feat(API): 역할/권한 관리 API 개선

- RoleController: 역할 CRUD API 개선 - RolePermissionController: 역할별 권한 설정 API 추가 - RoleService/RolePermissionService: 비즈니스 로직 분리 - Role 모델: is_hidden 필드 추가 (시스템 역할 숨김) - 역할 숨김 마이그레이션 추가 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-30 17:24:19 +09:00
parent e1d0681f55
commit 08c9a74cbc
6 changed files with 571 additions and 13 deletions
--- a/app/Services/Authz/RoleService.php
+++ b/app/Services/Authz/RoleService.php
@@ -22,8 +22,10 @@ public static function index(array $params = [])

        $query = Role::query()
            ->where('tenant_id', $tenantId)
-            ->where('guard_name', self::$guard);
+            ->where('guard_name', self::$guard)
+            ->withCount(['permissions', 'users']);

+        // 검색 필터
        if ($q !== '') {
            $query->where(function ($w) use ($q) {
                $w->where('name', 'like', "%{$q}%")
@@ -31,6 +33,12 @@ public static function index(array $params = [])
            });
        }

+        // 숨김 상태 필터
+        if (isset($params['is_hidden'])) {
+            $isHidden = filter_var($params['is_hidden'], FILTER_VALIDATE_BOOLEAN);
+            $query->where('is_hidden', $isHidden);
+        }
+
        $list = $query->orderByDesc('id')
            ->paginate($size, ['*'], 'page', $page);

@@ -41,6 +49,7 @@ public static function index(array $params = [])
    public static function store(array $params = [])
    {
        $tenantId = (int) app('tenant_id');
+        $userId = app('api_user');

        $v = Validator::make($params, [
            'name' => [
@@ -50,6 +59,7 @@ public static function store(array $params = [])
                    ->where('guard_name', self::$guard)),
            ],
            'description' => 'nullable|string|max:255',
+            'is_hidden' => 'sometimes|boolean',
        ]);

        if ($v->fails()) {
@@ -64,9 +74,11 @@ public static function store(array $params = [])
            'guard_name' => self::$guard,
            'name' => $v->validated()['name'],
            'description' => $params['description'] ?? null,
+            'is_hidden' => $params['is_hidden'] ?? false,
+            'created_by' => $userId,
        ]);

-        return $role;
+        return $role->loadCount(['permissions', 'users']);
    }

    /** 단건 */
@@ -76,6 +88,7 @@ public static function show(int $id)

        $role = Role::where('tenant_id', $tenantId)
            ->where('guard_name', self::$guard)
+            ->withCount(['permissions', 'users'])
            ->find($id);

        if (! $role) {
@@ -89,6 +102,7 @@ public static function show(int $id)
    public static function update(int $id, array $params = [])
    {
        $tenantId = (int) app('tenant_id');
+        $userId = app('api_user');

        $role = Role::where('tenant_id', $tenantId)
            ->where('guard_name', self::$guard)
@@ -106,21 +120,26 @@ public static function update(int $id, array $params = [])
                    ->ignore($role->id),
            ],
            'description' => 'sometimes|nullable|string|max:255',
+            'is_hidden' => 'sometimes|boolean',
        ]);

        if ($v->fails()) {
            return ['error' => $v->errors()->first(), 'code' => 422];
        }

-        $role->fill($v->validated())->save();
+        $updateData = $v->validated();
+        $updateData['updated_by'] = $userId;

-        return $role->fresh();
+        $role->fill($updateData)->save();
+
+        return $role->fresh()->loadCount(['permissions', 'users']);
    }

-    /** 삭제 (하드삭제) */
+    /** 삭제 (Soft Delete) */
    public static function destroy(int $id)
    {
        $tenantId = (int) app('tenant_id');
+        $userId = app('api_user');

        $role = Role::where('tenant_id', $tenantId)
            ->where('guard_name', self::$guard)
@@ -130,10 +149,43 @@ public static function destroy(int $id)
            return ['error' => '역할을 찾을 수 없습니다.', 'code' => 404];
        }

-        DB::transaction(function () use ($role) {
-            $role->delete(); // Spatie Role 기본: soft delete 없음
+        DB::transaction(function () use ($role, $userId) {
+            // 권한 연결 해제
+            $role->permissions()->detach();
+
+            // Soft Delete
+            $role->update(['deleted_by' => $userId]);
+            $role->delete();
        });

        return 'success';
    }
+
+    /** 통계 조회 */
+    public static function stats()
+    {
+        $tenantId = (int) app('tenant_id');
+
+        $baseQuery = Role::where('tenant_id', $tenantId)
+            ->where('guard_name', self::$guard);
+
+        return [
+            'total' => (clone $baseQuery)->count(),
+            'visible' => (clone $baseQuery)->where('is_hidden', false)->count(),
+            'hidden' => (clone $baseQuery)->where('is_hidden', true)->count(),
+            'with_users' => (clone $baseQuery)->has('users')->count(),
+        ];
+    }
+
+    /** 활성 역할 목록 (드롭다운용) */
+    public static function active()
+    {
+        $tenantId = (int) app('tenant_id');
+
+        return Role::where('tenant_id', $tenantId)
+            ->where('guard_name', self::$guard)
+            ->where('is_hidden', false)
+            ->orderBy('name')
+            ->get(['id', 'name', 'description']);
+    }
 }