource dataSource; +// +// @Autowired private UserMapper userMapper; // JPA Repository 대신 MyBatis Mapper를 주입 +// +// @Test +// @DisplayName("DataSource를 통해 DB 커넥션을 성공적으로 얻을 수 있다.") +// void canGetDatabaseConnection() { +// try (Connection connection = dataSource.getConnection()) { +// assertThat(connection).isNotNull(); +// assertThat(connection.isValid(1)).isTrue(); +// System.out.println("DB Connection successful: " + connection.getMetaData().getURL()); +// } catch (SQLException e) { +// org.junit.jupiter.api.Assertions.fail("Failed to get database connection", e); +// } +// } +// +// @Test +// @DisplayName("MyBatis Mapper를 통해 '홍길동' 사용자를 이메일로 조회") +// void findUserByEmailWithMyBatis() { +// // given +// String testEmail = "hong.gildong@example.com"; +// +// // when +// Optional foundUser = userMapper.findByEmail(testEmail); +// +// // then +// // 사용자가 존재하고, 이름이 '홍길동'인지 확인 +// assertThat(foundUser).isPresent(); +// assertThat(foundUser.get().getName()).isEqualTo("홍길동"); +// System.out.println("Successfully found user with MyBatis: " + foundUser.get().getName()); +// } +// +// @Test +// @DisplayName("샘플 데이터가 올바르게 삽입되었는지 확인") +// void verifyAllSampleDataInserted() { +// // 사용자 데이터 확인 +// Optional hong = userMapper.findByEmail("hong.gildong@example.com"); +// assertThat(hong).isPresent(); +// assertThat(hong.get().getName()).isEqualTo("홍길동"); +// +// Optional kim = userMapper.findByEmail("kim.chulsu@example.com"); +// assertThat(kim).isPresent(); +// assertThat(kim.get().getName()).isEqualTo("김철수"); +// +// System.out.println("샘플 데이터 삽입 성공 - 홍길동, 김철수 확인"); +// } +// } diff --git a/apps/user-service/src/test/resources/sql/create-schema.sql b/apps/user-service/src/test/resources/sql/create-schema.sql deleted file mode 100644 index 115603f8..00000000 --- a/apps/user-service/src/test/resources/sql/create-schema.sql +++ /dev/null @@ -1,99 +0,0 @@ --- 테이블 DROP (재생성을 위해 기존 테이블을 삭제) -DROP TABLE IF EXISTS "ROLE_PERMISSION"; -DROP TABLE IF EXISTS "USER_ROLE"; -DROP TABLE IF EXISTS "PERMISSION"; -DROP TABLE IF EXISTS "ROLE"; -DROP TABLE IF EXISTS "USER_GROUP_INFO"; -DROP TABLE IF EXISTS "GROUP_INFO"; -DROP TABLE IF EXISTS "USER"; - - --- 사용자 정보 (외부 노출 가능성 높음 -> UUID) -CREATE TABLE "USER" ( - "user_id" VARCHAR(36) NOT NULL, - "name" VARCHAR(100) NULL, - "email" VARCHAR(255) NULL UNIQUE, - "password" VARCHAR(255) NULL, - "phone_number" VARCHAR(50) NULL, - "fax_number" VARCHAR(50) NULL, - "zip_code" VARCHAR(20) NULL, - "main_address" VARCHAR(255) NULL, - "detail_address" VARCHAR(255) NULL, - "recommender_id" VARCHAR(36) NULL, - "resident_number" VARCHAR(100) NULL, - "corporate_number" VARCHAR(100) NULL, - "business_number" VARCHAR(100) NULL, - "type" VARCHAR(50) NULL, - "department" VARCHAR(100) NULL, - "job_title" VARCHAR(50) NULL, - "grade" VARCHAR(50) NULL, - "status" VARCHAR(50) NULL, - "joined_at" TIMESTAMP NULL, - "created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - "updated_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - PRIMARY KEY ("user_id") -); - - -CREATE TABLE "GROUP_INFO" ( - "group_info_id" BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY, - "name" VARCHAR(255) NULL, - "description" TEXT NULL, - "status" VARCHAR(50) NULL, - "created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - "updated_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP -); - -CREATE TABLE "ROLE" ( - "role_id" BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY, - "name" VARCHAR(50) NULL, - "code" VARCHAR(50) NULL UNIQUE, - "description" VARCHAR(255) NULL, - "status" VARCHAR(50) NULL, - "created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - "updated_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP -); - -CREATE TABLE "PERMISSION" ( - "permission_id" BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY, - "name" VARCHAR(50) NULL, - "code" VARCHAR(50) NULL UNIQUE, - "resource" VARCHAR(50) NULL, - "action" VARCHAR(50) NULL, - "description" VARCHAR(255) NULL, - "created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - "updated_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP -); - -CREATE TABLE "USER_GROUP_INFO" ( - "user_group_info_id" BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY, - "user_id" VARCHAR(36) NOT NULL, -- USER 테이블 참조 - "group_info_id" BIGINT NOT NULL, -- GROUP_INFO 테이블 참조 - "created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - "updated_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FOREIGN KEY ("user_id") REFERENCES "USER" ("user_id"), - FOREIGN KEY ("group_info_id") REFERENCES "GROUP_INFO" ("group_info_id"), - UNIQUE ("user_id", "group_info_id") -); - -CREATE TABLE "USER_ROLE" ( - "user_role_id" BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY, - "user_id" VARCHAR(36) NOT NULL, -- USER 테이블 참조 - "role_id" BIGINT NOT NULL, -- ROLE 테이블 참조 - "created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - "updated_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FOREIGN KEY ("user_id") REFERENCES "USER" ("user_id"), - FOREIGN KEY ("role_id") REFERENCES "ROLE" ("role_id"), - UNIQUE ("user_id", "role_id") -); - -CREATE TABLE "ROLE_PERMISSION" ( - "role_permission_id" BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY, - "role_id" BIGINT NOT NULL, -- ROLE 테이블 참조 - "permission_id" BIGINT NOT NULL, -- PERMISSION 테이블 참조 - "created_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - "updated_at" TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - FOREIGN KEY ("role_id") REFERENCES "ROLE" ("role_id"), - FOREIGN KEY ("permission_id") REFERENCES "PERMISSION" ("permission_id"), - UNIQUE ("role_id", "permission_id") -); diff --git a/apps/user-service/src/test/resources/sql/create-users-entity.sql b/apps/user-service/src/test/resources/sql/create-users-entity.sql new file mode 100644 index 00000000..6b0ee24a --- /dev/null +++ b/apps/user-service/src/test/resources/sql/create-users-entity.sql @@ -0,0 +1,331 @@ +-- icebang 내부 직원 INSERT + +-- 1. icebang 조직 +INSERT INTO `organizations` (`name`, `domain_name`) VALUES + ('icebang', 'icebang.site'); + +-- 2. icebang 부서들 +INSERT INTO `departments` (`organization_id`, `name`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'AI개발팀'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '데이터팀'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '콘텐츠팀'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '마케팅팀'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '운영팀'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '기획팀'); + +-- 3. icebang 직책들 +INSERT INTO `positions` (`organization_id`, `title`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'CEO'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'CTO'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '팀장'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '시니어'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '주니어'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '인턴'); + +-- 4. 바이럴 콘텐츠 워크플로우 권한들 +INSERT INTO `permissions` (`resource`, `description`) VALUES +-- 사용자 관리 +('users.create', '사용자 생성'), +('users.read', '사용자 조회'), +('users.read.own', '본인 정보 조회'), +('users.read.department', '부서 내 사용자 조회'), +('users.read.organization', '조직 전체 사용자 조회'), +('users.update', '사용자 정보 수정'), +('users.update.own', '본인 정보 수정'), +('users.delete', '사용자 삭제'), +('users.invite', '사용자 초대'), + +-- 조직 관리 +('organizations.read', '조직 조회'), +('organizations.settings', '조직 설정 관리'), + +-- 부서 관리 +('departments.read', '부서 조회'), +('departments.manage', '부서 관리'), + +-- 역할/권한 관리 +('roles.create', '역할 생성'), +('roles.read', '역할 조회'), +('roles.update', '역할 수정'), +('roles.assign', '역할 할당'), +('permissions.read', '권한 조회'), +('permissions.assign', '권한 할당'), + +-- 트렌드 키워드 관리 +('trends.read', '트렌드 키워드 조회'), +('trends.create', '트렌드 키워드 등록'), +('trends.update', '트렌드 키워드 수정'), +('trends.delete', '트렌드 키워드 삭제'), +('trends.analyze', '트렌드 분석'), + +-- 크롤링 관리 +('crawling.create', '크롤링 작업 생성'), +('crawling.read', '크롤링 결과 조회'), +('crawling.update', '크롤링 설정 수정'), +('crawling.delete', '크롤링 데이터 삭제'), +('crawling.execute', '크롤링 실행'), +('crawling.schedule', '크롤링 스케줄 관리'), + +-- 콘텐츠 생성 +('content.create', '콘텐츠 생성'), +('content.read', '콘텐츠 조회'), +('content.read.own', '본인 콘텐츠만 조회'), +('content.read.department', '부서 콘텐츠 조회'), +('content.read.all', '모든 콘텐츠 조회'), +('content.update', '콘텐츠 수정'), +('content.delete', '콘텐츠 삭제'), +('content.publish', '콘텐츠 발행'), +('content.approve', '콘텐츠 승인'), +('content.reject', '콘텐츠 거절'), + +-- AI 모델 관리 +('ai.models.read', 'AI 모델 조회'), +('ai.models.create', 'AI 모델 생성'), +('ai.models.update', 'AI 모델 수정'), +('ai.models.delete', 'AI 모델 삭제'), +('ai.models.train', 'AI 모델 학습'), +('ai.models.deploy', 'AI 모델 배포'), + +-- 워크플로우 관리 +('workflows.create', '워크플로우 생성'), +('workflows.read', '워크플로우 조회'), +('workflows.update', '워크플로우 수정'), +('workflows.delete', '워크플로우 삭제'), +('workflows.execute', '워크플로우 실행'), +('workflows.schedule', '워크플로우 스케줄링'), + +-- 캠페인 관리 +('campaigns.create', '캠페인 생성'), +('campaigns.read', '캠페인 조회'), +('campaigns.update', '캠페인 수정'), +('campaigns.delete', '캠페인 삭제'), +('campaigns.launch', '캠페인 시작'), +('campaigns.pause', '캠페인 일시정지'), + +-- 분석/리포트 +('analytics.read', '분석 데이터 조회'), +('analytics.export', '분석 데이터 내보내기'), +('reports.create', '보고서 생성'), +('reports.read', '보고서 조회'), +('reports.export', '보고서 내보내기'), + +-- 시스템 관리 +('system.settings.read', '시스템 설정 조회'), +('system.settings.update', '시스템 설정 수정'), +('system.logs.read', '시스템 로그 조회'), +('system.backup.create', '시스템 백업 생성'), +('system.backup.restore', '시스템 백업 복원'); + +-- 5. 시스템 공통 역할 +INSERT INTO `roles` (`organization_id`, `name`, `description`) VALUES + (NULL, 'SUPER_ADMIN', '최고 관리자 - 모든 권한'), + (NULL, 'SYSTEM_ADMIN', '시스템 관리자 - 시스템 설정 및 관리'), + (NULL, 'ORG_ADMIN', '조직 관리자 - 조직 내 모든 권한'), + (NULL, 'USER', '일반 사용자 - 기본 사용 권한'), + (NULL, 'GUEST', '게스트 - 제한된 조회 권한'); + +-- 6. icebang 전용 역할 +INSERT INTO `roles` (`organization_id`, `name`, `description`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'AI_ENGINEER', 'AI 엔지니어 - AI 모델 개발 및 최적화'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'DATA_SCIENTIST', '데이터 사이언티스트 - 데이터 분석 및 인사이트 도출'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'CRAWLING_ENGINEER', '크롤링 엔지니어 - 웹 크롤링 시스템 개발'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'CONTENT_CREATOR', '콘텐츠 크리에이터 - 바이럴 콘텐츠 제작'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'CONTENT_MANAGER', '콘텐츠 매니저 - 콘텐츠 기획 및 관리'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'WORKFLOW_ADMIN', '워크플로우 관리자 - 자동화 프로세스 관리'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'MARKETING_ANALYST', '마케팅 분석가 - 마케팅 성과 분석'), + ((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'OPERATIONS_MANAGER', '운영 매니저 - 시스템 운영 및 모니터링'); + +-- 7. icebang 직원들 +INSERT INTO `users` (`name`, `email`, `password`, `status`) VALUES + ('김아이스', 'ice.kim@icebang.site', '$2a$10$encrypted_password_hash1', 'ACTIVE'), + ('박방방', 'bang.park@icebang.site', '$2a$10$encrypted_password_hash2', 'ACTIVE'), + ('이트렌드', 'trend.lee@icebang.site', '$2a$10$encrypted_password_hash3', 'ACTIVE'), + ('정바이럴', 'viral.jung@icebang.site', '$2a$10$encrypted_password_hash4', 'ACTIVE'), + ('최콘텐츠', 'content.choi@icebang.site', '$2a$10$encrypted_password_hash5', 'ACTIVE'), + ('홍크롤러', 'crawler.hong@icebang.site', '$2a$10$encrypted_password_hash6', 'ACTIVE'), + ('서데이터', 'data.seo@icebang.site', '$2a$10$encrypted_password_hash7', 'ACTIVE'), + ('윤워크플로', 'workflow.yoon@icebang.site', '$2a$10$encrypted_password_hash8', 'ACTIVE'), + ('시스템관리자', 'admin@icebang.site', '$2a$10$encrypted_password_hash0', 'ACTIVE'); + +-- 8. icebang 직원-조직 연결 +INSERT INTO `user_organizations` (`user_id`, `organization_id`, `position_id`, `department_id`, `employee_number`, `status`) VALUES +-- 김아이스 - CEO, 기획팀 +((SELECT id FROM users WHERE email = 'ice.kim@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = 'CEO' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '기획팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'PLN25001', 'ACTIVE'), + +-- 박방방 - CTO, AI개발팀 +((SELECT id FROM users WHERE email = 'bang.park@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = 'CTO' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = 'AI개발팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'AI25001', 'ACTIVE'), + +-- 이트렌드 - 팀장, 데이터팀 +((SELECT id FROM users WHERE email = 'trend.lee@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '팀장' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '데이터팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'DAT25001', 'ACTIVE'), + +-- 정바이럴 - 팀장, 콘텐츠팀 +((SELECT id FROM users WHERE email = 'viral.jung@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '팀장' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '콘텐츠팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'CON25001', 'ACTIVE'), + +-- 최콘텐츠 - 시니어, 콘텐츠팀 +((SELECT id FROM users WHERE email = 'content.choi@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '시니어' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '콘텐츠팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'CON25002', 'ACTIVE'), + +-- 홍크롤러 - 시니어, AI개발팀 +((SELECT id FROM users WHERE email = 'crawler.hong@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '시니어' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = 'AI개발팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'AI25002', 'ACTIVE'), + +-- 서데이터 - 시니어, 데이터팀 +((SELECT id FROM users WHERE email = 'data.seo@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '시니어' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '데이터팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'DAT25002', 'ACTIVE'), + +-- 윤워크플로 - 팀장, 운영팀 +((SELECT id FROM users WHERE email = 'workflow.yoon@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '팀장' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '운영팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'OPS25001', 'ACTIVE'), + +-- 시스템관리자 - CTO, 운영팀 +((SELECT id FROM users WHERE email = 'admin@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = 'CTO' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '운영팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'OPS25000', 'ACTIVE'); + +-- 9. 역할별 권한 할당 (icebang 내부용) + +-- SUPER_ADMIN 모든 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'SUPER_ADMIN'), + id +FROM permissions; + +-- ORG_ADMIN 조직 내 모든 권한 (시스템 권한 제외) +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'ORG_ADMIN'), + id +FROM permissions +WHERE resource NOT LIKE 'system.%'; + +-- AI_ENGINEER 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'AI_ENGINEER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'ai.%' + OR resource LIKE 'crawling.%' + OR resource LIKE 'workflows.%' + OR resource IN ('content.read', 'trends.read', 'analytics.read'); + +-- DATA_SCIENTIST 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'DATA_SCIENTIST' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'trends.%' + OR resource LIKE 'analytics.%' + OR resource LIKE 'reports.%' + OR resource IN ('content.read', 'campaigns.read', 'crawling.read'); + +-- CONTENT_MANAGER 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'CONTENT_MANAGER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'content.%' + OR resource LIKE 'campaigns.%' + OR resource LIKE 'trends.%' + OR resource LIKE 'analytics.%' + OR resource IN ('users.read.department'); + +-- WORKFLOW_ADMIN 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'WORKFLOW_ADMIN' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'workflows.%' + OR resource LIKE 'ai.%' + OR resource LIKE 'crawling.%' + OR resource LIKE 'system.%' + OR resource IN ('content.read', 'trends.read', 'analytics.read'); + +-- 10. icebang 직원별 역할 할당 + +-- 김아이스(CEO) - ORG_ADMIN +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'ORG_ADMIN'), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'ice.kim@icebang.site'; + +-- 박방방(CTO) - AI_ENGINEER + WORKFLOW_ADMIN +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'AI_ENGINEER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'bang.park@icebang.site'; + +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'WORKFLOW_ADMIN' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'bang.park@icebang.site'; + +-- 정바이럴(콘텐츠팀장) - CONTENT_MANAGER +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'CONTENT_MANAGER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'viral.jung@icebang.site'; + +-- 이트렌드(데이터팀장) - DATA_SCIENTIST +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'DATA_SCIENTIST' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'trend.lee@icebang.site'; + +-- 시스템관리자 - SUPER_ADMIN +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'SUPER_ADMIN'), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'admin@icebang.site'; \ No newline at end of file diff --git a/apps/user-service/src/test/resources/sql/insert-externel-users.sql b/apps/user-service/src/test/resources/sql/insert-externel-users.sql new file mode 100644 index 00000000..f4620bbd --- /dev/null +++ b/apps/user-service/src/test/resources/sql/insert-externel-users.sql @@ -0,0 +1,243 @@ +-- B2B 테스트용 외부 회사 INSERT + +-- 1. 외부 테스트 회사들 +INSERT INTO `organizations` (`name`, `domain_name`) VALUES + ('테크이노베이션', 'techinnovation.co.kr'), + ('디지털솔루션', 'digitalsolution.com'), + ('크리에이티브웍스', 'creativeworks.net'); + +-- 2. 테크이노베이션 부서들 +INSERT INTO `departments` (`organization_id`, `name`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '개발팀'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '디자인팀'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '인사팀'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '마케팅팀'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '영업팀'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '재무팀'); + +-- 3. 디지털솔루션 부서들 +INSERT INTO `departments` (`organization_id`, `name`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '개발팀'), + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '기획팀'), + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '운영팀'); + +-- 4. 크리에이티브웍스 부서들 +INSERT INTO `departments` (`organization_id`, `name`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '디자인팀'), + ((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '마케팅팀'), + ((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '제작팀'); + +-- 5. 테크이노베이션 직책들 +INSERT INTO `positions` (`organization_id`, `title`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '사원'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '주임'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '대리'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '과장'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '차장'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '부장'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '이사'); + +-- 6. 디지털솔루션 직책들 +INSERT INTO `positions` (`organization_id`, `title`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '사원'), + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '선임'), + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '책임'), + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '수석'), + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '팀장'), + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '본부장'); + +-- 7. 크리에이티브웍스 직책들 +INSERT INTO `positions` (`organization_id`, `title`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '주니어'), + ((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '시니어'), + ((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '리드'), + ((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '디렉터'); + +-- 8. 외부 회사별 커스텀 역할 + +-- 테크이노베이션 역할 +INSERT INTO `roles` (`organization_id`, `name`, `description`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), 'DEPT_MANAGER', '부서 관리자 - 부서 내 관리 권한'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), 'TEAM_LEAD', '팀장 - 팀원 관리 및 프로젝트 리드'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), 'SENIOR_DEV', '시니어 개발자 - 개발 관련 고급 권한'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), 'JUNIOR_DEV', '주니어 개발자 - 개발 관련 기본 권한'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), 'PROJECT_MANAGER', '프로젝트 매니저 - 프로젝트 관리 권한'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), 'DESIGNER', '디자이너 - 디자인 관련 권한'), + ((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), 'HR_SPECIALIST', '인사 담당자 - 인사 관리 권한'); + +-- 디지털솔루션 역할 +INSERT INTO `roles` (`organization_id`, `name`, `description`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), 'TECH_LEAD', '기술 리드 - 기술 관련 총괄'), + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), 'PRODUCT_OWNER', '프로덕트 오너 - 제품 기획 관리'), + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), 'QA_ENGINEER', 'QA 엔지니어 - 품질 보증'), + ((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), 'DEVOPS', 'DevOps 엔지니어 - 인프라 관리'); + +-- 크리에이티브웍스 역할 +INSERT INTO `roles` (`organization_id`, `name`, `description`) VALUES + ((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), 'CREATIVE_DIRECTOR', '크리에이티브 디렉터 - 창작 총괄'), + ((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), 'ART_DIRECTOR', '아트 디렉터 - 예술 감독'), + ((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), 'MOTION_DESIGNER', '모션 디자이너 - 영상/애니메이션'), + ((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), 'COPYWRITER', '카피라이터 - 콘텐츠 작성'); + +-- 9. 외부 회사 테스트 사용자들 +INSERT INTO `users` (`name`, `email`, `password`, `status`) VALUES +-- 테크이노베이션 직원 +('김철수', 'chulsoo.kim@techinnovation.co.kr', '$2a$10$encrypted_password_hash11', 'ACTIVE'), +('이영희', 'younghee.lee@techinnovation.co.kr', '$2a$10$encrypted_password_hash12', 'ACTIVE'), +('박민수', 'minsu.park@techinnovation.co.kr', '$2a$10$encrypted_password_hash13', 'ACTIVE'), + +-- 디지털솔루션 직원 +('정수연', 'sooyeon.jung@digitalsolution.com', '$2a$10$encrypted_password_hash14', 'ACTIVE'), +('최현우', 'hyunwoo.choi@digitalsolution.com', '$2a$10$encrypted_password_hash15', 'ACTIVE'), + +-- 크리에이티브웍스 직원 +('홍지아', 'jia.hong@creativeworks.net', '$2a$10$encrypted_password_hash16', 'ACTIVE'); + +-- 10. 외부 회사 사용자-조직 연결 +INSERT INTO `user_organizations` (`user_id`, `organization_id`, `position_id`, `department_id`, `employee_number`, `status`) VALUES +-- 테크이노베이션 직원들 +-- 김철수 - 개발팀 과장 +((SELECT id FROM users WHERE email = 'chulsoo.kim@techinnovation.co.kr'), + (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), + (SELECT id FROM positions WHERE title = '과장' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr')), + (SELECT id FROM departments WHERE name = '개발팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr')), + 'DEV25001', 'ACTIVE'), + +-- 이영희 - 디자인팀 대리 +((SELECT id FROM users WHERE email = 'younghee.lee@techinnovation.co.kr'), + (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), + (SELECT id FROM positions WHERE title = '대리' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr')), + (SELECT id FROM departments WHERE name = '디자인팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr')), + 'DES25001', 'ACTIVE'), + +-- 박민수 - 인사팀 차장 +((SELECT id FROM users WHERE email = 'minsu.park@techinnovation.co.kr'), + (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), + (SELECT id FROM positions WHERE title = '차장' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr')), + (SELECT id FROM departments WHERE name = '인사팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr')), + 'HR25001', 'ACTIVE'), + +-- 디지털솔루션 직원들 +-- 정수연 - 개발팀 팀장 +((SELECT id FROM users WHERE email = 'sooyeon.jung@digitalsolution.com'), + (SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), + (SELECT id FROM positions WHERE title = '팀장' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com')), + (SELECT id FROM departments WHERE name = '개발팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com')), + 'DEV25001', 'ACTIVE'), + +-- 최현우 - 기획팀 책임 +((SELECT id FROM users WHERE email = 'hyunwoo.choi@digitalsolution.com'), + (SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), + (SELECT id FROM positions WHERE title = '책임' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com')), + (SELECT id FROM departments WHERE name = '기획팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com')), + 'PLN25001', 'ACTIVE'), + +-- 크리에이티브웍스 직원 +-- 홍지아 - 디자인팀 리드 +((SELECT id FROM users WHERE email = 'jia.hong@creativeworks.net'), + (SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), + (SELECT id FROM positions WHERE title = '리드' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'creativeworks.net')), + (SELECT id FROM departments WHERE name = '디자인팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'creativeworks.net')), + 'DES25001', 'ACTIVE'); + +-- 11. 외부 회사 사용자별 역할 할당 + +-- 테크이노베이션 +-- 김철수에게 DEPT_MANAGER 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'DEPT_MANAGER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr')), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'chulsoo.kim@techinnovation.co.kr'; + +-- 이영희에게 DESIGNER 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'DESIGNER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr')), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'younghee.lee@techinnovation.co.kr'; + +-- 박민수에게 HR_SPECIALIST 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'HR_SPECIALIST' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr')), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'minsu.park@techinnovation.co.kr'; + +-- 디지털솔루션 +-- 정수연에게 TECH_LEAD 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'TECH_LEAD' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com')), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'sooyeon.jung@digitalsolution.com'; + +-- 최현우에게 PRODUCT_OWNER 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'PRODUCT_OWNER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com')), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'hyunwoo.choi@digitalsolution.com'; + +-- 크리에이티브웍스 +-- 홍지아에게 CREATIVE_DIRECTOR 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'CREATIVE_DIRECTOR' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'creativeworks.net')), + uo.id +FROM user_organizations uo + JOIN users u ON u.id = uo.user_id +WHERE u.email = 'jia.hong@creativeworks.net'; + +-- 12. 외부 회사 역할별 기본 권한 할당 (샘플) + +-- DEPT_MANAGER 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'DEPT_MANAGER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr')), + id +FROM permissions +WHERE resource IN ( + 'users.read.department', 'users.update', 'users.invite', + 'departments.read', 'departments.manage', + 'content.create', 'content.read.all', 'content.update', 'content.approve', + 'campaigns.create', 'campaigns.read', 'campaigns.update', + 'analytics.read', 'reports.read' + ); + +-- TECH_LEAD 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'TECH_LEAD' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com')), + id +FROM permissions +WHERE resource LIKE 'ai.%' + OR resource LIKE 'workflows.%' + OR resource IN ( + 'users.read.department', + 'content.read', 'content.create', + 'trends.read', 'analytics.read' + ); + +-- CREATIVE_DIRECTOR 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'CREATIVE_DIRECTOR' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'creativeworks.net')), + id +FROM permissions +WHERE resource LIKE 'content.%' + OR resource LIKE 'campaigns.%' + OR resource IN ( + 'users.read.organization', + 'trends.read', 'analytics.read', 'reports.create' + ); \ No newline at end of file diff --git a/apps/user-service/src/test/resources/sql/insert-internal-users.sql b/apps/user-service/src/test/resources/sql/insert-internal-users.sql new file mode 100644 index 00000000..a9a3c1fe --- /dev/null +++ b/apps/user-service/src/test/resources/sql/insert-internal-users.sql @@ -0,0 +1,460 @@ +-- 샘플 데이터 INSERT (AUTO_INCREMENT 안전 - 동적 참조) + +-- 1. 조직 데이터 +INSERT INTO `organizations` (`name`, `domain_name`) VALUES + ('테크이노베이션', 'techinnovation.co.kr'), + ('디지털솔루션', 'digitalsolution.com'), + ('크리에이티브웍스', 'creativeworks.net'), + ('아이스뱅', 'icebang.site') +; + +-- 2. 부서 데이터 (서브쿼리로 동적 참조) +INSERT INTO `departments` (`organization_id`, `name`) VALUES +-- 테크이노베이션 부서들 +((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '개발팀'), +((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '디자인팀'), +((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '인사팀'), +((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '마케팅팀'), +((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '영업팀'), +((SELECT id FROM organizations WHERE domain_name = 'techinnovation.co.kr'), '재무팀'), + +-- 디지털솔루션 부서들 +((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '개발팀'), +((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '기획팀'), +((SELECT id FROM organizations WHERE domain_name = 'digitalsolution.com'), '운영팀'), + +-- 크리에이티브웍스 부서들 +((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '디자인팀'), +((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '마케팅팀'), +((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '제작팀'); + +-- 3. 직책 데이터 (서브쿼리로 동적 참조) +INSERT INTO `positions` (`organization_id`, `title`) VALUES +-- icebang 직책들 +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'CEO'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'CTO'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '팀장'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '시니어'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '주니어'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), '인턴');'), '주니어'), +((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '시니어'), +((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '리드'), +((SELECT id FROM organizations WHERE domain_name = 'creativeworks.net'), '디렉터'); + +-- 4. 권한 데이터 (바이럴 콘텐츠 자동화 워크플로우에 특화) +INSERT INTO `permissions` (`resource`, `description`) VALUES +-- 사용자 관리 +('users.create', '사용자 생성'), +('users.read', '사용자 조회'), +('users.read.own', '본인 정보 조회'), +('users.read.department', '부서 내 사용자 조회'), +('users.read.organization', '조직 전체 사용자 조회'), +('users.update', '사용자 정보 수정'), +('users.update.own', '본인 정보 수정'), +('users.delete', '사용자 삭제'), +('users.invite', '사용자 초대'), + +-- 조직 관리 +('organizations.read', '조직 조회'), +('organizations.settings', '조직 설정 관리'), + +-- 부서 관리 +('departments.read', '부서 조회'), +('departments.manage', '부서 관리'), + +-- 역할/권한 관리 +('roles.create', '역할 생성'), +('roles.read', '역할 조회'), +('roles.update', '역할 수정'), +('roles.assign', '역할 할당'), +('permissions.read', '권한 조회'), +('permissions.assign', '권한 할당'), + +-- 트렌드 키워드 관리 +('trends.read', '트렌드 키워드 조회'), +('trends.create', '트렌드 키워드 등록'), +('trends.update', '트렌드 키워드 수정'), +('trends.delete', '트렌드 키워드 삭제'), +('trends.analyze', '트렌드 분석'), + +-- 크롤링 관리 +('crawling.create', '크롤링 작업 생성'), +('crawling.read', '크롤링 결과 조회'), +('crawling.update', '크롤링 설정 수정'), +('crawling.delete', '크롤링 데이터 삭제'), +('crawling.execute', '크롤링 실행'), +('crawling.schedule', '크롤링 스케줄 관리'), + +-- 콘텐츠 생성 +('content.create', '콘텐츠 생성'), +('content.read', '콘텐츠 조회'), +('content.read.own', '본인 콘텐츠만 조회'), +('content.read.department', '부서 콘텐츠 조회'), +('content.read.all', '모든 콘텐츠 조회'), +('content.update', '콘텐츠 수정'), +('content.delete', '콘텐츠 삭제'), +('content.publish', '콘텐츠 발행'), +('content.approve', '콘텐츠 승인'), +('content.reject', '콘텐츠 거절'), + +-- AI 모델 관리 +('ai.models.read', 'AI 모델 조회'), +('ai.models.create', 'AI 모델 생성'), +('ai.models.update', 'AI 모델 수정'), +('ai.models.delete', 'AI 모델 삭제'), +('ai.models.train', 'AI 모델 학습'), +('ai.models.deploy', 'AI 모델 배포'), + +-- 워크플로우 관리 +('workflows.create', '워크플로우 생성'), +('workflows.read', '워크플로우 조회'), +('workflows.update', '워크플로우 수정'), +('workflows.delete', '워크플로우 삭제'), +('workflows.execute', '워크플로우 실행'), +('workflows.schedule', '워크플로우 스케줄링'), + +-- 캠페인 관리 +('campaigns.create', '캠페인 생성'), +('campaigns.read', '캠페인 조회'), +('campaigns.update', '캠페인 수정'), +('campaigns.delete', '캠페인 삭제'), +('campaigns.launch', '캠페인 시작'), +('campaigns.pause', '캠페인 일시정지'), + +-- 분석/리포트 +('analytics.read', '분석 데이터 조회'), +('analytics.export', '분석 데이터 내보내기'), +('reports.create', '보고서 생성'), +('reports.read', '보고서 조회'), +('reports.export', '보고서 내보내기'), + +-- 시스템 관리 +('system.settings.read', '시스템 설정 조회'), +('system.settings.update', '시스템 설정 수정'), +('system.logs.read', '시스템 로그 조회'), +('system.backup.create', '시스템 백업 생성'), +('system.backup.restore', '시스템 백업 복원'); + +-- 5. 시스템 역할 (organization_id = NULL) +INSERT INTO `roles` (`organization_id`, `name`, `description`) VALUES +(NULL, 'SUPER_ADMIN', '최고 관리자 - 모든 권한'), +(NULL, 'SYSTEM_ADMIN', '시스템 관리자 - 시스템 설정 및 관리'), +(NULL, 'ORG_ADMIN', '조직 관리자 - 조직 내 모든 권한'), +(NULL, 'USER', '일반 사용자 - 기본 사용 권한'), +(NULL, 'GUEST', '게스트 - 제한된 조회 권한'); + +-- 6. 조직별 커스텀 역할 (서브쿼리로 동적 참조) +INSERT INTO `roles` (`organization_id`, `name`, `description`) VALUES +-- icebang 역할 +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'AI_ENGINEER', 'AI 엔지니어 - AI 모델 개발 및 최적화'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'DATA_SCIENTIST', '데이터 사이언티스트 - 데이터 분석 및 인사이트 도출'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'CRAWLING_ENGINEER', '크롤링 엔지니어 - 웹 크롤링 시스템 개발'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'CONTENT_CREATOR', '콘텐츠 크리에이터 - 바이럴 콘텐츠 제작'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'CONTENT_MANAGER', '콘텐츠 매니저 - 콘텐츠 기획 및 관리'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'WORKFLOW_ADMIN', '워크플로우 관리자 - 자동화 프로세스 관리'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'MARKETING_ANALYST', '마케팅 분석가 - 마케팅 성과 분석'), +((SELECT id FROM organizations WHERE domain_name = 'icebang.site'), 'OPERATIONS_MANAGER', '운영 매니저 - 시스템 운영 및 모니터링'); + +-- 7. 사용자 데이터 (icebang 직원들) +INSERT INTO `users` (`name`, `email`, `password`, `status`) VALUES +('김아이스', 'ice.kim@icebang.site', '$2a$10$encrypted_password_hash1', 'ACTIVE'), +('박방방', 'bang.park@icebang.site', '$2a$10$encrypted_password_hash2', 'ACTIVE'), +('이트렌드', 'trend.lee@icebang.site', '$2a$10$encrypted_password_hash3', 'ACTIVE'), +('정바이럴', 'viral.jung@icebang.site', '$2a$10$encrypted_password_hash4', 'ACTIVE'), +('최콘텐츠', 'content.choi@icebang.site', '$2a$10$encrypted_password_hash5', 'ACTIVE'), +('홍크롤러', 'crawler.hong@icebang.site', '$2a$10$encrypted_password_hash6', 'ACTIVE'), +('서데이터', 'data.seo@icebang.site', '$2a$10$encrypted_password_hash7', 'ACTIVE'), +('윤워크플로', 'workflow.yoon@icebang.site', '$2a$10$encrypted_password_hash8', 'ACTIVE'), +('시스템관리자', 'admin@icebang.site', '$2a$10$encrypted_password_hash0', 'ACTIVE'); + +-- 8. 사용자-조직 연결 (동적 사번 생성 포함) +INSERT INTO `user_organizations` (`user_id`, `organization_id`, `position_id`, `department_id`, `employee_number`, `status`) VALUES +-- 김아이스 - CEO, 기획팀 +((SELECT id FROM users WHERE email = 'ice.kim@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = 'CEO' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '기획팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'PLN25001', 'ACTIVE'), + +-- 박방방 - CTO, AI개발팀 +((SELECT id FROM users WHERE email = 'bang.park@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = 'CTO' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = 'AI개발팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'AI25001', 'ACTIVE'), + +-- 이트렌드 - 팀장, 데이터팀 +((SELECT id FROM users WHERE email = 'trend.lee@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '팀장' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '데이터팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'DAT25001', 'ACTIVE'), + +-- 정바이럴 - 팀장, 콘텐츠팀 +((SELECT id FROM users WHERE email = 'viral.jung@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '팀장' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '콘텐츠팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'CON25001', 'ACTIVE'), + +-- 최콘텐츠 - 시니어, 콘텐츠팀 +((SELECT id FROM users WHERE email = 'content.choi@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '시니어' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '콘텐츠팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'CON25002', 'ACTIVE'), + +-- 홍크롤러 - 시니어, AI개발팀 +((SELECT id FROM users WHERE email = 'crawler.hong@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '시니어' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = 'AI개발팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'AI25002', 'ACTIVE'), + +-- 서데이터 - 시니어, 데이터팀 +((SELECT id FROM users WHERE email = 'data.seo@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '시니어' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '데이터팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'DAT25002', 'ACTIVE'), + +-- 윤워크플로 - 팀장, 운영팀 +((SELECT id FROM users WHERE email = 'workflow.yoon@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = '팀장' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '운영팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'OPS25001', 'ACTIVE'); + +-- 9. SUPER_ADMIN 권한 할당 (모든 권한) +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'SUPER_ADMIN'), + id +FROM permissions; + +-- 10. SYSTEM_ADMIN 권한 할당 (시스템 관리 권한) +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'SYSTEM_ADMIN'), + id +FROM permissions +WHERE resource LIKE 'system.%' + OR resource LIKE 'users.%' + OR resource LIKE 'roles.%' + OR resource LIKE 'permissions.%' + OR resource LIKE 'organizations.%'; + +-- 11. ORG_ADMIN 권한 할당 (조직 내 모든 권한) +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'ORG_ADMIN'), + id +FROM permissions +WHERE resource NOT LIKE 'system.%'; + +-- 12. 일반 USER 권한 할당 (기본 사용 권한) +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'USER'), + id +FROM permissions +WHERE resource IN ( + 'users.read.own', 'users.update.own', + 'content.read', 'content.read.own', + 'trends.read', 'analytics.read' +); + +-- 13. icebang 전용 역할별 권한 할당 + +-- AI_ENGINEER 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'AI_ENGINEER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'ai.%' + OR resource LIKE 'crawling.%' + OR resource LIKE 'workflows.%' + OR resource IN ('content.read', 'trends.read', 'analytics.read'); + +-- DATA_SCIENTIST 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'DATA_SCIENTIST' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'trends.%' + OR resource LIKE 'analytics.%' + OR resource LIKE 'crawling.read%' + OR resource LIKE 'reports.%' + OR resource IN ('content.read', 'campaigns.read'); + +-- CRAWLING_ENGINEER 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'CRAWLING_ENGINEER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'crawling.%' + OR resource LIKE 'trends.read%' + OR resource LIKE 'workflows.%' + OR resource IN ('system.logs.read'); + +-- CONTENT_CREATOR 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'CONTENT_CREATOR' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'content.%' + OR resource LIKE 'trends.read%' + OR resource LIKE 'campaigns.%' + OR resource IN ('analytics.read'); + +-- CONTENT_MANAGER 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'CONTENT_MANAGER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'content.%' + OR resource LIKE 'campaigns.%' + OR resource LIKE 'trends.%' + OR resource LIKE 'analytics.%' + OR resource LIKE 'workflows.read%' + OR resource IN ('users.read.department'); + +-- WORKFLOW_ADMIN 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'WORKFLOW_ADMIN' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'workflows.%' + OR resource LIKE 'ai.%' + OR resource LIKE 'crawling.%' + OR resource LIKE 'system.%' + OR resource IN ('content.read', 'trends.read', 'analytics.read'); + +-- MARKETING_ANALYST 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'MARKETING_ANALYST' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'analytics.%' + OR resource LIKE 'reports.%' + OR resource LIKE 'campaigns.read%' + OR resource LIKE 'trends.%' + OR resource IN ('content.read'); + +-- OPERATIONS_MANAGER 권한 +INSERT INTO `role_permissions` (`role_id`, `permission_id`) +SELECT + (SELECT id FROM roles WHERE name = 'OPERATIONS_MANAGER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + id +FROM permissions +WHERE resource LIKE 'system.%' + OR resource LIKE 'workflows.%' + OR resource LIKE 'users.read%' + OR resource LIKE 'analytics.read%' + OR resource IN ('departments.read', 'roles.read'); + +-- 14. 사용자별 역할 할당 + +-- 김아이스(CEO)에게 ORG_ADMIN 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'ORG_ADMIN'), + uo.id +FROM user_organizations uo +JOIN users u ON u.id = uo.user_id +WHERE u.email = 'ice.kim@icebang.site'; + +-- 박방방(CTO)에게 AI_ENGINEER + WORKFLOW_ADMIN 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'AI_ENGINEER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo +JOIN users u ON u.id = uo.user_id +WHERE u.email = 'bang.park@icebang.site'; + +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'WORKFLOW_ADMIN' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo +JOIN users u ON u.id = uo.user_id +WHERE u.email = 'bang.park@icebang.site'; + +-- 이트렌드(데이터팀장)에게 DATA_SCIENTIST 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'DATA_SCIENTIST' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo +JOIN users u ON u.id = uo.user_id +WHERE u.email = 'trend.lee@icebang.site'; + +-- 정바이럴(콘텐츠팀장)에게 CONTENT_MANAGER 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'CONTENT_MANAGER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo +JOIN users u ON u.id = uo.user_id +WHERE u.email = 'viral.jung@icebang.site'; + +-- 최콘텐츠에게 CONTENT_CREATOR 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'CONTENT_CREATOR' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo +JOIN users u ON u.id = uo.user_id +WHERE u.email = 'content.choi@icebang.site'; + +-- 홍크롤러에게 CRAWLING_ENGINEER 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'CRAWLING_ENGINEER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo +JOIN users u ON u.id = uo.user_id +WHERE u.email = 'crawler.hong@icebang.site'; + +-- 서데이터에게 DATA_SCIENTIST 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'DATA_SCIENTIST' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo +JOIN users u ON u.id = uo.user_id +WHERE u.email = 'data.seo@icebang.site'; + +-- 윤워크플로(운영팀장)에게 OPERATIONS_MANAGER 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'OPERATIONS_MANAGER' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + uo.id +FROM user_organizations uo +JOIN users u ON u.id = uo.user_id +WHERE u.email = 'workflow.yoon@icebang.site'; + +-- 시스템관리자에게 SUPER_ADMIN 역할 +INSERT INTO `user_roles` (`role_id`, `user_organization_id`) +SELECT + (SELECT id FROM roles WHERE name = 'SUPER_ADMIN'), + uo.id +FROM user_organizations uo +JOIN users u ON u.id = uo.user_id +WHERE u.email = 'admin@icebang.site'; + +-- 추가: 시스템관리자 사용자-조직 연결 (빠진 부분) +INSERT INTO `user_organizations` (`user_id`, `organization_id`, `position_id`, `department_id`, `employee_number`, `status`) VALUES +((SELECT id FROM users WHERE email = 'admin@icebang.site'), + (SELECT id FROM organizations WHERE domain_name = 'icebang.site'), + (SELECT id FROM positions WHERE title = 'CTO' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + (SELECT id FROM departments WHERE name = '운영팀' AND organization_id = (SELECT id FROM organizations WHERE domain_name = 'icebang.site')), + 'OPS25000', 'ACTIVE');email = 'minsu.park@techinnovation.co.kr'; \ No newline at end of file diff --git a/apps/user-service/src/test/resources/sql/insert-user-data.sql b/apps/user-service/src/test/resources/sql/insert-user-data.sql deleted file mode 100644 index 95a24551..00000000 --- a/apps/user-service/src/test/resources/sql/insert-user-data.sql +++ /dev/null @@ -1,38 +0,0 @@ -INSERT INTO "USER" ("user_id", "name", "email", "password", "phone_number", "type", "status", "joined_at") -VALUES - ('86b2414f-8e4d-4c3e-953e-1b6c7003c271', '홍길동', 'hong.gildong@example.com', 'hashed_password_1', '010-1234-5678', 'INDIVIDUAL', 'ACTIVE', NOW()), - ('92d04a8b-185d-4f1b-85d1-9650d99d1234', '김철수', 'kim.chulsu@example.com', 'hashed_1b590e829a28', '010-9876-5432', 'INDIVIDUAL', 'ACTIVE', NOW()); - -INSERT INTO "GROUP_INFO" ("name", "description", "status") -VALUES - ('개발팀', '애플리케이션 개발 그룹', 'ACTIVE'), -- ID 1로 생성됨 - ('기획팀', '프로젝트 기획 그룹', 'ACTIVE'); -- ID 2로 생성됨 - -INSERT INTO "USER_GROUP_INFO" ("user_id", "group_info_id") -VALUES - ('86b2414f-8e4d-4c3e-953e-1b6c7003c271', 1), -- 홍길동 -> 개발팀 - ('92d04a8b-185d-4f1b-85d1-9650d99d1234', 2); -- 김철수 -> 기획팀 - -INSERT INTO "ROLE" ("name", "code", "description", "status") -VALUES - ('관리자', 'ADMIN', '모든 권한을 가진 역할', 'ACTIVE'), -- ID 1로 생성됨 - ('일반 사용자', 'USER', '기본 권한을 가진 역할', 'ACTIVE'); -- ID 2로 생성됨 - -INSERT INTO "PERMISSION" ("name", "code", "resource", "action", "description") -VALUES - ('사용자 정보 읽기', 'USER_READ', 'USER', 'READ', '사용자 정보 조회 권한'), -- ID 1로 생성됨 - ('사용자 정보 수정', 'USER_WRITE', 'USER', 'WRITE', '사용자 정보 수정 권한'), -- ID 2로 생성됨 - ('로그인', 'AUTH_LOGIN', 'AUTH', 'LOGIN', '로그인 권한'); -- ID 3으로 생성됨 - -INSERT INTO "USER_ROLE" ("user_id", "role_id") -VALUES - ('86b2414f-8e4d-4c3e-953e-1b6c7003c271', 1), -- 홍길동 -> 관리자 - ('92d04a8b-185d-4f1b-85d1-9650d99d1234', 2); -- 김철수 -> 일반 사용자 - -INSERT INTO "ROLE_PERMISSION" ("role_id", "permission_id") -VALUES - (1, 1), -- 관리자 -> 사용자 정보 읽기 - (1, 2), -- 관리자 -> 사용자 정보 수정 - (1, 3), -- 관리자 -> 로그인 - (2, 1), -- 일반 사용자 -> 사용자 정보 읽기 - (2, 3); -- 일반 사용자 -> 로그인 \ No newline at end of file