feat: Integrate audit logging for various operations
- Added audit logging functionality across multiple controllers, including menu, user, department, flow, screen, and table management. - Implemented logging for create, update, and delete actions, capturing relevant details such as company code, user information, and changes made. - Enhanced the category tree service with a new endpoint to check if category values are in use, improving data integrity checks. - Updated routes to include new functionalities and ensure proper logging for batch operations and individual record changes. - This integration improves traceability and accountability for data modifications within the application.
This commit is contained in:
kjs
@@ -10,6 +10,7 @@ import { EncryptUtil } from "../utils/encryptUtil";
|
||||
import { FileSystemManager } from "../utils/fileSystemManager";
|
||||
import { validateBusinessNumber } from "../utils/businessNumberValidator";
|
||||
import { MenuCopyService } from "../services/menuCopyService";
|
||||
import { auditLogService } from "../services/auditLogService";
|
||||
|
||||
/**
|
||||
* 관리자 메뉴 목록 조회
|
||||
@@ -1177,7 +1178,7 @@ export async function saveMenu(
|
||||
success: true,
|
||||
message: "메뉴가 성공적으로 저장되었습니다.",
|
||||
data: {
|
||||
objid: savedMenu.objid.toString(), // BigInt를 문자열로 변환
|
||||
objid: savedMenu.objid.toString(),
|
||||
menuNameKor: savedMenu.menu_name_kor,
|
||||
menuNameEng: savedMenu.menu_name_eng,
|
||||
menuUrl: savedMenu.menu_url,
|
||||
@@ -1188,6 +1189,20 @@ export async function saveMenu(
|
||||
},
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "CREATE",
|
||||
resourceType: "MENU",
|
||||
resourceId: savedMenu.objid?.toString(),
|
||||
resourceName: savedMenu.menu_name_kor,
|
||||
summary: `메뉴 "${savedMenu.menu_name_kor}" 생성`,
|
||||
changes: { after: { menuNameKor: savedMenu.menu_name_kor, menuUrl: savedMenu.menu_url, status: savedMenu.status } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json(response);
|
||||
} catch (error) {
|
||||
logger.error("메뉴 저장 실패:", error);
|
||||
@@ -1375,6 +1390,23 @@ export async function updateMenu(
|
||||
},
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || updatedMenu.company_code || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "MENU",
|
||||
resourceId: updatedMenu.objid?.toString(),
|
||||
resourceName: updatedMenu.menu_name_kor,
|
||||
summary: `메뉴 "${updatedMenu.menu_name_kor}" 수정`,
|
||||
changes: {
|
||||
before: { menuNameKor: currentMenu.menu_name_kor, menuUrl: currentMenu.menu_url, status: currentMenu.status },
|
||||
after: { menuNameKor: updatedMenu.menu_name_kor, menuUrl: updatedMenu.menu_url, status: updatedMenu.status },
|
||||
},
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json(response);
|
||||
} catch (error) {
|
||||
logger.error("메뉴 수정 실패:", error);
|
||||
@@ -1554,6 +1586,20 @@ export async function deleteMenu(
|
||||
},
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: currentMenu.company_code || req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "DELETE",
|
||||
resourceType: "MENU",
|
||||
resourceId: menuObjid.toString(),
|
||||
resourceName: currentMenu.menu_name_kor,
|
||||
summary: `메뉴 "${currentMenu.menu_name_kor}" 삭제 (하위 ${childMenuIds.length}개 포함, 총 ${allMenuIdsToDelete.length}건)`,
|
||||
changes: { before: { menuNameKor: currentMenu.menu_name_kor } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json(response);
|
||||
} catch (error) {
|
||||
logger.error("메뉴 삭제 실패:", error);
|
||||
@@ -1717,6 +1763,20 @@ export async function deleteMenusBatch(
|
||||
},
|
||||
};
|
||||
|
||||
if (deletedCount > 0) {
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "DELETE",
|
||||
resourceType: "MENU",
|
||||
summary: `메뉴 일괄 삭제: ${deletedCount}개 삭제, ${failedCount}개 실패`,
|
||||
changes: { before: { deletedMenus, failedMenuIds } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
}
|
||||
|
||||
res.status(200).json(response);
|
||||
} catch (error) {
|
||||
logger.error("메뉴 일괄 삭제 실패:", error);
|
||||
@@ -1813,6 +1873,20 @@ export async function toggleMenuStatus(
|
||||
data: result,
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: currentMenu.company_code || req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "STATUS_CHANGE",
|
||||
resourceType: "MENU",
|
||||
resourceId: String(menuId),
|
||||
resourceName: currentMenu.menu_name_kor,
|
||||
summary: `메뉴 "${currentMenu.menu_name_kor}" 상태 변경: ${currentStatus} → ${newStatus}`,
|
||||
changes: { before: { status: currentStatus }, after: { status: newStatus }, fields: ["status"] },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json(response);
|
||||
} catch (error) {
|
||||
logger.error("메뉴 상태 토글 실패:", error);
|
||||
@@ -2442,6 +2516,20 @@ export const changeUserStatus = async (
|
||||
updatedBy: req.user?.userId,
|
||||
});
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: currentUser.company_code || req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "STATUS_CHANGE",
|
||||
resourceType: "USER",
|
||||
resourceId: userId,
|
||||
resourceName: currentUser.user_name,
|
||||
summary: `사용자 "${currentUser.user_name}" 상태 변경: ${currentUser.status} → ${status}`,
|
||||
changes: { before: { status: currentUser.status }, after: { status }, fields: ["status"] },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
result: true,
|
||||
msg: `사용자 상태가 ${status === "active" ? "활성" : "비활성"}으로 변경되었습니다.`,
|
||||
@@ -2579,6 +2667,20 @@ export const saveUser = async (req: AuthenticatedRequest, res: Response) => {
|
||||
},
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: userData.companyCode || req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: isExistingUser ? "UPDATE" : "CREATE",
|
||||
resourceType: "USER",
|
||||
resourceId: userData.userId,
|
||||
resourceName: userData.userName,
|
||||
summary: isExistingUser ? `사용자 "${userData.userName}" 정보 수정` : `사용자 "${userData.userName}" 등록`,
|
||||
changes: { after: { userId: userData.userId, userName: userData.userName, deptName: userData.deptName, status: userData.status } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json(response);
|
||||
} catch (error) {
|
||||
logger.error("사용자 저장 실패", { error, userData: req.body });
|
||||
@@ -2769,6 +2871,20 @@ export const createCompany = async (
|
||||
},
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: createdCompany.company_code,
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "CREATE",
|
||||
resourceType: "COMPANY",
|
||||
resourceId: createdCompany.company_code,
|
||||
resourceName: createdCompany.company_name,
|
||||
summary: `회사 "${createdCompany.company_name}" (${createdCompany.company_code}) 등록`,
|
||||
changes: { after: { company_code: createdCompany.company_code, company_name: createdCompany.company_name } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(201).json(response);
|
||||
} finally {
|
||||
await client.end();
|
||||
@@ -2938,7 +3054,11 @@ export const updateCompany = async (
|
||||
}
|
||||
}
|
||||
|
||||
// Raw Query로 회사 정보 수정
|
||||
const beforeCompany = await queryOne<any>(
|
||||
`SELECT company_name, status FROM company_mng WHERE company_code = $1`,
|
||||
[companyCode]
|
||||
);
|
||||
|
||||
const result = await query<any>(
|
||||
`UPDATE company_mng
|
||||
SET
|
||||
@@ -2994,6 +3114,23 @@ export const updateCompany = async (
|
||||
},
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: updatedCompany.company_code,
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "COMPANY",
|
||||
resourceId: updatedCompany.company_code,
|
||||
resourceName: updatedCompany.company_name,
|
||||
summary: `회사 "${updatedCompany.company_name}" 정보 수정`,
|
||||
changes: {
|
||||
before: { company_name: beforeCompany?.company_name, status: beforeCompany?.status },
|
||||
after: { company_name: updatedCompany.company_name, status: updatedCompany.status },
|
||||
},
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json(response);
|
||||
} catch (error) {
|
||||
logger.error("회사 정보 수정 실패", { error, body: req.body });
|
||||
@@ -3055,6 +3192,20 @@ export const deleteCompany = async (
|
||||
},
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: deletedCompany.company_code,
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "DELETE",
|
||||
resourceType: "COMPANY",
|
||||
resourceId: deletedCompany.company_code,
|
||||
resourceName: deletedCompany.company_name,
|
||||
summary: `회사 "${deletedCompany.company_name}" (${deletedCompany.company_code}) 삭제`,
|
||||
changes: { before: { company_code: deletedCompany.company_code, company_name: deletedCompany.company_name } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json(response);
|
||||
} catch (error) {
|
||||
logger.error("회사 삭제 실패", { error });
|
||||
@@ -3221,6 +3372,20 @@ export const updateProfile = async (
|
||||
: null,
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "USER",
|
||||
resourceId: userId,
|
||||
resourceName: updatedUser?.user_name || "",
|
||||
summary: `프로필 수정 (${updateFields.length}개 항목)`,
|
||||
changes: { after: { userName, email, tel, cellPhone, locale } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
result: true,
|
||||
message: "프로필이 성공적으로 업데이트되었습니다.",
|
||||
@@ -3334,6 +3499,20 @@ export const resetUserPassword = async (
|
||||
updatedBy: req.user?.userId,
|
||||
});
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "USER",
|
||||
resourceId: userId,
|
||||
resourceName: currentUser.user_name,
|
||||
summary: `사용자 "${currentUser.user_name}" 비밀번호 초기화`,
|
||||
changes: { fields: ["user_password"] },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
result: true,
|
||||
@@ -3535,6 +3714,19 @@ export async function copyMenu(
|
||||
|
||||
logger.info("✅ 메뉴 복사 API 성공");
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || userId,
|
||||
userName: req.user?.userName || "",
|
||||
action: "COPY",
|
||||
resourceType: "MENU",
|
||||
resourceId: menuObjid,
|
||||
summary: `메뉴(${menuObjid}) → 회사 "${targetCompanyCode}"로 복사`,
|
||||
changes: { after: { targetCompanyCode, menuObjid } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
message: "메뉴 복사 완료",
|
||||
@@ -3849,6 +4041,20 @@ export const saveUserWithDept = async (
|
||||
isUpdate: isExistingUser,
|
||||
});
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: isExistingUser ? "UPDATE" : "CREATE",
|
||||
resourceType: "USER",
|
||||
resourceId: userInfo.user_id,
|
||||
resourceName: userInfo.user_name,
|
||||
summary: `사용자 "${userInfo.user_name}" ${isExistingUser ? "수정" : "등록"} (부서: ${mainDept?.dept_name || "없음"})`,
|
||||
changes: { after: { userName: userInfo.user_name, email: userInfo.email, deptName: mainDept?.dept_name, status: userInfo.status } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
message: isExistingUser ? "사원 정보가 수정되었습니다." : "사원이 등록되었습니다.",
|
||||
|
||||
139
backend-node/src/controllers/auditLogController.ts
Normal file
139
backend-node/src/controllers/auditLogController.ts
Normal file
@@ -0,0 +1,139 @@
|
||||
import { Response } from "express";
|
||||
import { AuthenticatedRequest } from "../middleware/authMiddleware";
|
||||
import { auditLogService } from "../services/auditLogService";
|
||||
import { query } from "../database/db";
|
||||
import logger from "../utils/logger";
|
||||
|
||||
export const getAuditLogs = async (
|
||||
req: AuthenticatedRequest,
|
||||
res: Response
|
||||
): Promise<void> => {
|
||||
try {
|
||||
const userCompanyCode = req.user?.companyCode;
|
||||
const isSuperAdmin = userCompanyCode === "*";
|
||||
|
||||
const {
|
||||
companyCode,
|
||||
userId,
|
||||
resourceType,
|
||||
action,
|
||||
tableName,
|
||||
dateFrom,
|
||||
dateTo,
|
||||
search,
|
||||
page,
|
||||
limit,
|
||||
} = req.query;
|
||||
|
||||
const result = await auditLogService.queryLogs(
|
||||
{
|
||||
companyCode: (companyCode as string) || (isSuperAdmin ? undefined : userCompanyCode),
|
||||
userId: userId as string,
|
||||
resourceType: resourceType as string,
|
||||
action: action as string,
|
||||
tableName: tableName as string,
|
||||
dateFrom: dateFrom as string,
|
||||
dateTo: dateTo as string,
|
||||
search: search as string,
|
||||
page: page ? parseInt(page as string, 10) : 1,
|
||||
limit: limit ? parseInt(limit as string, 10) : 50,
|
||||
},
|
||||
isSuperAdmin
|
||||
);
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
data: result.data,
|
||||
total: result.total,
|
||||
page: page ? parseInt(page as string, 10) : 1,
|
||||
limit: limit ? parseInt(limit as string, 10) : 50,
|
||||
});
|
||||
} catch (error: any) {
|
||||
logger.error("감사 로그 조회 실패", { error: error.message });
|
||||
res.status(500).json({
|
||||
success: false,
|
||||
message: "감사 로그 조회 중 오류가 발생했습니다.",
|
||||
});
|
||||
}
|
||||
};
|
||||
|
||||
export const getAuditLogStats = async (
|
||||
req: AuthenticatedRequest,
|
||||
res: Response
|
||||
): Promise<void> => {
|
||||
try {
|
||||
const userCompanyCode = req.user?.companyCode;
|
||||
const isSuperAdmin = userCompanyCode === "*";
|
||||
const { companyCode, days } = req.query;
|
||||
|
||||
const targetCompany = isSuperAdmin
|
||||
? (companyCode as string) || undefined
|
||||
: userCompanyCode;
|
||||
|
||||
const stats = await auditLogService.getStats(
|
||||
targetCompany,
|
||||
days ? parseInt(days as string, 10) : 30
|
||||
);
|
||||
|
||||
res.json({ success: true, data: stats });
|
||||
} catch (error: any) {
|
||||
logger.error("감사 로그 통계 조회 실패", { error: error.message });
|
||||
res.status(500).json({
|
||||
success: false,
|
||||
message: "감사 로그 통계 조회 중 오류가 발생했습니다.",
|
||||
});
|
||||
}
|
||||
};
|
||||
|
||||
export const getAuditLogUsers = async (
|
||||
req: AuthenticatedRequest,
|
||||
res: Response
|
||||
): Promise<void> => {
|
||||
try {
|
||||
const userCompanyCode = req.user?.companyCode;
|
||||
const isSuperAdmin = userCompanyCode === "*";
|
||||
const { companyCode } = req.query;
|
||||
|
||||
const conditions: string[] = ["LOWER(u.status) = 'active'"];
|
||||
const params: any[] = [];
|
||||
let paramIndex = 1;
|
||||
|
||||
if (!isSuperAdmin) {
|
||||
conditions.push(`u.company_code = $${paramIndex++}`);
|
||||
params.push(userCompanyCode);
|
||||
} else if (companyCode) {
|
||||
conditions.push(`u.company_code = $${paramIndex++}`);
|
||||
params.push(companyCode);
|
||||
}
|
||||
|
||||
if (!isSuperAdmin) {
|
||||
conditions.push(`u.company_code != '*'`);
|
||||
}
|
||||
|
||||
const whereClause = conditions.length > 0 ? `WHERE ${conditions.join(" AND ")}` : "";
|
||||
|
||||
const users = await query<{ user_id: string; user_name: string; count: number }>(
|
||||
`SELECT
|
||||
u.user_id,
|
||||
u.user_name,
|
||||
COALESCE(sal.log_count, 0)::int as count
|
||||
FROM user_info u
|
||||
LEFT JOIN (
|
||||
SELECT user_id, COUNT(*) as log_count
|
||||
FROM system_audit_log
|
||||
GROUP BY user_id
|
||||
) sal ON u.user_id = sal.user_id
|
||||
${whereClause}
|
||||
ORDER BY count DESC, u.user_name ASC`,
|
||||
params
|
||||
);
|
||||
|
||||
res.json({ success: true, data: users });
|
||||
} catch (error: any) {
|
||||
logger.error("감사 로그 사용자 목록 조회 실패", { error: error.message });
|
||||
res.status(500).json({
|
||||
success: false,
|
||||
message: "사용자 목록 조회 중 오류가 발생했습니다.",
|
||||
});
|
||||
}
|
||||
};
|
||||
@@ -205,6 +205,31 @@ router.put("/test/value/:valueId", async (req: AuthenticatedRequest, res: Respon
|
||||
}
|
||||
});
|
||||
|
||||
/**
|
||||
* 카테고리 값 삭제 가능 여부 사전 확인
|
||||
* GET /api/category-tree/test/value/:valueId/can-delete
|
||||
*/
|
||||
router.get("/test/value/:valueId/can-delete", async (req: AuthenticatedRequest, res: Response) => {
|
||||
try {
|
||||
const { valueId } = req.params;
|
||||
const companyCode = req.user?.companyCode || "*";
|
||||
|
||||
const result = await categoryTreeService.checkCanDelete(companyCode, Number(valueId));
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
data: result,
|
||||
});
|
||||
} catch (error: unknown) {
|
||||
const err = error as Error;
|
||||
logger.error("카테고리 삭제 가능 여부 확인 API 오류", { error: err.message });
|
||||
res.status(500).json({
|
||||
success: false,
|
||||
error: err.message,
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
/**
|
||||
* 카테고리 값 삭제
|
||||
* DELETE /api/category-tree/test/value/:valueId
|
||||
@@ -229,6 +254,16 @@ router.delete("/test/value/:valueId", async (req: AuthenticatedRequest, res: Res
|
||||
});
|
||||
} catch (error: unknown) {
|
||||
const err = error as Error;
|
||||
|
||||
if (err.message.startsWith("VALIDATION:")) {
|
||||
const validationMessage = err.message.replace("VALIDATION:", "");
|
||||
logger.warn("카테고리 값 삭제 검증 실패", { valueId: req.params.valueId, reason: validationMessage });
|
||||
return res.status(400).json({
|
||||
success: false,
|
||||
error: validationMessage,
|
||||
});
|
||||
}
|
||||
|
||||
logger.error("카테고리 값 삭제 API 오류", { error: err.message });
|
||||
res.status(500).json({
|
||||
success: false,
|
||||
|
||||
@@ -6,6 +6,7 @@ import {
|
||||
} from "../services/commonCodeService";
|
||||
import { AuthenticatedRequest } from "../types/auth";
|
||||
import { logger } from "../utils/logger";
|
||||
import { auditLogService } from "../services/auditLogService";
|
||||
|
||||
export class CommonCodeController {
|
||||
private commonCodeService: CommonCodeService;
|
||||
@@ -163,6 +164,18 @@ export class CommonCodeController {
|
||||
Number(menuObjid)
|
||||
);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: companyCode || "",
|
||||
userId: userId || "",
|
||||
action: "CREATE",
|
||||
resourceType: "CODE_CATEGORY",
|
||||
resourceId: category?.categoryCode,
|
||||
resourceName: category?.categoryName || categoryData.categoryName,
|
||||
summary: `코드 카테고리 "${category?.categoryName || categoryData.categoryName}" 생성`,
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
return res.status(201).json({
|
||||
success: true,
|
||||
data: category,
|
||||
@@ -208,6 +221,18 @@ export class CommonCodeController {
|
||||
companyCode
|
||||
);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: companyCode || "",
|
||||
userId: userId || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "CODE_CATEGORY",
|
||||
resourceId: categoryCode,
|
||||
resourceName: category?.categoryName,
|
||||
summary: `코드 카테고리 "${categoryCode}" 수정`,
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
return res.json({
|
||||
success: true,
|
||||
data: category,
|
||||
@@ -245,6 +270,17 @@ export class CommonCodeController {
|
||||
|
||||
await this.commonCodeService.deleteCategory(categoryCode, companyCode);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
action: "DELETE",
|
||||
resourceType: "CODE_CATEGORY",
|
||||
resourceId: categoryCode,
|
||||
summary: `코드 카테고리 "${categoryCode}" 삭제`,
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
return res.json({
|
||||
success: true,
|
||||
message: "카테고리 삭제 성공",
|
||||
@@ -303,6 +339,18 @@ export class CommonCodeController {
|
||||
effectiveMenuObjid
|
||||
);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: companyCode || "",
|
||||
userId: userId || "",
|
||||
action: "CREATE",
|
||||
resourceType: "CODE",
|
||||
resourceId: codeData.codeValue,
|
||||
resourceName: codeData.codeName,
|
||||
summary: `코드 "${codeData.codeName}" (${categoryCode}) 생성`,
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
return res.status(201).json({
|
||||
success: true,
|
||||
data: code,
|
||||
|
||||
@@ -9,6 +9,7 @@ import { DDLExecutionService } from "../services/ddlExecutionService";
|
||||
import { DDLAuditLogger } from "../services/ddlAuditLogger";
|
||||
import { CreateTableRequest, AddColumnRequest } from "../types/ddl";
|
||||
import { logger } from "../utils/logger";
|
||||
import { auditLogService } from "../services/auditLogService";
|
||||
|
||||
export class DDLController {
|
||||
/**
|
||||
@@ -59,6 +60,20 @@ export class DDLController {
|
||||
);
|
||||
|
||||
if (result.success) {
|
||||
auditLogService.log({
|
||||
companyCode: userCompanyCode || "",
|
||||
userId,
|
||||
action: "CREATE",
|
||||
resourceType: "TABLE",
|
||||
resourceId: tableName,
|
||||
resourceName: tableName,
|
||||
tableName,
|
||||
summary: `테이블 "${tableName}" 생성 (${columns.length}개 컬럼)`,
|
||||
changes: { after: { tableName, columnCount: columns.length, description } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json({
|
||||
success: true,
|
||||
message: result.message,
|
||||
|
||||
@@ -3,6 +3,7 @@ import { logger } from "../utils/logger";
|
||||
import { AuthenticatedRequest } from "../types/auth";
|
||||
import { ApiResponse } from "../types/common";
|
||||
import { query, queryOne } from "../database/db";
|
||||
import { auditLogService } from "../services/auditLogService";
|
||||
|
||||
/**
|
||||
* 부서 목록 조회 (회사별)
|
||||
@@ -170,6 +171,21 @@ export async function createDepartment(req: AuthenticatedRequest, res: Response)
|
||||
|
||||
logger.info("부서 생성 성공", { deptCode, dept_name });
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: companyCode || req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "CREATE",
|
||||
resourceType: "DATA",
|
||||
resourceId: deptCode,
|
||||
resourceName: dept_name.trim(),
|
||||
tableName: "dept_info",
|
||||
summary: `부서 "${dept_name.trim()}" 생성`,
|
||||
changes: { after: { deptCode, deptName: dept_name.trim(), parentDeptCode: parent_dept_code } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(201).json({
|
||||
success: true,
|
||||
message: "부서가 생성되었습니다.",
|
||||
@@ -219,6 +235,21 @@ export async function updateDepartment(req: AuthenticatedRequest, res: Response)
|
||||
|
||||
logger.info("부서 수정 성공", { deptCode });
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "DATA",
|
||||
resourceId: deptCode,
|
||||
resourceName: dept_name.trim(),
|
||||
tableName: "dept_info",
|
||||
summary: `부서 "${dept_name.trim()}" 수정`,
|
||||
changes: { after: { deptName: dept_name.trim(), parentDeptCode: parent_dept_code } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json({
|
||||
success: true,
|
||||
message: "부서가 수정되었습니다.",
|
||||
@@ -285,6 +316,21 @@ export async function deleteDepartment(req: AuthenticatedRequest, res: Response)
|
||||
deletedMemberCount: memberCount
|
||||
});
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "DELETE",
|
||||
resourceType: "DATA",
|
||||
resourceId: deptCode,
|
||||
resourceName: result[0].dept_name,
|
||||
tableName: "dept_info",
|
||||
summary: `부서 "${result[0].dept_name}" 삭제${memberCount > 0 ? ` (부서원 ${memberCount}명 제외)` : ""}`,
|
||||
changes: { before: { deptCode, deptName: result[0].dept_name } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json({
|
||||
success: true,
|
||||
message: memberCount > 0
|
||||
|
||||
@@ -10,6 +10,7 @@ import { FlowConnectionService } from "../services/flowConnectionService";
|
||||
import { FlowExecutionService } from "../services/flowExecutionService";
|
||||
import { FlowDataMoveService } from "../services/flowDataMoveService";
|
||||
import { FlowProcedureService } from "../services/flowProcedureService";
|
||||
import { auditLogService } from "../services/auditLogService";
|
||||
|
||||
export class FlowController {
|
||||
private flowDefinitionService: FlowDefinitionService;
|
||||
@@ -86,12 +87,25 @@ export class FlowController {
|
||||
restApiConnectionId,
|
||||
restApiEndpoint,
|
||||
restApiJsonPath,
|
||||
restApiConnections: req.body.restApiConnections, // 다중 REST API 설정
|
||||
restApiConnections: req.body.restApiConnections,
|
||||
},
|
||||
userId,
|
||||
userCompanyCode
|
||||
);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: userCompanyCode || "",
|
||||
userId: userId || "",
|
||||
action: "CREATE",
|
||||
resourceType: "FLOW",
|
||||
resourceId: String(flowDef?.id || ""),
|
||||
resourceName: flowDef?.name || name,
|
||||
summary: `플로우 "${flowDef?.name || name}" 생성`,
|
||||
changes: { after: { name, tableName } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
data: flowDef,
|
||||
@@ -188,6 +202,7 @@ export class FlowController {
|
||||
const { name, description, isActive } = req.body;
|
||||
const userCompanyCode = (req as any).user?.companyCode;
|
||||
|
||||
const beforeFlow = await this.flowDefinitionService.findById(flowId);
|
||||
const flowDef = await this.flowDefinitionService.update(flowId, {
|
||||
name,
|
||||
description,
|
||||
@@ -202,6 +217,22 @@ export class FlowController {
|
||||
return;
|
||||
}
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: userCompanyCode || "",
|
||||
userId: (req as any).user?.userId || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "FLOW",
|
||||
resourceId: String(flowId),
|
||||
resourceName: flowDef?.name || name,
|
||||
summary: `플로우 "${flowDef?.name || name}" 수정`,
|
||||
changes: {
|
||||
before: { name: beforeFlow?.name, description: beforeFlow?.description, isActive: beforeFlow?.isActive },
|
||||
after: { name, description, isActive },
|
||||
},
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
data: flowDef,
|
||||
@@ -234,6 +265,17 @@ export class FlowController {
|
||||
return;
|
||||
}
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: userCompanyCode || "",
|
||||
userId: (req as any).user?.userId || "",
|
||||
action: "DELETE",
|
||||
resourceType: "FLOW",
|
||||
resourceId: String(flowId),
|
||||
summary: `플로우(ID:${flowId}) 삭제`,
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
message: "Flow definition deleted successfully",
|
||||
@@ -321,6 +363,19 @@ export class FlowController {
|
||||
positionY,
|
||||
});
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: userCompanyCode || "",
|
||||
userId: (req as any).user?.userId || "",
|
||||
action: "CREATE",
|
||||
resourceType: "FLOW_STEP",
|
||||
resourceId: String(step?.id || ""),
|
||||
resourceName: stepName,
|
||||
summary: `플로우 스텝 "${stepName}" 생성 (플로우 ID:${flowDefinitionId})`,
|
||||
changes: { after: { stepName, tableName, stepOrder } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
data: step,
|
||||
@@ -373,6 +428,7 @@ export class FlowController {
|
||||
}
|
||||
}
|
||||
|
||||
const beforeStep = existingStep;
|
||||
const step = await this.flowStepService.update(id, {
|
||||
stepName,
|
||||
stepOrder,
|
||||
@@ -399,6 +455,22 @@ export class FlowController {
|
||||
return;
|
||||
}
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: userCompanyCode || "",
|
||||
userId: (req as any).user?.userId || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "FLOW_STEP",
|
||||
resourceId: String(id),
|
||||
resourceName: step?.stepName || stepName,
|
||||
summary: `플로우 스텝 "${step?.stepName || stepName}" 수정`,
|
||||
changes: {
|
||||
before: { stepName: beforeStep?.stepName, tableName: beforeStep?.tableName, stepOrder: beforeStep?.stepOrder },
|
||||
after: { stepName, tableName, stepOrder },
|
||||
},
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
data: step,
|
||||
@@ -444,6 +516,18 @@ export class FlowController {
|
||||
return;
|
||||
}
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: userCompanyCode || "",
|
||||
userId: (req as any).user?.userId || "",
|
||||
action: "DELETE",
|
||||
resourceType: "FLOW_STEP",
|
||||
resourceId: String(id),
|
||||
resourceName: existingStep?.stepName,
|
||||
summary: `플로우 스텝 "${existingStep?.stepName || id}" 삭제`,
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
message: "Flow step deleted successfully",
|
||||
@@ -530,6 +614,19 @@ export class FlowController {
|
||||
label,
|
||||
});
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: userCompanyCode || "",
|
||||
userId: (req as any).user?.userId || "",
|
||||
action: "CREATE",
|
||||
resourceType: "FLOW",
|
||||
resourceId: String(flowDefinitionId),
|
||||
resourceName: flowDef?.name || "",
|
||||
summary: `플로우 "${flowDef?.name}" 연결 생성 (${fromStep?.stepName} → ${toStep?.stepName})`,
|
||||
changes: { after: { fromStepId, toStepId, label } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
data: connection,
|
||||
@@ -575,6 +672,18 @@ export class FlowController {
|
||||
return;
|
||||
}
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: userCompanyCode || "",
|
||||
userId: (req as any).user?.userId || "",
|
||||
action: "DELETE",
|
||||
resourceType: "FLOW",
|
||||
resourceId: String(existingConn?.flowDefinitionId || id),
|
||||
summary: `플로우 연결 삭제 (ID: ${id})`,
|
||||
changes: { before: { connectionId: id } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
message: "Connection deleted successfully",
|
||||
|
||||
@@ -9,6 +9,7 @@ import {
|
||||
} from "../middleware/authMiddleware";
|
||||
import { numberingRuleService } from "../services/numberingRuleService";
|
||||
import { logger } from "../utils/logger";
|
||||
import { auditLogService } from "../services/auditLogService";
|
||||
|
||||
const router = Router();
|
||||
|
||||
@@ -189,6 +190,19 @@ router.post(
|
||||
menuObjid: newRule.menuObjid,
|
||||
});
|
||||
|
||||
auditLogService.log({
|
||||
companyCode,
|
||||
userId,
|
||||
action: "CREATE",
|
||||
resourceType: "NUMBERING_RULE",
|
||||
resourceId: String(newRule.ruleId),
|
||||
resourceName: ruleConfig.ruleName,
|
||||
summary: `채번 규칙 "${ruleConfig.ruleName}" 생성`,
|
||||
changes: { after: { ruleName: ruleConfig.ruleName, prefix: ruleConfig.prefix } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
return res.status(201).json({ success: true, data: newRule });
|
||||
} catch (error: any) {
|
||||
if (error.code === "23505") {
|
||||
@@ -218,12 +232,29 @@ router.put(
|
||||
logger.info("채번 규칙 수정 요청", { ruleId, companyCode, updates });
|
||||
|
||||
try {
|
||||
const beforeRule = await numberingRuleService.getRuleById(ruleId, companyCode);
|
||||
const updatedRule = await numberingRuleService.updateRule(
|
||||
ruleId,
|
||||
updates,
|
||||
companyCode
|
||||
);
|
||||
logger.info("채번 규칙 수정 성공", { ruleId, companyCode });
|
||||
|
||||
auditLogService.log({
|
||||
companyCode,
|
||||
userId: req.user?.userId || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "NUMBERING_RULE",
|
||||
resourceId: ruleId,
|
||||
summary: `채번 규칙(ID:${ruleId}) 수정`,
|
||||
changes: {
|
||||
before: { ruleName: beforeRule?.ruleName, prefix: beforeRule?.prefix },
|
||||
after: updates,
|
||||
},
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
return res.json({ success: true, data: updatedRule });
|
||||
} catch (error: any) {
|
||||
logger.error("채번 규칙 수정 실패", {
|
||||
@@ -250,6 +281,18 @@ router.delete(
|
||||
|
||||
try {
|
||||
await numberingRuleService.deleteRule(ruleId, companyCode);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode,
|
||||
userId: req.user?.userId || "",
|
||||
action: "DELETE",
|
||||
resourceType: "NUMBERING_RULE",
|
||||
resourceId: ruleId,
|
||||
summary: `채번 규칙(ID:${ruleId}) 삭제`,
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
return res.json({ success: true, message: "규칙이 삭제되었습니다" });
|
||||
} catch (error: any) {
|
||||
if (error.message.includes("찾을 수 없거나")) {
|
||||
|
||||
@@ -8,6 +8,7 @@ import {
|
||||
isCompanyAdmin,
|
||||
canAccessCompanyData,
|
||||
} from "../utils/permissionUtils";
|
||||
import { auditLogService } from "../services/auditLogService";
|
||||
|
||||
/**
|
||||
* 권한 그룹 목록 조회
|
||||
@@ -179,6 +180,20 @@ export const createRoleGroup = async (
|
||||
data: roleGroup,
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: companyCode || req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "CREATE",
|
||||
resourceType: "ROLE",
|
||||
resourceId: String(roleGroup?.objid || ""),
|
||||
resourceName: authName,
|
||||
summary: `권한 그룹 "${authName}" 생성`,
|
||||
changes: { after: { authName, authCode, companyCode } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(201).json(response);
|
||||
} catch (error) {
|
||||
logger.error("권한 그룹 생성 실패", { error });
|
||||
@@ -243,6 +258,23 @@ export const updateRoleGroup = async (
|
||||
data: roleGroup,
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "ROLE",
|
||||
resourceId: String(objid),
|
||||
resourceName: authName,
|
||||
summary: `권한 그룹 "${authName}" 수정`,
|
||||
changes: {
|
||||
before: { authName: existingRoleGroup.authName, authCode: existingRoleGroup.authCode, status: existingRoleGroup.status },
|
||||
after: { authName, authCode, status },
|
||||
},
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json(response);
|
||||
} catch (error) {
|
||||
logger.error("권한 그룹 수정 실패", { error });
|
||||
@@ -302,6 +334,19 @@ export const deleteRoleGroup = async (
|
||||
data: null,
|
||||
};
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: existingRoleGroup.companyCode || req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "DELETE",
|
||||
resourceType: "ROLE",
|
||||
resourceId: String(objid),
|
||||
resourceName: existingRoleGroup.authName,
|
||||
summary: `권한 그룹 "${existingRoleGroup.authName}" 삭제`,
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(200).json(response);
|
||||
} catch (error) {
|
||||
logger.error("권한 그룹 삭제 실패", { error });
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import { Response } from "express";
|
||||
import { screenManagementService } from "../services/screenManagementService";
|
||||
import { AuthenticatedRequest } from "../types/auth";
|
||||
import { auditLogService } from "../services/auditLogService";
|
||||
|
||||
// 화면 목록 조회
|
||||
export const getScreens = async (req: AuthenticatedRequest, res: Response) => {
|
||||
@@ -108,6 +109,21 @@ export const createScreen = async (
|
||||
screenData,
|
||||
companyCode
|
||||
);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode,
|
||||
userId: (req.user as any)?.userId || "",
|
||||
userName: (req.user as any)?.userName || "",
|
||||
action: "CREATE",
|
||||
resourceType: "SCREEN",
|
||||
resourceId: String(newScreen?.id || ""),
|
||||
resourceName: newScreen?.screenName || screenData.screenName,
|
||||
summary: `화면 "${newScreen?.screenName || screenData.screenName}" 생성`,
|
||||
changes: { after: { screenName: newScreen?.screenName, tableName: newScreen?.tableName } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.status(201).json({ success: true, data: newScreen });
|
||||
} catch (error) {
|
||||
console.error("화면 생성 실패:", error);
|
||||
@@ -125,12 +141,31 @@ export const updateScreen = async (
|
||||
try {
|
||||
const { id } = req.params;
|
||||
const { companyCode } = req.user as any;
|
||||
const beforeScreen = await screenManagementService.getScreenById(parseInt(id));
|
||||
const updateData = { ...req.body, companyCode };
|
||||
const updatedScreen = await screenManagementService.updateScreen(
|
||||
parseInt(id),
|
||||
updateData,
|
||||
companyCode
|
||||
);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode,
|
||||
userId: (req.user as any)?.userId || "",
|
||||
userName: (req.user as any)?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "SCREEN",
|
||||
resourceId: id,
|
||||
resourceName: updatedScreen?.screenName || updateData.screenName,
|
||||
summary: `화면 "${updatedScreen?.screenName || updateData.screenName}" 수정`,
|
||||
changes: {
|
||||
before: { screenName: beforeScreen?.screenName, tableName: beforeScreen?.tableName, isActive: beforeScreen?.isActive },
|
||||
after: { screenName: updateData.screenName, tableName: updateData.tableName, isActive: updateData.isActive },
|
||||
},
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({ success: true, data: updatedScreen });
|
||||
} catch (error) {
|
||||
console.error("화면 수정 실패:", error);
|
||||
@@ -140,6 +175,33 @@ export const updateScreen = async (
|
||||
}
|
||||
};
|
||||
|
||||
// 화면 테이블명 변경
|
||||
export const updateScreenTableName = async (
|
||||
req: AuthenticatedRequest,
|
||||
res: Response
|
||||
) => {
|
||||
try {
|
||||
const { screenId } = req.params;
|
||||
const { companyCode } = req.user as any;
|
||||
const { tableName } = req.body;
|
||||
|
||||
if (!tableName) {
|
||||
return res.status(400).json({ success: false, message: "테이블명이 필요합니다." });
|
||||
}
|
||||
|
||||
await screenManagementService.updateScreenTableName(
|
||||
parseInt(screenId),
|
||||
tableName,
|
||||
companyCode
|
||||
);
|
||||
|
||||
res.json({ success: true, message: "테이블명이 변경되었습니다." });
|
||||
} catch (error) {
|
||||
console.error("테이블명 변경 실패:", error);
|
||||
res.status(500).json({ success: false, message: "테이블명 변경에 실패했습니다." });
|
||||
}
|
||||
};
|
||||
|
||||
// 화면 정보 수정 (메타데이터만)
|
||||
export const updateScreenInfo = async (
|
||||
req: AuthenticatedRequest,
|
||||
@@ -170,6 +232,8 @@ export const updateScreenInfo = async (
|
||||
restApiJsonPath,
|
||||
});
|
||||
|
||||
const beforeScreen = await screenManagementService.getScreenById(parseInt(id));
|
||||
|
||||
await screenManagementService.updateScreenInfo(
|
||||
parseInt(id),
|
||||
{
|
||||
@@ -186,6 +250,24 @@ export const updateScreenInfo = async (
|
||||
},
|
||||
companyCode
|
||||
);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode,
|
||||
userId: (req.user as any)?.userId || "",
|
||||
userName: (req.user as any)?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "SCREEN",
|
||||
resourceId: id,
|
||||
resourceName: screenName,
|
||||
summary: `화면 "${screenName}" 정보 수정`,
|
||||
changes: {
|
||||
before: { screenName: beforeScreen?.screenName, tableName: beforeScreen?.tableName, description: beforeScreen?.description, isActive: beforeScreen?.isActive },
|
||||
after: { screenName, tableName, description, isActive },
|
||||
},
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({ success: true, message: "화면 정보가 수정되었습니다." });
|
||||
} catch (error) {
|
||||
console.error("화면 정보 수정 실패:", error);
|
||||
@@ -227,6 +309,9 @@ export const deleteScreen = async (
|
||||
const { companyCode, userId } = req.user as any;
|
||||
const { deleteReason, force } = req.body;
|
||||
|
||||
const screenInfo = await screenManagementService.getScreenById(parseInt(id));
|
||||
const screenName = screenInfo?.screenName || "";
|
||||
|
||||
await screenManagementService.deleteScreen(
|
||||
parseInt(id),
|
||||
companyCode,
|
||||
@@ -234,6 +319,21 @@ export const deleteScreen = async (
|
||||
deleteReason,
|
||||
force || false
|
||||
);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode,
|
||||
userId: userId || "",
|
||||
userName: (req.user as any)?.userName || "",
|
||||
action: "DELETE",
|
||||
resourceType: "SCREEN",
|
||||
resourceId: id,
|
||||
resourceName: screenName,
|
||||
summary: `화면(ID:${id}, ${screenName}) 삭제 (사유: ${deleteReason || "없음"})`,
|
||||
changes: { before: { deleteReason, force } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({ success: true, message: "화면이 휴지통으로 이동되었습니다." });
|
||||
} catch (error: any) {
|
||||
console.error("화면 삭제 실패:", error);
|
||||
@@ -513,6 +613,20 @@ export const copyScreenWithModals = async (
|
||||
modalScreens: modalScreens || [],
|
||||
});
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: targetCompanyCode || companyCode,
|
||||
userId: userId || "",
|
||||
userName: (req.user as any)?.userName || "",
|
||||
action: "COPY",
|
||||
resourceType: "SCREEN",
|
||||
resourceId: id,
|
||||
resourceName: mainScreen?.screenName,
|
||||
summary: `화면 일괄 복사 (메인 1개 + 모달 ${result.modalScreens.length}개, 원본 ID:${id})`,
|
||||
changes: { after: { sourceScreenId: id, targetCompanyCode, mainScreenName: mainScreen?.screenName } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
data: result,
|
||||
@@ -548,6 +662,20 @@ export const copyScreen = async (
|
||||
}
|
||||
);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode,
|
||||
userId: userId || "",
|
||||
userName: (req.user as any)?.userName || "",
|
||||
action: "COPY",
|
||||
resourceType: "SCREEN",
|
||||
resourceId: String(copiedScreen?.id || ""),
|
||||
resourceName: screenName,
|
||||
summary: `화면 "${screenName}" 복사 (원본 ID:${id})`,
|
||||
changes: { after: { sourceScreenId: id, screenName, screenCode } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
data: copiedScreen,
|
||||
@@ -647,6 +775,21 @@ export const saveLayout = async (req: AuthenticatedRequest, res: Response) => {
|
||||
layoutData,
|
||||
companyCode
|
||||
);
|
||||
|
||||
const screenInfo = await screenManagementService.getScreenById(parseInt(screenId));
|
||||
auditLogService.log({
|
||||
companyCode,
|
||||
userId: (req.user as any)?.userId || "",
|
||||
userName: (req.user as any)?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "SCREEN_LAYOUT",
|
||||
resourceId: screenId,
|
||||
resourceName: screenInfo?.screenName || "",
|
||||
summary: `화면(ID:${screenId}, ${screenInfo?.screenName || ""}) 레이아웃 저장`,
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({ success: true, data: savedLayout });
|
||||
} catch (error) {
|
||||
console.error("레이아웃 저장 실패:", error);
|
||||
@@ -723,6 +866,21 @@ export const saveLayoutV2 = async (req: AuthenticatedRequest, res: Response) =>
|
||||
layoutData,
|
||||
companyCode
|
||||
);
|
||||
|
||||
const screenInfo = await screenManagementService.getScreenById(parseInt(screenId));
|
||||
auditLogService.log({
|
||||
companyCode,
|
||||
userId: (req.user as any)?.userId || "",
|
||||
userName: (req.user as any)?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "SCREEN_LAYOUT",
|
||||
resourceId: screenId,
|
||||
resourceName: screenInfo?.screenName || "",
|
||||
summary: `화면(ID:${screenId}, ${screenInfo?.screenName || ""}) V2 레이아웃 저장`,
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({ success: true, message: "V2 레이아웃이 저장되었습니다." });
|
||||
} catch (error) {
|
||||
console.error("V2 레이아웃 저장 실패:", error);
|
||||
@@ -895,6 +1053,21 @@ export const saveLayoutPop = async (req: AuthenticatedRequest, res: Response) =>
|
||||
companyCode,
|
||||
userId
|
||||
);
|
||||
|
||||
const screenInfo = await screenManagementService.getScreenById(parseInt(screenId));
|
||||
auditLogService.log({
|
||||
companyCode,
|
||||
userId: userId || "",
|
||||
userName: (req.user as any)?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "SCREEN_LAYOUT",
|
||||
resourceId: screenId,
|
||||
resourceName: screenInfo?.screenName || "",
|
||||
summary: `화면(ID:${screenId}, ${screenInfo?.screenName || ""}) POP 레이아웃 저장`,
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({ success: true, message: "POP 레이아웃이 저장되었습니다." });
|
||||
} catch (error) {
|
||||
console.error("POP 레이아웃 저장 실패:", error);
|
||||
|
||||
@@ -12,7 +12,8 @@ import {
|
||||
ColumnListResponse,
|
||||
ColumnSettingsResponse,
|
||||
} from "../types/tableManagement";
|
||||
import { query } from "../database/db"; // 🆕 query 함수 import
|
||||
import { query } from "../database/db";
|
||||
import { auditLogService } from "../services/auditLogService";
|
||||
|
||||
/**
|
||||
* 테이블 목록 조회
|
||||
@@ -962,6 +963,21 @@ export async function addTableData(
|
||||
|
||||
logger.info(`테이블 데이터 추가 완료: ${tableName}, id: ${result.insertedId}`);
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "CREATE",
|
||||
resourceType: "DATA",
|
||||
resourceId: result.insertedId || "",
|
||||
resourceName: tableName,
|
||||
tableName,
|
||||
summary: `${tableName} 데이터 추가`,
|
||||
changes: { after: data },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
const response: ApiResponse<{ id: string | null }> = {
|
||||
success: true,
|
||||
message: "테이블 데이터를 성공적으로 추가했습니다.",
|
||||
@@ -1080,6 +1096,16 @@ export async function editTableData(
|
||||
return;
|
||||
}
|
||||
|
||||
// 변경된 필드만 추출
|
||||
const changedBefore: Record<string, any> = {};
|
||||
const changedAfter: Record<string, any> = {};
|
||||
for (const key of Object.keys(updatedData)) {
|
||||
if (String(originalData[key] ?? "") !== String(updatedData[key] ?? "")) {
|
||||
changedBefore[key] = originalData[key];
|
||||
changedAfter[key] = updatedData[key];
|
||||
}
|
||||
}
|
||||
|
||||
// 데이터 수정
|
||||
await tableManagementService.editTableData(
|
||||
tableName,
|
||||
@@ -1089,6 +1115,23 @@ export async function editTableData(
|
||||
|
||||
logger.info(`테이블 데이터 수정 완료: ${tableName}`);
|
||||
|
||||
if (Object.keys(changedAfter).length > 0) {
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "UPDATE",
|
||||
resourceType: "DATA",
|
||||
resourceId: originalData.id?.toString() || "",
|
||||
resourceName: tableName,
|
||||
tableName,
|
||||
summary: `${tableName} 데이터 수정`,
|
||||
changes: { before: changedBefore, after: changedAfter },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
}
|
||||
|
||||
const response: ApiResponse<null> = {
|
||||
success: true,
|
||||
message: "테이블 데이터를 성공적으로 수정했습니다.",
|
||||
@@ -1406,6 +1449,22 @@ export async function deleteTableData(
|
||||
`테이블 데이터 삭제 완료: ${tableName}, ${deletedCount}건 삭제`
|
||||
);
|
||||
|
||||
const deleteItems = Array.isArray(data) ? data : [data];
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: "DELETE",
|
||||
resourceType: "DATA",
|
||||
resourceId: deleteItems[0]?.id?.toString() || "",
|
||||
resourceName: tableName,
|
||||
tableName,
|
||||
summary: `${tableName} 데이터 삭제 (${deletedCount}건)`,
|
||||
changes: { before: { deletedCount, items: deleteItems.length } },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
const response: ApiResponse<{ deletedCount: number }> = {
|
||||
success: true,
|
||||
message: `테이블 데이터를 성공적으로 삭제했습니다. (${deletedCount}건)`,
|
||||
@@ -2285,6 +2344,21 @@ export async function multiTableSave(
|
||||
subTableResultsCount: subTableResults.length,
|
||||
});
|
||||
|
||||
auditLogService.log({
|
||||
companyCode: req.user?.companyCode || "",
|
||||
userId: req.user?.userId || "",
|
||||
userName: req.user?.userName || "",
|
||||
action: isUpdate ? "UPDATE" : "CREATE",
|
||||
resourceType: "DATA",
|
||||
resourceId: savedPkValue?.toString() || "",
|
||||
resourceName: mainTableName,
|
||||
tableName: mainTableName,
|
||||
summary: `${mainTableName} 데이터 ${isUpdate ? "수정" : "생성"}${subTableResults.length > 0 ? ` (서브 테이블 ${subTableResults.length}건)` : ""}`,
|
||||
changes: { after: mainData },
|
||||
ipAddress: (req as any).ip,
|
||||
requestPath: req.originalUrl,
|
||||
});
|
||||
|
||||
res.json({
|
||||
success: true,
|
||||
message: "다중 테이블 저장이 완료되었습니다.",
|
||||
|
||||
Reference in New Issue
Block a user