From abf13b7a2a2f3d2d17acc8fcb4c7c7419dea7cf0 Mon Sep 17 00:00:00 2001 From: kimbokon Date: Sun, 4 Jan 2026 17:52:14 +0900 Subject: [PATCH] =?UTF-8?q?=EC=9A=B4=EC=98=81=ED=8C=80=20=EB=93=B1?= =?UTF-8?q?=EB=A1=9D=20=ED=85=8C=EB=84=8C=ED=8A=B8=20=EC=88=98=EC=A0=95=20?= =?UTF-8?q?=EB=B0=8F=20=EC=82=AD=EC=A0=9C=20=EA=B8=88=EC=A7=80=20=EA=B8=B0?= =?UTF-8?q?=EB=8A=A5=20=EA=B5=AC=ED=98=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- salesmanagement/api/sales_tenants.php | 22 ++++++++++++-- salesmanagement/index.php | 41 ++++++++++++++++----------- 2 files changed, 44 insertions(+), 19 deletions(-) diff --git a/salesmanagement/api/sales_tenants.php b/salesmanagement/api/sales_tenants.php index ae28710..7015450 100644 --- a/salesmanagement/api/sales_tenants.php +++ b/salesmanagement/api/sales_tenants.php @@ -150,7 +150,7 @@ try { // 운영자는 모든 테넌트, 영업관리/매니저는 본인 소속 테넌트만 if ($currentUser['role'] === 'operator') { $stmt = $pdo->prepare(" - SELECT t.*, m.name as register_name, m2.name as manager_name, m2.role as manager_role + SELECT t.*, m.name as register_name, m.role as register_role, m2.name as manager_name, m2.role as manager_role FROM sales_tenants t JOIN sales_member m ON t.manager_id = m.id LEFT JOIN sales_member m2 ON t.sales_manager_id = m2.id @@ -161,7 +161,7 @@ try { if ($currentUser['role'] === 'manager') { // 매니저는 본인이 담당 매니저로 배정된 테넌트만 조회 $stmt = $pdo->prepare(" - SELECT t.*, m.name as register_name, m2.name as manager_name, m2.role as manager_role + SELECT t.*, m.name as register_name, m.role as register_role, m2.name as manager_name, m2.role as manager_role FROM sales_tenants t JOIN sales_member m ON t.manager_id = m.id LEFT JOIN sales_member m2 ON t.sales_manager_id = m2.id @@ -172,7 +172,7 @@ try { } else { // 영업관리자는 본인이 영업했거나, 본인이 매니저로 배정된 테넌트 조회 $stmt = $pdo->prepare(" - SELECT t.*, m.name as register_name, m2.name as manager_name, m2.role as manager_role + SELECT t.*, m.name as register_name, m.role as register_role, m2.name as manager_name, m2.role as manager_role FROM sales_tenants t JOIN sales_member m ON t.manager_id = m.id LEFT JOIN sales_member m2 ON t.sales_manager_id = m2.id @@ -509,6 +509,14 @@ try { $tenant_id = $data['id'] ?? null; if (!checkTenantPermission($pdo, $tenant_id, $currentUser)) throw new Exception("권한이 없습니다."); + // 운영팀 등록 여부 확인 + $stmtCheck = $pdo->prepare("SELECT m.role FROM sales_tenants t JOIN sales_member m ON t.manager_id = m.id WHERE t.id = ?"); + $stmtCheck->execute([$tenant_id]); + $reg = $stmtCheck->fetch(); + if ($reg && $reg['role'] === 'operator' && $currentUser['role'] !== 'operator') { + throw new Exception("운영팀에서 등록한 테넌트는 수정할 수 없습니다."); + } + $tenant_name = $data['tenant_name'] ?? ''; $representative = $data['representative'] ?? ''; $business_no = $data['business_no'] ?? ''; @@ -527,6 +535,14 @@ try { } elseif ($action === 'delete_tenant') { $tenant_id = $data['id'] ?? null; if (!checkTenantPermission($pdo, $tenant_id, $currentUser)) throw new Exception("권한이 없습니다."); + + // 운영팀 등록 여부 확인 + $stmtCheck = $pdo->prepare("SELECT m.role FROM sales_tenants t JOIN sales_member m ON t.manager_id = m.id WHERE t.id = ?"); + $stmtCheck->execute([$tenant_id]); + $reg = $stmtCheck->fetch(); + if ($reg && $reg['role'] === 'operator' && $currentUser['role'] !== 'operator') { + throw new Exception("운영팀에서 등록한 테넌트는 삭제할 수 없습니다."); + } // 관련 데이터 삭제 (계약, 시나리오, 상담기록) $pdo->prepare("DELETE FROM sales_tenant_products WHERE tenant_id = ?")->execute([$tenant_id]); diff --git a/salesmanagement/index.php b/salesmanagement/index.php index 5020026..d6c6517 100644 --- a/salesmanagement/index.php +++ b/salesmanagement/index.php @@ -3403,22 +3403,31 @@ )} -
- - -
+ {!(t.register_role === 'operator' && currentRole !== '운영자') && ( +
+ + +
+ )} + {t.register_role === 'operator' && currentRole !== '운영자' && ( +
+
+ +
+
+ )}