chpark/vexplor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance SUPER_ADMIN middleware and permission utility for improved access control

Browse Source 
- Updated the `requireSuperAdmin` middleware to allow users with `userType` as 'SUPER_ADMIN' to access management functionalities, even if their `companyCode` is not '*'.
- Modified the `isSuperAdmin` utility function to recognize users as SUPER_ADMIN based solely on their `userType`, simplifying the access validation logic.
- These changes ensure that SUPER_ADMIN users maintain their management capabilities across company transitions, enhancing the flexibility and security of the application.
This commit is contained in:
kjs
2026-04-02 10:05:38 +09:00
parent 775d698d06
commit d8aaacb8f7
2 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
backend-node/src/utils/permissionUtils.ts
View File

@@ -21,7 +21,8 @@ export enum PermissionLevel {
*/
export function isSuperAdmin(user?: PersonBean | null): boolean {
if (!user) return false;
return user.companyCode === "*" && user.userType === "SUPER_ADMIN";
// 회사전환 후에도 userType이 SUPER_ADMIN이면 최고관리자로 인정
return user.userType === "SUPER_ADMIN";
}
/**