From 8303f6fd40fc43c07d0c63c42dafc40a082d589b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=B9=80=EB=B3=B4=EA=B3=A4?= Date: Mon, 2 Feb 2026 16:58:30 +0900 Subject: [PATCH] =?UTF-8?q?fix:=EC=98=81=EC=97=85=EA=B6=8C=20=EC=82=AD?= =?UTF-8?q?=EC=A0=9C=20=EA=B6=8C=ED=95=9C=EC=9D=84=20admin=EC=9C=BC?= =?UTF-8?q?=EB=A1=9C=20=EC=A0=9C=ED=95=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 뷰에서 삭제 버튼 admin만 표시 - 컨트롤러에서 삭제 권한 체크 추가 Co-Authored-By: Claude Opus 4.5 --- app/Http/Controllers/Sales/TenantProspectController.php | 7 ++++--- resources/views/sales/prospects/index.blade.php | 2 ++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/app/Http/Controllers/Sales/TenantProspectController.php b/app/Http/Controllers/Sales/TenantProspectController.php index b0f7c30a..1a707b45 100644 --- a/app/Http/Controllers/Sales/TenantProspectController.php +++ b/app/Http/Controllers/Sales/TenantProspectController.php @@ -171,9 +171,10 @@ public function destroy(int $id) ->with('error', '이미 테넌트로 전환된 영업권은 삭제할 수 없습니다.'); } - // 본인 또는 관리자만 삭제 가능 - if ($prospect->registered_by !== auth()->id()) { - // TODO: 관리자 권한 체크 추가 + // 관리자만 삭제 가능 + if (!auth()->user()->isAdmin()) { + return redirect()->route('sales.prospects.index') + ->with('error', '삭제 권한이 없습니다. 본사 운영팀에 문의하세요.'); } $prospect->delete(); diff --git a/resources/views/sales/prospects/index.blade.php b/resources/views/sales/prospects/index.blade.php index d36c66ba..02f7a34d 100644 --- a/resources/views/sales/prospects/index.blade.php +++ b/resources/views/sales/prospects/index.blade.php @@ -117,6 +117,7 @@ class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:outline-none foc @if(!$prospect->isConverted()) + @if(auth()->user()->isAdmin())
@csrf @@ -124,6 +125,7 @@ class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:outline-none foc
@endif + @endif @empty