SamProject/sam-manage
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
049fa7ed61bf94f9385a08b93cc1e95d74ae5371
sam-manage/resources/views/users/partials/table.blade.php
kent 049fa7ed61 feat: [users] 슈퍼관리자 보호 기능 구현 
- 일반관리자가 슈퍼관리자 수정/삭제 불가
- API Controller: update/destroy에서 403 반환
- Web Controller: edit에서 403 abort
- FormRequest: is_super_admin 필드 강제/유지 처리
- View: 테이블, 모달, 생성/수정 폼에서 버튼/체크박스 숨김

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-30 23:10:07 +09:00

131 lines
7.6 KiB
PHP
Raw Blame History

<div class="bg-white rounded-lg shadow-sm overflow-hidden">
<table class="w-full">
<thead class="bg-gray-50 border-b">
<tr>
<th class="px-6 py-3 text-left text-sm font-semibold text-gray-700 uppercase tracking-wider">ID</th>
<th class="px-6 py-3 text-left text-sm font-semibold text-gray-700 uppercase tracking-wider">이름</th>
<th class="px-6 py-3 text-left text-sm font-semibold text-gray-700 uppercase tracking-wider">이메일</th>
<th class="px-6 py-3 text-left text-sm font-semibold text-gray-700 uppercase tracking-wider">부서</th>
<th class="px-6 py-3 text-left text-sm font-semibold text-gray-700 uppercase tracking-wider">역할</th>
<th class="px-6 py-3 text-left text-sm font-semibold text-gray-700 uppercase tracking-wider">상태</th>
<th class="px-6 py-3 text-left text-sm font-semibold text-gray-700 uppercase tracking-wider">작업</th>
</tr>
</thead>
<tbody class="bg-white divide-y divide-gray-200">
@forelse($users as $user)
<tr class="{{ $user->deleted_at ? 'bg-gray-100' : '' }} hover:bg-gray-50 cursor-pointer"
onclick="UserModal.open({{ $user->id }})"
data-user-id="{{ $user->id }}">
<td class="px-6 py-4 whitespace-nowrap text-sm text-gray-900">
{{ $user->user_id ?? '-' }}
</td>
<td class="px-6 py-4 whitespace-nowrap">
<div class="text-sm font-medium text-gray-900 cursor-pointer hover:text-blue-600"
data-context-menu="user"
data-entity-id="{{ $user->id }}"
data-entity-name="{{ $user->name }}"
title="우클릭하여 메뉴 열기"
onclick="event.stopPropagation()">
{{ $user->name }}
</div>
@if($user->is_super_admin && auth()->user()?->is_super_admin)
<span class="text-xs text-red-600 font-semibold">슈퍼 관리자</span>
@endif
</td>
<td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
{{ $user->email }}
</td>
<td class="px-6 py-4 text-sm text-gray-500">
@if($user->departmentUsers && $user->departmentUsers->count() > 0)
<div class="flex flex-wrap gap-1">
@foreach($user->departmentUsers as $du)
<span class="px-1.5 py-0.5 text-xs rounded {{ $du->is_primary ? 'bg-green-100 text-green-700' : 'bg-gray-100 text-gray-600' }}">
{{ $du->department?->name ?? '-' }}
</span>
@endforeach
</div>
@else
<span class="text-gray-400">-</span>
@endif
</td>
<td class="px-6 py-4 text-sm text-gray-500">
@if($user->userRoles && $user->userRoles->count() > 0)
<div class="flex flex-wrap gap-1">
@foreach($user->userRoles as $ur)
<div class="px-2 py-1 rounded {{ $ur->role?->guard_name === 'web' ? 'bg-blue-50 border border-blue-200' : 'bg-purple-50 border border-purple-200' }}">
<div class="text-xs font-medium {{ $ur->role?->guard_name === 'web' ? 'text-blue-700' : 'text-purple-700' }}">
{{ $ur->role?->name ?? '-' }}
</div>
@if($ur->role?->description)
<div class="text-[10px] text-gray-500 leading-tight">{{ $ur->role->description }}</div>
@endif
</div>
@endforeach
</div>
@else
<span class="text-gray-400">-</span>
@endif
</td>
<td class="px-6 py-4 whitespace-nowrap">
@if($user->is_active)
<span class="px-2 inline-flex text-xs leading-5 font-semibold rounded-full bg-green-100 text-green-800">
활성
</span>
@else
<span class="px-2 inline-flex text-xs leading-5 font-semibold rounded-full bg-gray-100 text-gray-800">
비활성
</span>
@endif
</td>
<td class="px-6 py-4 whitespace-nowrap text-sm font-medium" onclick="event.stopPropagation()">
@php
// 슈퍼관리자 보호: 일반관리자가 슈퍼관리자를 수정/삭제할 수 없음
$canModify = ! $user->is_super_admin || auth()->user()?->is_super_admin;
@endphp
@if($user->deleted_at)
<!-- 삭제된 항목 - 슈퍼관리자만 복구/영구삭제 가능 -->
@if(auth()->user()?->is_super_admin)
<button onclick="confirmRestore({{ $user->id }}, '{{ $user->name }}')"
class="text-green-600 hover:text-green-900 mr-3">
복원
</button>
<button onclick="confirmForceDelete({{ $user->id }}, '{{ $user->name }}')"
class="text-red-600 hover:text-red-900">
영구삭제
</button>
@else
<span class="text-gray-400 text-xs">삭제됨</span>
@endif
@elseif($canModify)
<!-- 활성 항목 (수정 가능한 경우만) -->
<a href="{{ route('users.edit', $user->id) }}"
onclick="event.stopPropagation()"
class="text-blue-600 hover:text-blue-900 mr-3">
수정
</a>
<button onclick="confirmDelete({{ $user->id }}, '{{ $user->name }}')" class="text-red-600 hover:text-red-900">
삭제
</button>
@else
<!-- 슈퍼관리자 - 일반관리자는 수정/삭제 불가 -->
<span class="text-gray-400 text-xs">수정 불가</span>
@endif
</td>
</tr>
@empty
<tr>
<td colspan="7" class="px-6 py-4 text-center text-gray-500">
사용자가 없습니다.
</td>
</tr>
@endforelse
</tbody>
</table>
</div>
<!-- 페이지네이션 -->
@include('partials.pagination', [
'paginator' => $users,
'target' => '#user-table',
'includeForm' => '#filterForm'
])
Reference in New Issue View Git Blame Copy Permalink