From 524f1cf0fc38eb6a64f4113f709c2787a887e4fd Mon Sep 17 00:00:00 2001
From: kent <shine1324@gmail.com>
Date: Wed, 14 Jan 2026 17:32:27 +0900
Subject: [PATCH] =?UTF-8?q?fix(API):=20=EC=A7=81=EC=9B=90=20=EB=93=B1?=
 =?UTF-8?q?=EB=A1=9D=20=EC=84=9C=EB=B2=84=20=EC=97=90=EB=9F=AC=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- User 모델 $fillable에 is_active, created_by, updated_by 추가
- EmployeeService 이중 비밀번호 해싱 제거 (모델 hashed 캐스트 활용)
- create_account 플래그 의존성 제거 (password 있으면 계정 생성)

Fixes: employee-register E2E test failure

Co-Authored-By: Claude <noreply@anthropic.com>
---
 app/Models/Members/User.php      |  3 +++
 app/Services/EmployeeService.php | 13 +++++--------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/app/Models/Members/User.php b/app/Models/Members/User.php
index 8ba42bb..741d92c 100644
--- a/app/Models/Members/User.php
+++ b/app/Models/Members/User.php
@@ -30,6 +30,9 @@ class User extends Authenticatable
         'password',
         'options',
         'profile_photo_path',
+        'is_active',
+        'created_by',
+        'updated_by',
     ];
 
     protected $casts = [
diff --git a/app/Services/EmployeeService.php b/app/Services/EmployeeService.php
index 1ab46a8..94f6d7f 100644
--- a/app/Services/EmployeeService.php
+++ b/app/Services/EmployeeService.php
@@ -6,7 +6,6 @@
 use App\Models\Tenants\TenantUserProfile;
 use Illuminate\Contracts\Pagination\LengthAwarePaginator;
 use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Str;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 
@@ -100,12 +99,9 @@ public function store(array $data): TenantUserProfile
         $userId = $this->apiUserId();
 
         return DB::transaction(function () use ($data, $tenantId, $userId) {
-            // 1. 비밀번호 결정: create_account=false면 NULL (사원 전용, 로그인 불가)
-            $password = null;
-            $createAccount = $data['create_account'] ?? false;
-            if ($createAccount && ! empty($data['password'])) {
-                $password = Hash::make($data['password']);
-            }
+            // 1. 비밀번호 결정: password가 있으면 시스템 계정 생성
+            // User 모델에 'password' => 'hashed' 캐스트가 있으므로 Hash::make() 불필요
+            $password = ! empty($data['password']) ? $data['password'] : null;
 
             // 2. users 테이블에 사용자 생성
             $user = User::create([
@@ -333,8 +329,9 @@ public function createAccount(int $id, string $password): TenantUserProfile
             throw new NotFoundHttpException(__('error.not_found'));
         }
 
+        // User 모델에 'password' => 'hashed' 캐스트가 있으므로 Hash::make() 불필요
         $profile->user->update([
-            'password' => Hash::make($password),
+            'password' => $password,
             'must_change_password' => true,
             'updated_by' => $userId,
         ]);