18 Commits

Author SHA1 Message Date
Rinjae 4395757d98 사용자 최근 작성 글 조회 기능 추가:
eapim-portal CI / build (push) Waiting to run
eapim-portal Test / test (push) Waiting to run
- 최근 3건 조회 서비스/페이사드/리포지토리 구현
- HTML 아코디언 UI 및 스타일 추가
2026-07-13 17:27:06 +09:00
Rinjae 778d579ada # Conflicts:
eapim-portal CI / build (push) Waiting to run
eapim-portal Test / test (push) Waiting to run
#	src/main/resources/static/css/main.css.map
2026-07-13 13:29:54 +09:00
Rinjae 3e403788e5 비운영 환경 Hibernate SQL 로그 비활성화:
eapim-portal CI / build (push) Waiting to run
eapim-portal Test / test (push) Waiting to run
- show_sql, format_sql 설정 false로 수정
2026-07-13 11:50:01 +09:00
Rinjae 6c5ba6765d 조회수 비정상 증가 방지 로직 추가
eapim-portal CI / build (push) Waiting to run
eapim-portal Test / test (push) Waiting to run
- sessionStorage 활용 중복 증가 억제
- CSRF 토큰 기반 조회수 증가 API 호출 처리
2026-07-13 11:37:06 +09:00
Rinjae a97378b84d Q&A 문의 공개범위 기능 추가
eapim-portal CI / build (push) Waiting to run
eapim-portal Test / test (push) Waiting to run
- 공개범위 설정 기능 개발(ALL/ORG/PRIVATE) - 게시물/댓글 정교화
- 요청 및 DB 처리 확장 - UI, DTO, Service 계층 업데이트
- 감사 로그 및 조회수 처리 로직 추가
2026-07-13 11:32:34 +09:00
Rinjae 9c01db9d00 weblogic.xml 업데이트
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- XML 태그 단순화 및 불필요한 속성 제거
- session-descriptor에 cookie-name 추가
2026-07-10 17:48:34 +09:00
Rinjae 08bd705dec 세션 유지 기능 추가 및 FAQ 관리 개선:
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- 비운영 환경 + DB 설정 활성 시 세션 유지(타임아웃 무시) 지원
- FAQ 단건 조회 API 추가 (`FaqFacade`, `FaqFacadeImpl`)
- 헤더 세션 타이머 UI 개선 및 유지 옵션 체크박스 추가
2026-07-10 16:36:19 +09:00
Rinjae 99f765507b 세션 유지 기능 추가 및 FAQ 관리 개선:
- 비운영 환경 + DB 설정 활성 시 세션 유지(타임아웃 무시) 지원
- FAQ 단건 조회 API 추가 (`FaqFacade`, `FaqFacadeImpl`)
- 헤더 세션 타이머 UI 개선 및 유지 옵션 체크박스 추가
2026-07-10 16:36:11 +09:00
Rinjae 7d6aabe122 문의 상태값 'REVIEWING' 추가:
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- 상태 코드/배지 지원 로직(DjbInquiryStatus) 반영
- Inquiry 댓글 작성자명 관리자 구분 로직 수정
2026-07-10 14:36:23 +09:00
Rinjae f08da86eb3 - Jenkinsfile 경로 수정: WL_HOME, WL_DEPLOY_DIR 디렉토리 변경
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- credentialDetail.html: 비밀값 1회 표시 경고 메시지 추가
2026-07-09 15:26:01 +09:00
Rinjae 2a2505d5f7 관리자 게이트웨이 연동 및 보안 기능 추가:
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- AdminGatewayClient 클래스 추가: GW 인증 차단/리로드 처리
- Client Secret 1회 노출+삭제 로직(AppServiceFacade, MyAppController) 추가
- credentialDetail.html에 비밀정보 분실 대응 UI 및 JS 로직 구현
2026-07-08 18:34:33 +09:00
Rinjae cad574324e Jenkinsfile 개선:
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- skipDefaultCheckout 옵션 추가 (Deploy 노드 Git 접근 불필요)
2026-07-06 21:05:00 +09:00
Rinjae 4b4ef4196e Jenkinsfile 개선:
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- eapim-portal.war 해시 생성 방식 단순화 (sha256만 유지)
- archiveArtifacts 대상 및 스탠징 파일 축소
2026-07-06 20:49:10 +09:00
Rinjae 5402a5354a Jenkinsfile 개선:
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- 빌드 및 배포 환경을 WebLogic으로 변경
- 다단계 파이프라인 구성 정비 및 에이전트 설정 추가
2026-07-06 20:42:14 +09:00
Rinjae c5b23c3873 PortalProperty 부팅 시 중복키 점검 기능 추가
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- (PROPERTY_GROUP_NAME, PROPERTY_NAME) 유일성 검증
- 중복 발견 시 ERROR 로그 출력 및 수동 정리 안내
- JSESSIONID 쿠키 이름 변경 (PORTAL_JSESSIONID → JSESSIONID_PORTAL)
2026-07-06 17:47:48 +09:00
Rinjae 83d267faed 클라이언트 하드닝 기능 추가:
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- DevTools 감지 및 화면 삭제, 우클릭 차단 기능 구현
- PortalProperty 기반 설정 관리 서비스 추가
- 클라이언트 가드 스크립트 및 토글 로직 템플릿 연동
2026-07-06 15:32:18 +09:00
Rinjae b02e598d62 수수료 관리 기능 제거:
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- 관련 Controller, DTO 클래스 삭제
- commissionManage.html 및 스타일 파일 제거
2026-07-03 18:30:34 +09:00
Rinjae 4f9fbefbcc OAuth2 가이드 문서 업데이트:
eapim-portal CI / build (push) Has been cancelled
eapim-portal Test / test (push) Has been cancelled
- 인증 헤더 `X-AUTH-TOKEN`으로 변경
- `scope` 필수값 "api"로 수정
- 오류 코드 및 설명 표준화 (`E.GW.AUTH_FAIL`)
2026-07-01 15:58:21 +09:00
80 changed files with 1901 additions and 2772 deletions
+124 -185
View File
@@ -1,220 +1,159 @@
pipeline {
agent { label 'djb-vm' }
agent none
options {
timestamps()
disableConcurrentBuilds()
skipDefaultCheckout() // stage별 agent의 자동 SCM checkout 방지 (Deploy 노드는 git 접근 불필요, unstash로만 WAR 수신)
buildDiscarder(logRotator(numToKeepStr: '20', artifactNumToKeepStr: '20'))
}
environment {
JAVA_HOME = '/apps/opts/jdk8'
JAVA_HOME_TOMCAT = '/apps/opts/jdk17'
GRADLE_HOME = '/apps/opts/gradle-8.7'
GRADLE_USER_HOME = '/apps/opts/gradle-home'
NODE_HOME = '/apps/opts/node-v24'
PATH = "/apps/opts/jdk8/bin:/apps/opts/gradle-8.7/bin:/apps/opts/node-v24/bin:/apps/opts/bin:${env.PATH}"
GIT_SSH_COMMAND = 'ssh -o StrictHostKeyChecking=accept-new'
CATALINA_BASE = '/prod/eapim/devportal'
CATALINA_HOME = '/prod/eapim/apache-tomcat-9.0.116'
CATALINA_PID = '/prod/eapim/devportal/temp/catalina.pid'
DEPLOY_HTTP_PORT = '39130'
WEBHOOK_URL = 'http://172.30.1.50:18000/api/hooks/01ba51b01d3c4c98ae8f3183a23a84ed713197857d024b5da4f303458195eb32'
}
stages {
stage('Checkout') {
steps {
checkout scm
stage('Build (djb-vm)') {
agent { label 'djb-vm' }
environment {
JAVA_HOME = '/apps/opts/jdk8'
GRADLE_HOME = '/apps/opts/gradle-8.7'
GRADLE_USER_HOME = '/apps/opts/gradle-home'
NODE_HOME = '/apps/opts/node-v24'
PATH = "/apps/opts/jdk8/bin:/apps/opts/gradle-8.7/bin:/apps/opts/node-v24/bin:/apps/opts/bin:${env.PATH}"
}
}
stage('Checkout dependencies') {
steps {
sh '''
set -eu
cd "$WORKSPACE/.."
if [ ! -d elink-portal-common/.git ]; then
rm -rf elink-portal-common
git clone --depth=1 --branch master \
ssh://git@172.30.1.50:2222/djb-eapim/elink-portal-common.git \
elink-portal-common
else
git -C elink-portal-common fetch --depth=1 origin master
git -C elink-portal-common reset --hard origin/master
git -C elink-portal-common clean -fdx
fi
mkdir -p eapim-online
if [ ! -d eapim-online/elink-online-core-jpa/.git ]; then
rm -rf eapim-online/elink-online-core-jpa
git clone --depth=1 --branch master \
ssh://git@172.30.1.50:2222/djb-eapim/elink-online-core-jpa.git \
eapim-online/elink-online-core-jpa
else
git -C eapim-online/elink-online-core-jpa fetch --depth=1 origin master
git -C eapim-online/elink-online-core-jpa reset --hard origin/master
git -C eapim-online/elink-online-core-jpa clean -fdx
fi
'''
}
}
stage('Verify toolchain') {
steps {
sh '''
set -eu
java -version
gradle --version
'''
}
}
stage('Test') {
steps {
sh 'gradle clean test --no-daemon'
}
post {
always {
junit allowEmptyResults: true, testResults: 'build/test-results/test/*.xml'
archiveArtifacts allowEmptyArchive: true, artifacts: 'build/reports/tests/test/**,build/test-results/test/**'
stages {
stage('Checkout') {
steps { checkout scm }
}
stage('Checkout dependencies') {
steps {
sh '''
set -eu
cd "$WORKSPACE/.."
if [ ! -d elink-portal-common/.git ]; then
rm -rf elink-portal-common
git clone --depth=1 --branch master \
ssh://git@172.30.1.50:2222/djb-eapim/elink-portal-common.git elink-portal-common
else
git -C elink-portal-common fetch --depth=1 origin master
git -C elink-portal-common reset --hard origin/master
git -C elink-portal-common clean -fdx
fi
mkdir -p eapim-online
if [ ! -d eapim-online/elink-online-core-jpa/.git ]; then
rm -rf eapim-online/elink-online-core-jpa
git clone --depth=1 --branch master \
ssh://git@172.30.1.50:2222/djb-eapim/elink-online-core-jpa.git eapim-online/elink-online-core-jpa
else
git -C eapim-online/elink-online-core-jpa fetch --depth=1 origin master
git -C eapim-online/elink-online-core-jpa reset --hard origin/master
git -C eapim-online/elink-online-core-jpa clean -fdx
fi
'''
}
}
stage('Verify toolchain') {
steps { sh 'set -eu; java -version; gradle --version' }
}
stage('Test') {
steps { sh 'gradle clean test --no-daemon -Pprofile=weblogic' }
post {
always {
junit allowEmptyResults: true, testResults: 'build/test-results/test/*.xml'
archiveArtifacts allowEmptyArchive: true, artifacts: 'build/reports/tests/test/**,build/test-results/test/**'
}
}
}
stage('Build WAR') {
steps { sh 'gradle build -x test --no-daemon -Pprofile=weblogic' }
post {
success {
sh '''
set -eu
cd build/libs
sha256sum eapim-portal.war > eapim-portal.war.sha256
'''
archiveArtifacts artifacts: 'build/libs/eapim-portal.war,build/libs/eapim-portal.war.sha256', fingerprint: true
stash name: 'war', includes: 'build/libs/eapim-portal.war'
}
}
}
}
}
stage('Build WAR') {
steps {
sh 'gradle build -x test --no-daemon'
stage('Deploy (weblogic)') {
agent { label 'weblogic' }
environment {
JENKINS_NODE_COOKIE = 'dontKillMe' // background weblogic를 빌드 종료 시 죽이지 않게
WL_HOME = '/app/eapim/devportal'
WL_DEPLOY_DIR = '/app/eapim/devportal'
WL_WAR_NAME = 'eapim-portal.war'
WL_HTTP_PORT = '39130'
WL_NOHUP = '/logs/weblogic/domains/eapimDomain/nohup.devSvr11.out'
}
post {
success {
sh '''
set -eu
cd build/libs
for f in eapim-portal.war eapim-portal-boot.war; do
sha1sum "$f" > "$f.sha1"
sha256sum "$f" > "$f.sha256"
md5sum "$f" > "$f.md5"
done
'''
archiveArtifacts artifacts: 'build/libs/eapim-portal.war,build/libs/eapim-portal-boot.war,build/libs/eapim-portal.war.sha1,build/libs/eapim-portal.war.sha256,build/libs/eapim-portal.war.md5,build/libs/eapim-portal-boot.war.sha1,build/libs/eapim-portal-boot.war.sha256,build/libs/eapim-portal-boot.war.md5', fingerprint: true
stages {
stage('Stop WebLogic') {
steps {
sh '"$WL_HOME/stopDev11.sh"' // 동기: 완전 종료까지 블록, 미기동 시에도 안전
}
}
}
}
stage('Deploy WAR') {
steps {
unstash 'war'
sh '''
set -eu
cp build/libs/eapim-portal.war "$WL_DEPLOY_DIR/$WL_WAR_NAME"
ls -la "$WL_DEPLOY_DIR"
'''
}
}
stage('Start WebLogic and readiness') {
steps {
sh '''
set -eu
"$WL_HOME/startDev11.sh" # nohup & 로 백그라운드 기동, 즉시 리턴
stage('Stop Tomcat') {
steps {
sh '''
set +e
systemctl --user stop eapim-portal 2>/dev/null
DEADLINE=$(($(date +%s) + 300))
STATUS=000
while [ "$(date +%s)" -lt "$DEADLINE" ]; do
STATUS=$(curl -sS -o /dev/null -w '%{http_code}' --max-time 3 \
"http://localhost:$WL_HTTP_PORT/health/ready" 2>/dev/null || echo "000")
[ "$STATUS" = "200" ] && { echo "Readiness OK (/health/ready)"; break; }
sleep 3
done
if [ -f "$CATALINA_PID" ] && kill -0 "$(cat "$CATALINA_PID")" 2>/dev/null; then
JAVA_HOME="$JAVA_HOME_TOMCAT" "$CATALINA_HOME/bin/shutdown.sh" 30 -force || true
for i in $(seq 1 30); do
[ -f "$CATALINA_PID" ] && kill -0 "$(cat "$CATALINA_PID")" 2>/dev/null || break
sleep 1
done
fi
rm -f "$CATALINA_PID"
'''
}
}
stage('Deploy ROOT.war') {
steps {
sh '''
set -eu
DEPLOY_DIR="$CATALINA_BASE/webapps"
rm -rf "$DEPLOY_DIR/ROOT" "$DEPLOY_DIR/ROOT.war"
cp build/libs/eapim-portal.war "$DEPLOY_DIR/ROOT.war"
ls -la "$DEPLOY_DIR"
'''
}
}
stage('Start Tomcat and readiness') {
steps {
sh '''
set -eu
LOG="$CATALINA_BASE/logs/catalina.$(date +%Y-%m-%d).log"
BEFORE=0
[ -f "$LOG" ] && BEFORE=$(stat -c %s "$LOG")
systemctl --user start eapim-portal
DEADLINE=$(($(date +%s) + 120))
LIVE_OK=0
STATUS=000
while [ "$(date +%s)" -lt "$DEADLINE" ]; do
if [ "$LIVE_OK" = "0" ]; then
LIVE=$(curl -sS -o /dev/null -w '%{http_code}' --max-time 3 \
"http://localhost:$DEPLOY_HTTP_PORT/health" 2>/dev/null || echo "000")
if [ "$LIVE" = "200" ]; then
echo "Liveness OK (/health)"
LIVE_OK=1
if [ "$STATUS" != "200" ]; then
echo "Readiness failed within 300s, last HTTP=$STATUS"
[ -f "$WL_NOHUP" ] && tail -120 "$WL_NOHUP"
exit 1
fi
fi
if [ "$LIVE_OK" = "1" ]; then
STATUS=$(curl -sS -o /tmp/eapim-ready-body.json -w '%{http_code}' --max-time 3 \
"http://localhost:$DEPLOY_HTTP_PORT/health/ready" 2>/dev/null || echo "000")
if [ "$STATUS" = "200" ]; then
echo "Readiness OK (/health/ready)"
cat /tmp/eapim-ready-body.json
echo
break
fi
fi
if [ -f "$LOG" ] && tail -c +$((BEFORE+1)) "$LOG" | grep -qE "Application listener .* Exception|SEVERE.*startup.Catalina"; then
echo "Startup error detected in log"
tail -c +$((BEFORE+1)) "$LOG" | tail -80
exit 1
fi
sleep 2
done
if [ "$STATUS" != "200" ]; then
echo "Readiness probe failed within 120s, last HTTP status: $STATUS"
[ -f /tmp/eapim-ready-body.json ] && cat /tmp/eapim-ready-body.json && echo
[ -f "$LOG" ] && tail -c +$((BEFORE+1)) "$LOG" | tail -100
exit 1
fi
echo "--- key boot log lines ---"
tail -c +$((BEFORE+1)) "$LOG" | grep -E "Server startup|Deployment of web" | head -10 || true
'''
'''
}
}
}
}
}
post {
success {
sh '''
set +e
payload=$(printf '{"text":"[%s #%s](%s) SUCCESS","attachments":[{"color":"good","fields":[{"title":"Job","value":"%s","short":true},{"title":"Build","value":"%s","short":true},{"title":"Result","value":"SUCCESS","short":true}]}]}' \
"$JOB_NAME" "$BUILD_NUMBER" "$BUILD_URL" "$JOB_NAME" "$BUILD_NUMBER")
curl -sS --fail --max-time 5 \
-H 'Content-Type: application/json' \
-X POST \
--data "$payload" \
"$WEBHOOK_URL" >/dev/null || echo "Webhook delivery failed for SUCCESS"
'''
node('weblogic') {
sh '''
set +e
payload=$(printf '{"text":"[%s #%s](%s) SUCCESS"}' "$JOB_NAME" "$BUILD_NUMBER" "$BUILD_URL")
curl -sS --fail --max-time 5 -H 'Content-Type: application/json' -X POST --data "$payload" "$WEBHOOK_URL" >/dev/null || echo "Webhook failed"
'''
}
}
failure {
sh '''
set +e
payload=$(printf '{"text":"[%s #%s](%s) FAILURE","attachments":[{"color":"danger","fields":[{"title":"Job","value":"%s","short":true},{"title":"Build","value":"%s","short":true},{"title":"Result","value":"FAILURE","short":true}]}]}' \
"$JOB_NAME" "$BUILD_NUMBER" "$BUILD_URL" "$JOB_NAME" "$BUILD_NUMBER")
curl -sS --fail --max-time 5 \
-H 'Content-Type: application/json' \
-X POST \
--data "$payload" \
"$WEBHOOK_URL" >/dev/null || echo "Webhook delivery failed for FAILURE"
'''
node('weblogic') {
sh '''
set +e
payload=$(printf '{"text":"[%s #%s](%s) FAILURE"}' "$JOB_NAME" "$BUILD_NUMBER" "$BUILD_URL")
curl -sS --fail --max-time 5 -H 'Content-Type: application/json' -X POST --data "$payload" "$WEBHOOK_URL" >/dev/null || echo "Webhook failed"
'''
}
}
}
}
@@ -10,6 +10,7 @@ import com.eactive.apim.portal.apps.apiservice.service.ApiServiceService;
import com.eactive.apim.portal.apps.app.dto.ApiKeyRegistrationDTO;
import com.eactive.apim.portal.apps.app.dto.AppRequestDTO;
import com.eactive.apim.portal.apps.app.dto.ClientDTO;
import com.eactive.apim.portal.apps.app.service.AdminGatewayClient;
import com.eactive.apim.portal.apps.app.service.AppServiceFacade;
import com.eactive.apim.portal.common.user.PortalAuthenticatedUser;
import com.eactive.apim.portal.common.util.ApiServiceHelper;
@@ -21,6 +22,7 @@ import java.util.Map;
import javax.servlet.http.HttpSession;
import javax.validation.Valid;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
@@ -44,6 +46,7 @@ import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
@Slf4j
@Controller
@RequestMapping("/myapikey")
@RequiredArgsConstructor
@@ -77,6 +80,7 @@ public class MyAppController {
private final ApiService apiService;
private final ApiServiceHelper apiServiceHelper;
private final FileTypeDetector fileTypeDetector;
private final AdminGatewayClient adminGatewayClient;
private static final long MAX_APP_ICON_BYTES = 2L * 1024 * 1024; // 2MB
@@ -168,7 +172,13 @@ public class MyAppController {
}
});
// Client Secret은 초기 HTML에 담지 않는다. (비번 확인 후 서버가 1회만 반환)
boolean secretAvailable = StringUtils.isNotBlank(apiKey.getClientsecret());
apiKey.setClientsecret(null);
model.addAttribute("apiKey", apiKey);
model.addAttribute("secretAvailable", secretAvailable);
model.addAttribute("authType", "OAuth2");
return new ModelAndView(CREDENTIAL_DETAIL);
}
@@ -228,28 +238,45 @@ public class MyAppController {
public Map<String, Object> deleteApiKey(@RequestBody Map<String, String> requestData) {
Map<String, Object> result = new java.util.HashMap<>();
try {
String clientId = requestData.get("clientId");
String type = requestData.get("type");
if (clientId == null || clientId.trim().isEmpty()) {
result.put("success", false);
result.put("msg", "클라이언트 ID가 필요합니다.");
return result;
}
PortalAuthenticatedUser user = SecurityUtil.getPortalAuthenticatedUser();
// API Key 즉시 삭제 (승인 프로세스 없이)
appServiceFacade.deleteApp(user.getPortalOrg().getId(), clientId);
result.put("success", true);
result.put("msg", "API Key가 삭제되었습니다.");
} catch (Exception e) {
String clientId = requestData.get("clientId");
if (clientId == null || clientId.trim().isEmpty()) {
result.put("success", false);
result.put("msg", "삭제 요청 중 오류가 발생했습니다: " + e.getMessage());
result.put("msg", "클라이언트 ID가 필요합니다.");
return result;
}
PortalAuthenticatedUser user = SecurityUtil.getPortalAuthenticatedUser();
String orgId = user.getPortalOrg().getId();
// 1. 소유권 확인 (다른 조직의 인증키 차단/삭제 방지)
if (appServiceFacade.getApiKey(orgId, clientId) == null) {
result.put("success", false);
result.put("msg", "해당 인증키를 찾을 수 없습니다.");
return result;
}
// 2. GW 차단(appstatus=0)+리로드를 admin 에 위임. 실패하면 포털 레코드를 삭제하지 않는다.
try {
adminGatewayClient.blockClient(clientId);
} catch (Exception e) {
log.error("GW 차단/리로드 실패로 인증키 삭제 중단 - clientId={}", clientId, e);
result.put("success", false);
result.put("msg", "게이트웨이 차단 처리에 실패하여 삭제를 중단했습니다. 잠시 후 다시 시도해 주세요.");
return result;
}
// 3. GW 차단 성공 시에만 포털 credential 삭제
try {
appServiceFacade.deleteApp(orgId, clientId);
} catch (Exception e) {
log.error("포털 credential 삭제 실패 - clientId={}", clientId, e);
result.put("success", false);
result.put("msg", "삭제 요청 중 오류가 발생했습니다: " + e.getMessage());
return result;
}
result.put("success", true);
result.put("msg", "API Key가 삭제되었습니다.");
return result;
}
@@ -282,6 +309,57 @@ public class MyAppController {
return result;
}
/**
* Client Secret을 비밀번호 확인 후 1회 노출하고 즉시 DB에서 물리 삭제합니다.
* 보안 정책상 비밀정보는 최초 1회만 제공됩니다.
*
* @param requestData clientId, password 포함
* @return {success, secret} / {success:false, alreadyRevealed:true} / {success:false, message}
*/
@PostMapping("/credential/reveal-secret")
@Secured("ROLE_APP")
@ResponseBody
public Map<String, Object> revealClientSecret(@RequestBody Map<String, String> requestData) {
Map<String, Object> result = new java.util.HashMap<>();
String clientId = requestData.get("clientId");
String password = requestData.get("password");
if (clientId == null || clientId.trim().isEmpty()) {
result.put("success", false);
result.put("message", "클라이언트 ID가 필요합니다.");
return result;
}
PortalAuthenticatedUser user = SecurityUtil.getPortalAuthenticatedUser();
// 1. 본인 확인 (비밀번호)
if (!appServiceFacade.verifyUserPassword(user, password)) {
result.put("success", false);
result.put("message", "비밀번호가 일치하지 않습니다.");
return result;
}
// 2. 소유권 확인 + 1회 노출 + 물리 삭제
try {
String secret = appServiceFacade.revealAndDeleteClientSecret(user.getPortalOrg().getId(), clientId);
if (secret == null) {
result.put("success", false);
result.put("alreadyRevealed", true);
result.put("message", "이미 1회 노출되어 삭제된 인증정보입니다.");
return result;
}
result.put("success", true);
result.put("secret", secret);
} catch (Exception e) {
log.error("Client Secret 노출 처리 실패 - clientId={}", clientId, e);
result.put("success", false);
result.put("message", "인증정보 조회 중 오류가 발생했습니다.");
}
return result;
}
/**
* API Key 요청 이력을 페이지 형태로 조회합니다.
* 각 요청의 내용을 사용자 친화적인 형식으로 포맷팅하여 표시합니다.
@@ -0,0 +1,54 @@
package com.eactive.apim.portal.apps.app.service;
import com.eactive.apim.portal.portalproperty.service.PortalPropertyService;
import java.util.Map;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestTemplate;
/**
* 관리자(admin) 포털의 내부 API를 호출하는 클라이언트.
*
* <p>GW 인증서버(TSEAIAU01) 제어는 포털이 직접 하지 않고, broadcast 인프라를 갖춘 admin 에 위임한다.
* admin base URL 은 {@code PTL_PROPERTY} (group={@code Portal}, name={@code djb.admin.base-url}) 에서 조회한다.</p>
*/
@Slf4j
@Service
@RequiredArgsConstructor
public class AdminGatewayClient {
private static final String PROP_GROUP = "Portal";
private static final String PROP_ADMIN_BASE_URL = "admin.base-url";
private static final String DEFAULT_ADMIN_BASE_URL = "http://localhost:39120";
private static final String CLIENT_BLOCK_PATH = "/onl/admin/authserver/clientBlock.json?clientId={clientId}";
private final RestTemplate restTemplate;
private final PortalPropertyService portalPropertyService;
/**
* clientId 의 GW 인증 클라이언트 차단(appstatus=0) + GW 캐시 리로드를 admin 에 요청한다.
*
* @param clientId 차단할 클라이언트 ID
* @throws RuntimeException admin 미응답/네트워크 오류 또는 admin 처리 실패 시 (호출측에서 처리)
*/
public void blockClient(String clientId) {
String baseUrl = portalPropertyService.getOrCreateProperty(
PROP_GROUP, PROP_ADMIN_BASE_URL, DEFAULT_ADMIN_BASE_URL, "admin(관리자포털) 내부 API base URL");
String url = baseUrl.replaceAll("/+$", "") + CLIENT_BLOCK_PATH;
// 네트워크/HTTP 오류는 RestTemplate 이 예외로 던진다.
ResponseEntity<Map> response = restTemplate.postForEntity(url, null, Map.class, clientId);
Map<?, ?> body = response.getBody();
boolean success = body != null && Boolean.TRUE.equals(body.get("success"));
if (!success) {
String msg = body != null ? String.valueOf(body.get("msg")) : "응답 본문 없음";
throw new IllegalStateException("admin clientBlock 처리 실패 - clientId=" + clientId + ", msg=" + msg);
}
log.info("admin GW 차단/리로드 위임 성공 - clientId={}", clientId);
}
}
@@ -293,6 +293,29 @@ public class AppServiceFacade {
}
}
/**
* Client Secret을 1회 조회하고 그 즉시 DB(PTL_CREDENTIAL)에서 물리 삭제합니다.
* 보안 정책상 비밀정보는 최초 1회만 제공되며, 조회 후에는 복구할 수 없습니다.
*
* @param orgId 조직 ID (소유권 확인용)
* @param clientId 대상 클라이언트 ID
* @return 삭제 전 Client Secret 값. 이미 노출되어 비어있으면 {@code null}
* @throws NotFoundException 클라이언트를 찾을 수 없는 경우
*/
public String revealAndDeleteClientSecret(String orgId, String clientId) {
Credential credential = credentialRepository.findByClientidAndOrgid(clientId, orgId)
.orElseThrow(() -> new NotFoundException("Client not found: " + clientId));
String secret = credential.getClientsecret();
if (StringUtils.isBlank(secret)) {
return null; // 이미 1회 노출되어 삭제됨
}
credential.setClientsecret(null); // 물리 삭제 (1회 제공)
credentialRepository.save(credential);
return secret;
}
/**
* API Key(Credential)를 즉시 삭제합니다.
* 승인 프로세스 없이 바로 삭제 처리됩니다.
@@ -1,26 +0,0 @@
package com.eactive.apim.portal.apps.commission.constant;
/**
* Application constants.
*/
public final class Constants {
public static final String SYSTEM_ACCOUNT = "system";
public static final String APIM_FOR_OBP_KEY = "x-obp-trust-system";
public static final String APIM_CODE_FOR_OBP_KEY = "x-obp-partnercode";
public static final String SMS_URL = "/api/messaging/sms";
public static final String COMMISSION_URL = "/api/billing/billing/findBillingForCondition";
public static final String COMMISSION_PRINT_URL = "/api/billing/billing/findBillingForCondition/print";
public static final String OBP_ORGANIZATION_URL = "/api/customer/findCustomerByBusinessManRegistrationNo/";
public static String LANGUAGE = "ko";
private Constants() {
}
}
@@ -1,320 +0,0 @@
package com.eactive.apim.portal.apps.commission.controller;
import com.eactive.apim.portal.apps.commission.constant.Constants;
import com.eactive.apim.portal.apps.commission.dto.CommissionDTO;
import com.eactive.apim.portal.apps.commission.dto.CommissionSearch;
import com.eactive.apim.portal.apps.commission.exception.ErrorUtil;
import com.eactive.apim.portal.apps.commission.service.ExternalService;
import com.eactive.apim.portal.common.util.SecurityUtil;
import com.eactive.apim.portal.portalproperty.service.PortalPropertyService;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import lombok.RequiredArgsConstructor;
import org.apache.commons.collections.MapUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.annotation.Secured;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
@RequestMapping(value = "/commission")
@Secured("ROLE_APP")
@RequiredArgsConstructor
public class CommissionController {
private final Logger log = LoggerFactory.getLogger(CommissionController.class);
private final ExternalService externalService;
private final PortalPropertyService portalPropertyService;
private final ObjectMapper objectMapper = new ObjectMapper()
.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
@GetMapping("/manage")
public String commissionManagePage(Model model) {
// 기본 정보 설정
model.addAttribute("organization", SecurityUtil.getUserOrg());
model.addAttribute("noOrgCode", StringUtils.isEmpty(SecurityUtil.getUserOrg().getOrgCode()));
return "apps/commission/commissionManage";
}
@GetMapping("/print/{year}/{month}")
public String commissionPrintPage(
@PathVariable("year") String year,
@PathVariable("month") String month,
Model model) {
CommissionSearch search = new CommissionSearch();
search.setPartnerCode(SecurityUtil.getUserOrg().getOrgCode());
search.setYear(year);
search.setMonth(month);
CommissionResult result = fetchCommissionData(search, Constants.COMMISSION_PRINT_URL);
if (result.hasError()) {
model.addAttribute("error", result.getError());
return "apps/commission/commissionPrint";
}
// Model에 데이터 바인딩
model.addAttribute("commission", result.getData());
model.addAttribute("organization", SecurityUtil.getUserOrg().getOrgName());
model.addAttribute("year", year);
model.addAttribute("month", month);
model.addAttribute("toDay", java.time.LocalDate.now().toString());
return "apps/commission/commissionPrint";
}
// ==================== API Endpoints ====================
@PostMapping("/print/check")
public ResponseEntity<?> checkPrintData(@RequestBody CommissionSearch search) {
search.setPartnerCode(SecurityUtil.getUserOrg().getOrgCode());
if (StringUtils.isEmpty(search.getPartnerCode())) {
return ErrorUtil.create("fail.commission.needPartnerCode");
}
CommissionResult result = fetchCommissionData(search, Constants.COMMISSION_PRINT_URL);
if (result.hasError()) {
return ErrorUtil.create("fail.commission.print", result.getError());
}
return ResponseEntity.ok().body(result.getData());
}
@PostMapping()
public ResponseEntity<?> list(@RequestBody CommissionSearch search) {
search.setPartnerCode(SecurityUtil.getUserOrg().getOrgCode());
if (StringUtils.isEmpty(search.getPartnerCode())) {
return ErrorUtil.create("fail.commission.needPartnerCode");
}
CommissionResult result = fetchCommissionData(search, Constants.COMMISSION_URL);
if (result.hasError()) {
return ErrorUtil.create("fail.commission.list", result.getError());
}
return ResponseEntity.ok().body(result.getData());
}
// ==================== Private Methods ====================
/**
* 외부 API를 호출하여 수수료 데이터를 조회합니다.
*
* @param search 검색 조건
* @param apiPath API 경로 (Constants.COMMISSION_URL 또는 Constants.COMMISSION_PRINT_URL)
* @return 조회 결과
*/
private CommissionResult fetchCommissionData(CommissionSearch search, String apiPath) {
if (StringUtils.isEmpty(search.getPartnerCode())) {
return CommissionResult.error("파트너 코드가 없습니다.");
}
try {
String obmUrl = portalPropertyService.getPortalPropertiesAsMap("Portal").getOrDefault("obp.obm.url", "");
String url = obmUrl + apiPath;
// 첫 번째 API 호출
String result = externalService.getResponseHttpPost(url, toJson(search));
if (StringUtils.isEmpty(result)) {
return CommissionResult.error("외부 서버 연결에 실패하였습니다.");
}
HashMap<String, Object> returnObj = objectMapper.readValue(result, HashMap.class);
// 에러 응답 체크
String errorMessage = extractErrorMessage(returnObj);
if (errorMessage != null) {
return CommissionResult.error(errorMessage);
}
// Together 관련 추가 처리 (000002-01)
if (StringUtils.pathEquals(search.getPartnerCode(), "000002-01")) {
log.debug("Found Together : " + search.getPartnerCode());
CommissionSearch togetherSearch = new CommissionSearch();
togetherSearch.setPartnerCode("000002-02");
togetherSearch.setYear(search.getYear());
togetherSearch.setMonth(search.getMonth());
String togetherResult = externalService.getResponseHttpPost(url, toJson(togetherSearch));
if (StringUtils.isEmpty(togetherResult)) {
return CommissionResult.error("외부 서버 연결에 실패하였습니다.");
}
HashMap<String, Object> togetherReturnObj = objectMapper.readValue(togetherResult, HashMap.class);
log.debug("togetherLendingReturnObj : " + togetherReturnObj.toString());
String togetherErrorMessage = extractErrorMessage(togetherReturnObj);
if (togetherErrorMessage != null) {
return CommissionResult.error(togetherErrorMessage);
}
HashMap<String, Object> mergeMap = mergeCommissionData(returnObj, togetherReturnObj);
result = objectMapper.writeValueAsString(mergeMap);
}
CommissionDTO commissionDTO = objectMapper.readValue(result, CommissionDTO.class);
return CommissionResult.success(commissionDTO);
} catch (Exception e) {
log.warn(e.getMessage(), e);
return CommissionResult.error("수수료 조회에 실패하였습니다.");
}
}
/**
* 응답에서 에러 메시지를 추출합니다.
*/
private String extractErrorMessage(HashMap<String, Object> response) {
if (!StringUtils.isEmpty(response.get("error"))) {
HashMap<String, Object> error = (HashMap) response.get("error");
return error.get("message").toString();
}
return null;
}
private String toJson(CommissionSearch search) {
try {
Map<String, String> jsonMap = new HashMap<>();
jsonMap.put("partnerCode", search.getPartnerCode());
// 월을 두 자리로 패딩 (예: 1 -> 01, 12 -> 12)
String paddedMonth = String.format("%02d", Integer.parseInt(search.getMonth()));
jsonMap.put("targetOnMonth", search.getYear() + paddedMonth);
return objectMapper.writeValueAsString(jsonMap);
} catch (Exception e) {
log.warn("Failed to serialize CommissionSearch to JSON", e);
return "{}";
}
}
/**
* Safely parse double value from HashMap
* Handles both numeric types and string representations
*/
private double safeGetDouble(HashMap<String, Object> map, String key) {
Object value = map.get(key);
if (value == null) {
return 0.0;
}
try {
if (value instanceof Number) {
return ((Number) value).doubleValue();
} else if (value instanceof String) {
return Double.parseDouble((String) value);
}
return 0.0;
} catch (NumberFormatException e) {
log.warn("Failed to parse double value for key: {} with value: {}", key, value);
return 0.0;
}
}
public HashMap<String, Object> mergeCommissionData(HashMap<String, Object> o1, HashMap<String, Object> o2) {
HashMap<String, Object> mergeMap = new HashMap<String, Object>();
String o1Status = MapUtils.getString(o1, "status");
String o2Status = MapUtils.getString(o2, "status");
String resultStatus = null;
if (Integer.parseInt(o1Status) <= Integer.parseInt(o2Status)) {
resultStatus = o1Status;
} else {
resultStatus = o2Status;
}
double apiTotalValueSum = safeGetDouble(o1, "apiTotalValueSum") + safeGetDouble(o2, "apiTotalValueSum");
double apiSum = safeGetDouble(o1, "apiSum") + safeGetDouble(o2, "apiSum");
double apiTotalValueSum2 = safeGetDouble(o1, "apiTotalValueSum2") + safeGetDouble(o2, "apiTotalValueSum2");
double apiSum2 = safeGetDouble(o1, "apiSum2") + safeGetDouble(o2, "apiSum2");
double productTotalValueCountSum = safeGetDouble(o1, "productTotalValueCountSum") + safeGetDouble(o2, "productTotalValueCountSum");
double productTotalValueAmountSum = safeGetDouble(o1, "productTotalValueAmountSum") + safeGetDouble(o2, "productTotalValueAmountSum");
double productSum = safeGetDouble(o1, "productSum") + safeGetDouble(o2, "productSum");
double productTotalValueCountSum2 = safeGetDouble(o1, "productTotalValueCountSum2") + safeGetDouble(o2, "productTotalValueCountSum2");
double productTotalValueAmountSum2 = safeGetDouble(o1, "productTotalValueAmountSum2") + safeGetDouble(o2, "productTotalValueAmountSum2");
double productSum2 = safeGetDouble(o1, "productSum2") + safeGetDouble(o2, "productSum2");
double totalValueCountSum = safeGetDouble(o1, "totalValueCountSum") + safeGetDouble(o2, "totalValueCountSum");
double totalValueCountSum2 = safeGetDouble(o1, "totalValueCountSum2") + safeGetDouble(o2, "totalValueCountSum2");
double totalValueAmountSum = safeGetDouble(o1, "totalValueAmountSum") + safeGetDouble(o2, "totalValueAmountSum");
double totalValueAmountSum2 = safeGetDouble(o1, "totalValueAmountSum2") + safeGetDouble(o2, "totalValueAmountSum2");
double sum = safeGetDouble(o1, "sum") + safeGetDouble(o2, "sum");
double sum2 = safeGetDouble(o1, "sum2") + safeGetDouble(o2, "sum2");
List<Map> o1List = (ArrayList) o1.get("list");
List<Map> o2pList = (ArrayList) o2.get("list");
o1List.addAll(o2pList);
mergeMap.put("status", resultStatus);
mergeMap.put("apiTotalValueSum", String.format("%.2f", apiTotalValueSum));
mergeMap.put("apiSum", String.format("%.2f", apiSum));
mergeMap.put("apiTotalValueSum2", String.format("%.2f", apiTotalValueSum2));
mergeMap.put("apiSum2", String.format("%.2f", apiSum2));
mergeMap.put("productTotalValueCountSum", String.format("%.2f", productTotalValueCountSum));
mergeMap.put("productTotalValueAmountSum", String.format("%.2f", productTotalValueAmountSum));
mergeMap.put("productSum", String.format("%.2f", productSum));
mergeMap.put("productTotalValueCountSum2", String.format("%.2f", productTotalValueCountSum2));
mergeMap.put("productTotalValueAmountSum2", String.format("%.2f", productTotalValueAmountSum2));
mergeMap.put("productSum2", String.format("%.2f", productSum2));
mergeMap.put("totalValueCountSum", String.format("%.2f", totalValueCountSum));
mergeMap.put("totalValueCountSum2", String.format("%.2f", totalValueCountSum2));
mergeMap.put("totalValueAmountSum", String.format("%.2f", totalValueAmountSum));
mergeMap.put("totalValueAmountSum2", String.format("%.2f", totalValueAmountSum2));
mergeMap.put("sum", String.format("%.2f", sum));
mergeMap.put("sum2", String.format("%.2f", sum2));
mergeMap.put("list", o1List);
return mergeMap;
}
// ==================== Inner Classes ====================
/**
* 수수료 조회 결과를 담는 내부 클래스
*/
private static class CommissionResult {
private CommissionDTO data;
private String error;
static CommissionResult success(CommissionDTO data) {
CommissionResult result = new CommissionResult();
result.data = data;
return result;
}
static CommissionResult error(String message) {
CommissionResult result = new CommissionResult();
result.error = message;
return result;
}
boolean hasError() {
return error != null;
}
CommissionDTO getData() {
return data;
}
String getError() {
return error;
}
}
}
@@ -1,28 +0,0 @@
package com.eactive.apim.portal.apps.commission.dto;
import java.util.List;
import lombok.Data;
@Data
public class CommissionDTO {
private String status;
private String apiTotalValueSum;
private String apiSum;
private String apiTotalValueSum2;
private String apiSum2;
private String productTotalValueCountSum;
private String productTotalValueAmountSum;
private String productSum;
private String productTotalValueCountSum2;
private String productTotalValueAmountSum2;
private String productSum2;
private String totalValueCountSum;
private String totalValueCountSum2;
private String totalValueAmountSum;
private String totalValueAmountSum2;
private String sum;
private String sum2;
private List<CommissionList> list;
private String documentFormatNo;
}
@@ -1,32 +0,0 @@
package com.eactive.apim.portal.apps.commission.dto;
import lombok.Data;
/**
* Created by jskim on 17. 01. 26.
*
* @author jskim
*/
@Data
public class CommissionList {
private String paymentTargetName;
private String paymentTargetType;
private String value;
private String minimumAmount;
private String maximumAmount;
private String totalCount;
private String totalCount2;
private String totalValue;
private String totalValue2;
private String minimumAmount2;
private String maximumAmount2;
private String paymentBaseName;
private String paymentTimingName;
private String valueDivisionName;
private String sum;
private String sum2;
private String detailFeeTypeName;
private String value2;
private String changeReason2;
}
@@ -1,17 +0,0 @@
package com.eactive.apim.portal.apps.commission.dto;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
@Data
public class CommissionSearch {
@ApiModelProperty(value = "대상년")
private String year;
@ApiModelProperty(value = "대상월")
private String month;
private String partnerCode;
}
@@ -1,27 +0,0 @@
package com.eactive.apim.portal.apps.commission.exception;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
/**
* Created by ybsong on 16. 12. 7.
*
* @author ybsong
*/
public class ErrorUtil {
public static ResponseEntity<ErrorVM> create(HttpStatus status, String message, String description) {
return new ResponseEntity<>(new ErrorVM(message, description), status);
}
public static ResponseEntity<ErrorVM> create(HttpStatus status, String message) {
return create(status, message, null);
}
public static ResponseEntity<ErrorVM> create(String message, String description) {
return create(HttpStatus.BAD_REQUEST, message, description);
}
public static ResponseEntity<ErrorVM> create(String message) {
return create(message, null);
}
}
@@ -1,43 +0,0 @@
package com.eactive.apim.portal.apps.commission.exception;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import lombok.Data;
/**
* View Model for transferring error message with a list of field errors.
*/
@Data
public class ErrorVM implements Serializable {
private static final long serialVersionUID = 1L;
private final String message;
private final String description;
private List<FieldErrorVM> fieldErrors;
public ErrorVM(String message) {
this(message, null);
}
public ErrorVM(String message, String description) {
this.message = message;
this.description = description;
}
public ErrorVM(String message, String description, List<FieldErrorVM> fieldErrors) {
this.message = message;
this.description = description;
this.fieldErrors = fieldErrors;
}
public void add(String objectName, String field, String message) {
if (fieldErrors == null) {
fieldErrors = new ArrayList<>();
}
fieldErrors.add(new FieldErrorVM(objectName, field, message));
}
}
@@ -1,33 +0,0 @@
package com.eactive.apim.portal.apps.commission.exception;
import java.io.Serializable;
public class FieldErrorVM implements Serializable {
private static final long serialVersionUID = 1L;
private final String objectName;
private final String field;
private final String message;
public FieldErrorVM(String dto, String field, String message) {
this.objectName = dto;
this.field = field;
this.message = message;
}
public String getObjectName() {
return objectName;
}
public String getField() {
return field;
}
public String getMessage() {
return message;
}
}
@@ -1,80 +0,0 @@
package com.eactive.apim.portal.apps.commission.service;
import com.eactive.apim.portal.apps.commission.constant.Constants;
import com.eactive.apim.portal.portalproperty.service.PortalPropertyService;
import java.util.Map;
import javax.inject.Inject;
import lombok.RequiredArgsConstructor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.client.HttpStatusCodeException;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestTemplate;
/**
* 외부 API 호출 서비스
* RestTemplate 기반으로 외부 시스템과 HTTP 통신을 수행합니다.
*
* @author ybsong
* @since 2017-03-02
*/
@Service
@Transactional
@RequiredArgsConstructor
public class ExternalService {
private final Logger log = LoggerFactory.getLogger(ExternalService.class);
private final RestTemplate restTemplate;
private final PortalPropertyService portalPropertyService;
/**
* HTTP POST 요청을 통해 외부 API를 호출하고 응답을 받습니다.
*
* @param url 호출할 API URL
* @param payload 요청 본문 (JSON 문자열)
* @return API 응답 본문 (문자열), 오류 발생 null
*/
public String getResponseHttpPost(String url, String payload) {
try {
Map<String, String> portalProperties = portalPropertyService.getPortalPropertiesAsMap("Portal");
// HTTP 헤더 설정
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
headers.set(Constants.APIM_FOR_OBP_KEY, portalProperties.getOrDefault("obp.api_key","APIMPT-0002-QVBJTVBULTAwMDI="));
headers.set(Constants.APIM_CODE_FOR_OBP_KEY, portalProperties.getOrDefault("obp.partner_code","100001-01"));
// HTTP 요청 엔티티 생성 (헤더 + 본문)
HttpEntity<String> requestEntity = new HttpEntity<>(payload, headers);
// POST 요청 실행
ResponseEntity<String> response = restTemplate.postForEntity(url, requestEntity, String.class);
// 응답 본문 반환
return response.getBody();
} catch (HttpStatusCodeException e) {
// 4xx, 5xx 에러더라도 응답 본문이 있으면 반환 (에러 메시지 포함)
String responseBody = e.getResponseBodyAsString();
log.warn("HTTP error from external API: url={}, status={}, body={}", url, e.getStatusCode(), responseBody);
if (responseBody != null && !responseBody.isEmpty()) {
return responseBody;
}
return null;
} catch (RestClientException e) {
log.error("Failed to call external API: url={}, error={}", url, e.getMessage(), e);
return null;
} catch (Exception e) {
log.error("Unexpected error during HTTP POST: url={}", url, e);
return null;
}
}
}
@@ -13,6 +13,7 @@ import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
@Controller
public class FaqController {
@@ -47,4 +48,16 @@ public class FaqController {
return "apps/community/mainFaqList";
}
@GetMapping("/faq_view")
public String view(@RequestParam(value = "id", required = false) String id, Model model) {
if (id == null) {
return "redirect:/faq_list";
}
FaqDTO faq = faqFacade.getFaq(id);
model.addAttribute("faq", faq);
return "apps/community/mainFaqDetail";
}
}
@@ -7,4 +7,6 @@ import org.springframework.data.domain.Pageable;
public interface FaqFacade {
Page<FaqDTO> getFaqs(FaqSearch search, Pageable pageable);
FaqDTO getFaq(String id);
}
@@ -34,4 +34,9 @@ public class FaqFacadeImpl implements FaqFacade {
return faqPage.map(faqMapper::map);
}
@Override
public FaqDTO getFaq(String id) {
return faqMapper.map(faqService.findById(id));
}
}
@@ -40,6 +40,7 @@ public class PartnershipApplicationController {
model.addAttribute("partnership", new PartnershipApplicationDTO());
model.addAttribute("isInternalUser", UserTypeUtil.isCurrentUserInternal());
model.addAttribute("recentApplications", partnershipApplicationFacade.getMyRecentApplications());
return "apps/community/mainPartnershipForm";
}
@@ -2,8 +2,10 @@ package com.eactive.apim.portal.apps.community.partnership.mapper;
import com.eactive.apim.portal.apps.community.partnership.dto.PartnershipApplicationDTO;
import com.eactive.apim.portal.apps.community.partnership.dto.PartnershipApplicationSummaryDTO;
import com.eactive.apim.portal.common.mapper.CommonMapper;
import com.eactive.apim.portal.partnershipapplication.entity.PartnershipApplication;
import java.util.List;
import org.mapstruct.Mapper;
import org.mapstruct.ReportingPolicy;
import org.springframework.stereotype.Component;
@@ -16,4 +18,8 @@ import org.springframework.stereotype.Component;
public interface PartnershipApplicationMapper {
PartnershipApplication toEntity(PartnershipApplicationDTO dto);
PartnershipApplicationSummaryDTO toSummaryDto(PartnershipApplication entity);
List<PartnershipApplicationSummaryDTO> toSummaryDtoList(List<PartnershipApplication> entities);
}
@@ -2,6 +2,7 @@ package com.eactive.apim.portal.apps.community.partnership.repository;
import com.eactive.apim.portal.partnershipapplication.entity.PartnershipApplication;
import com.eactive.eai.rms.data.EMSDataSource;
import java.util.List;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
import org.springframework.stereotype.Repository;
@@ -9,4 +10,10 @@ import org.springframework.stereotype.Repository;
@Repository
@EMSDataSource
public interface PartnershipApplicationRepository extends JpaRepository<PartnershipApplication, String>, JpaSpecificationExecutor<PartnershipApplication> {
/**
* 특정 작성자(createdBy) 등록한 최근 3건을 최신순으로 조회한다.
* createdBy PersonalDataEncryptConverter 결정적 암호화되므로 평문 사용자 id 등가 조회가 가능하다.
*/
List<PartnershipApplication> findTop3ByCreatedByOrderByCreatedDateDesc(String createdBy);
}
@@ -1,9 +1,16 @@
package com.eactive.apim.portal.apps.community.partnership.service;
import com.eactive.apim.portal.apps.community.partnership.dto.PartnershipApplicationDTO;
import com.eactive.apim.portal.apps.community.partnership.dto.PartnershipApplicationSummaryDTO;
import java.io.IOException;
import java.util.List;
public interface PartnershipApplicationFacade {
void createPartnershipApplication(PartnershipApplicationDTO partnershipApplicationDTO) throws IOException;
/**
* 현재 로그인 사용자가 작성한 최근 3건을 조회한다. 미인증이면 목록.
*/
List<PartnershipApplicationSummaryDTO> getMyRecentApplications();
}
@@ -1,6 +1,7 @@
package com.eactive.apim.portal.apps.community.partnership.service;
import com.eactive.apim.portal.apps.community.partnership.dto.PartnershipApplicationDTO;
import com.eactive.apim.portal.apps.community.partnership.dto.PartnershipApplicationSummaryDTO;
import com.eactive.apim.portal.apps.community.partnership.mapper.PartnershipApplicationMapper;
import com.eactive.apim.portal.common.user.PortalAuthenticatedUser;
import com.eactive.apim.portal.common.util.SecurityUtil;
@@ -15,7 +16,9 @@ import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;
import java.io.IOException;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@Service
@@ -60,4 +63,14 @@ public class PartnershipApplicationFacadeImpl implements PartnershipApplicationF
}
portalAdminNotifier.notifyPortalAdmins(MessageCode.PARTNERSHIP_CREATED, params);
}
@Override
public List<PartnershipApplicationSummaryDTO> getMyRecentApplications() {
PortalAuthenticatedUser user = SecurityUtil.getPortalAuthenticatedUser();
if (user == null) {
return Collections.emptyList();
}
List<PartnershipApplication> recent = partnershipApplicationService.findRecentByCreatedBy(user.getId());
return partnershipApplicationMapper.toSummaryDtoList(recent);
}
}
@@ -2,6 +2,7 @@ package com.eactive.apim.portal.apps.community.partnership.service;
import com.eactive.apim.portal.apps.community.partnership.repository.PartnershipApplicationRepository;
import com.eactive.apim.portal.partnershipapplication.entity.PartnershipApplication;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@@ -21,4 +22,12 @@ public class PartnershipApplicationService {
public void createPartnershipApplication(PartnershipApplication partnershipApplication) {
partnershipApplicationRepository.save(partnershipApplication);
}
/**
* 작성자 id 최근 등록 3건 조회(최신순).
*/
@Transactional(readOnly = true)
public List<PartnershipApplication> findRecentByCreatedBy(String createdBy) {
return partnershipApplicationRepository.findTop3ByCreatedByOrderByCreatedDateDesc(createdBy);
}
}
@@ -7,6 +7,7 @@ import com.eactive.apim.portal.common.user.PortalAuthenticatedUser;
import com.eactive.apim.portal.common.util.SecurityUtil;
import com.eactive.apim.portal.common.util.UserTypeUtil;
import com.eactive.apim.portal.djb.community.qna.comment.service.InquiryCommentFacade;
import com.eactive.apim.portal.qna.entity.VisibilityScope;
import java.io.IOException;
import java.util.List;
import java.util.Map;
@@ -16,11 +17,13 @@ import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.data.domain.Sort;
import org.springframework.data.web.PageableDefault;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.annotation.Secured;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
import javax.validation.Valid;
@@ -56,6 +59,7 @@ public class InquiryController {
model.addAttribute("inquiries", inquiries.getContent());
model.addAttribute("page", inquiries);
model.addAttribute("commentCounts", commentCounts);
model.addAttribute("visibilityCeiling", inquiryFacade.getVisibilityCeiling());
return "apps/community/mainInquiryList";
}
@@ -75,13 +79,25 @@ public class InquiryController {
return "apps/community/mainInquiryDetail";
}
/**
* 2-1. 조회수 증가 (sessionStorage dedup 통과 JS POST 호출)
*/
@PostMapping("/{id}/view")
public ResponseEntity<Void> increaseViewCount(@PathVariable String id) {
inquiryFacade.incrementViewCount(SecurityUtil.getPortalAuthenticatedUser(), id);
return ResponseEntity.ok().build();
}
/**
* 3. inquiry 등록 페이지
*/
@GetMapping("/new")
public String newInquiryForm(Model model) {
model.addAttribute("inquiry", new InquiryDTO());
InquiryDTO inquiry = new InquiryDTO();
inquiry.setVisibility(VisibilityScope.ORG.name()); // 기본 공개범위: 법인공개
model.addAttribute("inquiry", inquiry);
model.addAttribute("isInternalUser", UserTypeUtil.isCurrentUserInternal());
addVisibilityOptions(model);
return APPS_COMMUNITY_MAIN_INQUIRY_FORM;
}
@@ -93,14 +109,23 @@ public class InquiryController {
InquiryDTO inquiry = inquiryFacade.getMyInquiry(SecurityUtil.getPortalAuthenticatedUser(), id);
model.addAttribute("inquiry", inquiry);
model.addAttribute("isInternalUser", UserTypeUtil.isCurrentUserInternal());
addVisibilityOptions(model);
return APPS_COMMUNITY_MAIN_INQUIRY_FORM;
}
/** 공개범위 상한에 따른 폼 옵션 노출 플래그. PRIVATE 는 항상 허용. */
private void addVisibilityOptions(Model model) {
VisibilityScope ceiling = inquiryFacade.getVisibilityCeiling();
model.addAttribute("allowAll", ceiling.width() >= VisibilityScope.ALL.width());
model.addAttribute("allowOrg", ceiling.width() >= VisibilityScope.ORG.width());
}
/**
* 5. inquiry 등록 요청
*/
@PostMapping
public String createInquiry(@Valid @ModelAttribute InquiryDTO inquiryDTO, BindingResult bindingResult,
@RequestParam(value = "image", required = false) MultipartFile image,
RedirectAttributes redirectAttributes,
Model model) throws IOException {
if (bindingResult.hasErrors()) {
@@ -108,7 +133,7 @@ public class InquiryController {
return APPS_COMMUNITY_MAIN_INQUIRY_FORM;
}
inquiryFacade.createInquiry(inquiryDTO);
inquiryFacade.createInquiry(inquiryDTO, image);
redirectAttributes.addFlashAttribute("success", "Q&A 작성이 완료되었습니다.");
return REDIRECT_INQUIRY;
@@ -119,11 +144,12 @@ public class InquiryController {
*/
@PostMapping("/edit")
public String updateInquiry(@Valid @ModelAttribute InquiryDTO inquiryDTO, BindingResult bindingResult,
@RequestParam(value = "image", required = false) MultipartFile image,
RedirectAttributes redirectAttributes) throws IOException {
if (bindingResult.hasErrors()) {
return APPS_COMMUNITY_MAIN_INQUIRY_FORM;
}
inquiryFacade.updateUserInquiry(SecurityUtil.getPortalAuthenticatedUser(), inquiryDTO.getId(), inquiryDTO);
inquiryFacade.updateUserInquiry(SecurityUtil.getPortalAuthenticatedUser(), inquiryDTO.getId(), inquiryDTO, image);
redirectAttributes.addFlashAttribute("success", "Q&A 수정이 완료되었습니다.");
return "redirect:/inquiry/detail?id=" + inquiryDTO.getId();
}
@@ -25,7 +25,7 @@ public class InquiryDTO {
@Size(max = 4000, message = "제목은 50자를 초과할 수 없습니다.")
private String inquiryDetail;
@Pattern(regexp = "^(PENDING|RESPONDED|CLOSED)$", message = "유효하지 않은 문의 상태입니다.")
@Pattern(regexp = "^(PENDING|REVIEWING|RESPONDED|CLOSED)$", message = "유효하지 않은 문의 상태입니다.")
private String inquiryStatus;
private String inquirerName;
@@ -51,4 +51,22 @@ public class InquiryDTO {
private String maskedInquirerName;
/** 목록 작성자 표기용 법인명(이름과 별도 줄 표기). */
private String inquirerOrgName;
/** 상세 작성자 표기용 "이름 (법인명)". */
private String inquirerDisplay;
/** 공개범위(ALL/ORG/PRIVATE). 미지정 시 서버에서 상한으로 clamp. */
private String visibility;
/** 공개범위 표기용 한글 라벨(전체공개/법인공개/비공개). */
private String visibilityLabel;
/** 조회수(표시용). */
private long viewCount;
/** 목록에서 비공개 게시물을 "비공개 게시물"로 흐리게 표기할지 여부(비-소유자). */
private boolean privatePlaceholder;
}
@@ -14,6 +14,9 @@ import org.springframework.stereotype.Component;
@Component
public interface InquiryMapper {
// visibility(공개범위) facade 에서 상한 clamp 수동 세팅, viewCount 서버가 관리
@Mapping(target = "visibility", ignore = true)
@Mapping(target = "viewCount", ignore = true)
Inquiry toEntity(InquiryDTO inquiry);
@Mapping(target = "inquirerName", source = "inquirer.userName")
@@ -3,23 +3,30 @@ package com.eactive.apim.portal.apps.community.qna.service;
import com.eactive.apim.portal.apps.community.qna.dto.InquiryDTO;
import com.eactive.apim.portal.apps.community.qna.dto.InquirySearch;
import com.eactive.apim.portal.common.user.PortalAuthenticatedUser;
import com.eactive.apim.portal.qna.entity.VisibilityScope;
import java.io.IOException;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.web.multipart.MultipartFile;
public interface InquiryFacade {
Page<InquiryDTO> getInquiries(InquirySearch search, Pageable pageable, PortalAuthenticatedUser user);
/** 문의 공개범위 상한(폼 옵션 노출 제어용). */
VisibilityScope getVisibilityCeiling();
InquiryDTO getUserInquiry(PortalAuthenticatedUser user, String id);
InquiryDTO getMyInquiry(PortalAuthenticatedUser user, String id);
InquiryDTO getAccessibleInquiry(PortalAuthenticatedUser user, String id);
void createInquiry(InquiryDTO inquiryDTO) throws IOException;
void createInquiry(InquiryDTO inquiryDTO, MultipartFile image) throws IOException;
void updateUserInquiry(PortalAuthenticatedUser user, String id, InquiryDTO inquiryDTO) throws IOException;
void updateUserInquiry(PortalAuthenticatedUser user, String id, InquiryDTO inquiryDTO, MultipartFile image) throws IOException;
void incrementViewCount(PortalAuthenticatedUser user, String id);
void deleteUserInquiry(PortalAuthenticatedUser user, String id);
}
@@ -7,26 +7,41 @@ import com.eactive.apim.portal.common.user.PortalAuthenticatedUser;
import com.eactive.apim.portal.common.util.SecurityUtil;
import com.eactive.apim.portal.common.util.StringMaskingUtil;
import com.eactive.apim.portal.djb.community.qna.comment.service.CommunityAdminNotifier;
import com.eactive.apim.portal.file.entity.FileInfo;
import com.eactive.apim.portal.file.exception.InvalidFileException;
import com.eactive.apim.portal.file.service.FileService;
import com.eactive.apim.portal.portalorg.entity.PortalOrg;
import com.eactive.apim.portal.portaluser.entity.PortalUser;
import com.eactive.apim.portal.portaluser.entity.PortalUserEnums;
import com.eactive.apim.portal.qna.entity.Inquiry;
import com.eactive.apim.portal.qna.entity.VisibilityScope;
import com.eactive.apim.portal.template.entity.MessageCode;
import lombok.RequiredArgsConstructor;
import org.apache.commons.io.FilenameUtils;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.data.jpa.domain.Specification;
import org.springframework.stereotype.Service;
import org.springframework.web.multipart.MultipartFile;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
@Service
@RequiredArgsConstructor
public class InquiryFacadeImpl implements InquiryFacade {
private static final Set<String> IMAGE_EXTENSIONS =
new HashSet<>(Arrays.asList("jpg", "jpeg", "png", "gif"));
private final InquiryService inquiryService;
private final InquiryMapper inquiryMapper;
private final CommunityAdminNotifier inquiryAdminNotifier;
private final FileService fileService;
@Override
public Page<InquiryDTO> getInquiries(InquirySearch search, Pageable pageable, PortalAuthenticatedUser user) {
@@ -40,6 +55,8 @@ public class InquiryFacadeImpl implements InquiryFacade {
Page<Inquiry> inquiriesPage = inquiryService.getInquiries(spec, pageable);
VisibilityScope ceiling = inquiryService.getVisibilityCeiling();
return inquiriesPage.map(inquiry -> {
InquiryDTO dto = inquiryMapper.map(inquiry);
if (dto != null && dto.getInquirer() != null) {
@@ -48,8 +65,20 @@ public class InquiryFacadeImpl implements InquiryFacade {
inquiry.getInquirer().getId(),
user.getId()
));
PortalOrg org = inquiry.getInquirer().getPortalOrg();
if (org != null) {
dto.setInquirerOrgName(org.getOrgName());
}
dto.getInquirer().setUserName(null); // 원본 데이터 제거
}
// 비공개 게시물은 본인/같은 법인 관리자 외에는 "비공개 게시물"로만 노출
VisibilityScope effective = VisibilityScope.clampTo(inquiry.getVisibility(), ceiling);
dto.setVisibility(effective.name());
dto.setVisibilityLabel(effective.label());
if (effective == VisibilityScope.PRIVATE && !canReadPrivate(user, inquiry)) {
dto.setPrivatePlaceholder(true);
dto.setInquirySubject(null);
}
return dto;
});
}
@@ -81,14 +110,32 @@ public class InquiryFacadeImpl implements InquiryFacade {
@Override
public InquiryDTO getAccessibleInquiry(PortalAuthenticatedUser user, String id) {
Inquiry inquiry = inquiryService.getAccessibleInquiry(user, id);
return inquiryMapper.map(inquiry);
InquiryDTO dto = inquiryMapper.map(inquiry);
if (dto != null) {
VisibilityScope effective = inquiryService.effectiveVisibility(inquiry);
dto.setVisibility(effective.name());
dto.setVisibilityLabel(effective.label());
}
if (dto != null && inquiry.getInquirer() != null) {
// 상세 작성자 표기: "이름 (법인명)" 본인은 owner-bypass 원문
String maskedName = StringMaskingUtil.maskName(
inquiry.getInquirer().getUserName(),
inquiry.getInquirer().getId(),
user.getId());
dto.setInquirerDisplay(withOrgName(maskedName, inquiry.getInquirer()));
}
return dto;
}
@Override
public void createInquiry(InquiryDTO inquiryDTO) throws IOException {
public void createInquiry(InquiryDTO inquiryDTO, MultipartFile image) throws IOException {
PortalAuthenticatedUser current = SecurityUtil.getPortalAuthenticatedUser();
Inquiry inquiry = inquiryMapper.toEntity(inquiryDTO);
inquiry.setInquirer(current);
inquiry.setVisibility(clampedVisibility(inquiryDTO.getVisibility()));
if (hasFile(image)) {
inquiry.setAttachFile(storeImage(null, image));
}
inquiryService.createInquiry(inquiry);
Map<String, Object> params = new HashMap<>();
@@ -99,17 +146,91 @@ public class InquiryFacadeImpl implements InquiryFacade {
}
@Override
public void updateUserInquiry(PortalAuthenticatedUser user, String id, InquiryDTO inquiryDTO) throws IOException {
public void updateUserInquiry(PortalAuthenticatedUser user, String id, InquiryDTO inquiryDTO, MultipartFile image) throws IOException {
Inquiry existingInquiry = inquiryService.getMyInquiry(user, id);
inquiryDTO.setAttachFile(existingInquiry.getAttachFile());
Inquiry inquiry = inquiryMapper.toEntity(inquiryDTO);
inquiry.setInquirer(existingInquiry.getInquirer());
inquiry.setVisibility(clampedVisibility(inquiryDTO.getVisibility()));
// 이미지 교체 기존 fileId 업데이트, 없으면 기존 첨부 유지
if (hasFile(image)) {
inquiry.setAttachFile(storeImage(existingInquiry.getAttachFile(), image));
} else {
inquiry.setAttachFile(existingInquiry.getAttachFile());
}
inquiryService.updateInquiry(id, inquiry);
}
@Override
public void incrementViewCount(PortalAuthenticatedUser user, String id) {
// 접근 가능한 게시물만 조회수 증가
inquiryService.getAccessibleInquiry(user, id);
inquiryService.incrementViewCount(id);
}
@Override
public VisibilityScope getVisibilityCeiling() {
return inquiryService.getVisibilityCeiling();
}
@Override
public void deleteUserInquiry(PortalAuthenticatedUser user, String id) {
inquiryService.deleteMyInquiry(user, id);
}
// =====================================================================
// helpers
// =====================================================================
/** 요청 공개범위를 기본 ORG 로 두고 property 상한으로 clamp. */
private VisibilityScope clampedVisibility(String requested) {
VisibilityScope ceiling = inquiryService.getVisibilityCeiling();
VisibilityScope scope = VisibilityScope.fromString(requested, VisibilityScope.ORG);
return VisibilityScope.clampTo(scope, ceiling);
}
/** 비공개 게시물을 읽을 수 있는 사용자(작성자 본인 또는 같은 법인 관리자). */
private boolean canReadPrivate(PortalAuthenticatedUser user, Inquiry inquiry) {
PortalUser inquirer = inquiry.getInquirer();
if (inquirer == null || user == null) {
return false;
}
if (user.getId() != null && user.getId().equals(inquirer.getId())) {
return true;
}
return user.getRoleCode() == PortalUserEnums.RoleCode.ROLE_CORP_MANAGER
&& isSameOrg(user, inquirer);
}
private boolean isSameOrg(PortalAuthenticatedUser user, PortalUser inquirer) {
PortalOrg userOrg = user.getPortalOrg();
PortalOrg inquirerOrg = inquirer.getPortalOrg();
return userOrg != null && inquirerOrg != null
&& userOrg.getId() != null
&& userOrg.getId().equals(inquirerOrg.getId());
}
/** "이름 (법인명)" 조합. 법인명이 없으면 이름만. */
private String withOrgName(String name, PortalUser inquirer) {
PortalOrg org = inquirer.getPortalOrg();
if (org != null && org.getOrgName() != null && !org.getOrgName().isEmpty()) {
return name + " (" + org.getOrgName() + ")";
}
return name;
}
private boolean hasFile(MultipartFile file) {
return file != null && !file.isEmpty();
}
/** 이미지 확장자 검증 후 단일 파일 저장, fileId 반환. */
private String storeImage(String existingFileId, MultipartFile image) throws IOException {
String ext = FilenameUtils.getExtension(image.getOriginalFilename());
if (ext == null || !IMAGE_EXTENSIONS.contains(ext.toLowerCase())) {
throw new InvalidFileException("이미지 파일(jpg, jpeg, png, gif)만 첨부할 수 있습니다.");
}
FileInfo fileInfo = fileService.createOrUpdateSingleFile(
existingFileId, image, image.getOriginalFilename(), true);
return fileInfo.getFileId();
}
}
@@ -7,7 +7,9 @@ import com.eactive.apim.portal.common.user.PortalAuthenticatedUser;
import com.eactive.apim.portal.portalorg.entity.PortalOrg;
import com.eactive.apim.portal.portaluser.entity.PortalUser;
import com.eactive.apim.portal.portaluser.entity.PortalUserEnums;
import com.eactive.apim.portal.portalproperty.service.PortalPropertyService;
import com.eactive.apim.portal.qna.entity.Inquiry;
import com.eactive.apim.portal.qna.entity.VisibilityScope;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.data.jpa.domain.Specification;
@@ -19,10 +21,19 @@ import org.springframework.transaction.annotation.Transactional;
public class InquiryService {
public static final String PENDING = "PENDING";
private final InquiryRepository inquiryRepository;
public InquiryService(InquiryRepository inquiryRepository) {
/** 문의 공개범위 상한/기본값 property. */
private static final String PROP_GROUP = "Portal";
private static final String PROP_VISIBILITY_CEILING = "djb.inquiry.default-visibility";
private static final String PROP_VISIBILITY_DESC = "Q&A 문의 공개범위 상한/기본값 (ALL/ORG/PRIVATE)";
private final InquiryRepository inquiryRepository;
private final PortalPropertyService portalPropertyService;
public InquiryService(InquiryRepository inquiryRepository,
PortalPropertyService portalPropertyService) {
this.inquiryRepository = inquiryRepository;
this.portalPropertyService = portalPropertyService;
}
/**
@@ -75,6 +86,7 @@ public class InquiryService {
inquiry.setInquirySubject(updatedInquiry.getInquirySubject());
inquiry.setInquiryDetail(updatedInquiry.getInquiryDetail());
inquiry.setAttachFile(updatedInquiry.getAttachFile());
inquiry.setVisibility(updatedInquiry.getVisibility());
return inquiryRepository.save(inquiry);
}
@@ -112,12 +124,27 @@ public class InquiryService {
if (inquirer == null || user == null) {
return false;
}
// 작성자 본인은 공개범위와 무관하게 항상 접근 가능
if (user.getId() != null && user.getId().equals(inquirer.getId())) {
return true;
}
if (user.getRoleCode() == PortalUserEnums.RoleCode.ROLE_USER) {
return false;
VisibilityScope effective = effectiveVisibility(inquiry);
switch (effective) {
case ALL:
// 전체공개: 로그인 사용자면 접근 가능(@Secured 이미 인증됨)
return true;
case ORG:
return isSameOrg(user, inquirer);
case PRIVATE:
// 비공개: 본인 외에는 같은 법인 관리자만 열람
return isSameOrg(user, inquirer)
&& user.getRoleCode() == PortalUserEnums.RoleCode.ROLE_CORP_MANAGER;
default:
return false;
}
}
private boolean isSameOrg(PortalAuthenticatedUser user, PortalUser inquirer) {
PortalOrg userOrg = user.getPortalOrg();
PortalOrg inquirerOrg = inquirer.getPortalOrg();
return userOrg != null && inquirerOrg != null
@@ -125,4 +152,30 @@ public class InquiryService {
&& userOrg.getId().equals(inquirerOrg.getId());
}
/**
* 게시물의 유효 공개범위 = 저장값을 property 상한으로 clamp .
* (property 항상 우선하므로 저장값이 상한이라 넓더라도 -clamp)
*/
@Transactional(readOnly = true)
public VisibilityScope effectiveVisibility(Inquiry inquiry) {
return VisibilityScope.clampTo(inquiry.getVisibility(), getVisibilityCeiling());
}
/** PTL_PROPERTY 에 설정된 공개범위 상한(없으면 ORG). */
@Transactional(readOnly = true)
public VisibilityScope getVisibilityCeiling() {
String value = portalPropertyService.getOrCreateProperty(
PROP_GROUP, PROP_VISIBILITY_CEILING, VisibilityScope.ORG.name(), PROP_VISIBILITY_DESC);
return VisibilityScope.fromString(value, VisibilityScope.ORG);
}
/**
* 조회수 1 증가. sessionStorage dedup 통과한 POST 요청에서만 호출된다.
*/
public void incrementViewCount(String id) {
Inquiry inquiry = getInquiry(id);
inquiry.increaseViewCount();
inquiryRepository.save(inquiry);
}
}
@@ -23,6 +23,10 @@ public class UserSessionService {
private static final String PROPERTY_NAME = "session.timeout.minutes";
private static final String DEFAULT_TIMEOUT_MINUTES = "15";
/** 세션 유지(타임아웃 무시) 기능 활성화 여부 프로퍼티 (true/false). 비운영 전용 — prod 가드는 상위(GlobalControllerAdvice)에서 적용 */
private static final String KEEPALIVE_PROPERTY_NAME = "session.keepalive.enabled";
private static final String DEFAULT_KEEPALIVE_ENABLED = "false";
/** 논리적 만료(lastAccessTime + 타임아웃) 이후 물리적 삭제까지 두는 안전 마진(분) */
private static final long CLEANUP_MARGIN_MINUTES = 1;
@@ -133,6 +137,20 @@ public class UserSessionService {
}
}
/**
* DB(PortalProperty)에서 세션 유지(타임아웃 무시) 기능 활성화 여부 조회.
* prod 가드는 포함하지 않는다 prod 차단은 호출부(GlobalControllerAdvice)에서 {@code !prod && isKeepAliveEnabled()} 처리.
*/
public boolean isKeepAliveEnabled() {
String value = portalPropertyService.getOrCreateProperty(
PROPERTY_GROUP,
KEEPALIVE_PROPERTY_NAME,
DEFAULT_KEEPALIVE_ENABLED,
"세션 유지(타임아웃 무시) 기능 활성화 여부 (true/false, 비운영 전용)"
);
return value != null && Boolean.parseBoolean(value.trim());
}
/**
* 세션의 잔여 시간() 계산. 세션 레코드가 없으면 0.
*/
@@ -4,11 +4,13 @@ import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.core.env.Profiles;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ModelAttribute;
import com.eactive.apim.portal.portalproperty.service.PortalPropertyService;
import com.eactive.apim.portal.config.PortalProperties;
import com.eactive.apim.portal.apps.session.service.UserSessionService;
import com.eactive.apim.portal.common.security.ClientGuardService;
@ControllerAdvice
public class GlobalControllerAdvice {
@@ -16,15 +18,18 @@ public class GlobalControllerAdvice {
@Autowired
private PageService pageService;
@Autowired
private PortalPropertyService portalPropertyService;
@Autowired
private PortalProperties portalProperties;
@Autowired
private UserSessionService userSessionService;
@Autowired
private ClientGuardService clientGuardService;
@Autowired
private Environment environment;
@ModelAttribute("breadcrumb")
public List<Map> addBreadcrumbToModel(HttpServletRequest request) {
String currentPath = request.getRequestURI();
@@ -37,17 +42,6 @@ public class GlobalControllerAdvice {
return pageService.getPageName(currentPath);
}
@ModelAttribute("designSurveyEnabled")
public boolean isDesignSurveyEnabled() {
String value = portalPropertyService.getOrCreateProperty(
"Portal",
"ui.design-survey",
"false",
"네비게이션 바 디자인 설문 활성화 여부 (true/false)"
);
return "true".equalsIgnoreCase(value);
}
@ModelAttribute("showTestAuthNotice")
public boolean showTestAuthNotice() {
return portalProperties.isTestAuthNoticeEnabled();
@@ -70,4 +64,33 @@ public class GlobalControllerAdvice {
public int sessionTimeoutMinutes() {
return userSessionService.getSessionTimeoutMinutes();
}
/**
* 세션 유지(타임아웃 무시) 기능 사용 가능 여부.
* 비운영(!prod) + DB property(Portal/session.keepalive.enabled=Y) 때만 true.
* prod 환경에서는 property 값과 무관하게 항상 false UI 체크박스 미렌더.
*/
@ModelAttribute("sessionKeepAliveAllowed")
public boolean sessionKeepAliveAllowed() {
boolean prod = environment.acceptsProfiles(Profiles.of("prod"));
return !prod && userSessionService.isKeepAliveEnabled();
}
/**
* 클라이언트 가드 - 우클릭(contextmenu) 차단 활성화 여부.
* PortalProperty(Portal/djb.client-guard.contextmenu.enabled)에서 조회.
*/
@ModelAttribute("clientGuardContextmenu")
public boolean clientGuardContextmenu() {
return clientGuardService.isContextmenuBlockEnabled();
}
/**
* 클라이언트 가드 - DevTools 감지 화면 삭제 활성화 여부.
* PortalProperty(Portal/djb.client-guard.devtools.enabled)에서 조회.
*/
@ModelAttribute("clientGuardDevtools")
public boolean clientGuardDevtools() {
return clientGuardService.isDevtoolsGuardEnabled();
}
}
@@ -0,0 +1,42 @@
package com.eactive.apim.portal.common.security;
import com.eactive.apim.portal.portalproperty.service.PortalPropertyService;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;
/**
* 클라이언트측 하드닝(우클릭 차단 · DevTools 감지) 토글을 DB(PortalProperty)에서 조회한다.
*
* <p> 기능은 서로 독립된 property on/off 한다. group 기존 {@code Portal} 재사용하여
* {@link PortalPropertyService#getOrCreateProperty} 자동 생성이 동작하도록 한다.</p>
*
* <ul>
* <li>{@code djb.client-guard.contextmenu.enabled} - 우클릭(contextmenu) 차단</li>
* <li>{@code djb.client-guard.devtools.enabled} - DevTools 감지 화면 삭제</li>
* </ul>
*/
@Service
@RequiredArgsConstructor
public class ClientGuardService {
private static final String GROUP = "Portal";
private static final String NAME_CONTEXTMENU = "djb.client-guard.contextmenu.enabled";
private static final String NAME_DEVTOOLS = "djb.client-guard.devtools.enabled";
private final PortalPropertyService portalPropertyService;
/** 우클릭(contextmenu) 차단 활성화 여부 */
public boolean isContextmenuBlockEnabled() {
return read(NAME_CONTEXTMENU, "우클릭(contextmenu) 차단");
}
/** DevTools 감지 시 화면 삭제 활성화 여부 */
public boolean isDevtoolsGuardEnabled() {
return read(NAME_DEVTOOLS, "DevTools 감지 시 화면 삭제");
}
private boolean read(String name, String desc) {
return Boolean.parseBoolean(
portalPropertyService.getOrCreateProperty(GROUP, name, "false", desc).trim());
}
}
@@ -122,6 +122,10 @@ public class PortalAuthenticationSuccessHandler implements AuthenticationSuccess
userSessionService.registerSession(sessionId, String.valueOf(user.getId()), normalizedUsername,
clientIp, request.getHeader("User-Agent"));
// 물리 세션 타임아웃을 DB property(Portal/session.timeout.minutes) 일치시킴.
// yml/weblogic.xml 기본값을 세션에 대해 override 물리=논리 단일화(CSRF 수명 포함).
session.setMaxInactiveInterval(userSessionService.getSessionTimeoutMinutes() * 60);
// 로그인 성공 세션 정보 로깅
logLoginSuccess(request, session, username);
@@ -0,0 +1,55 @@
package com.eactive.apim.portal.config;
import com.eactive.apim.portal.portalproperty.repository.PortalPropertyRepository;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.boot.context.event.ApplicationReadyEvent;
import org.springframework.context.ApplicationListener;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;
import java.util.List;
/**
* 기동 PTL_PROPERTY 무결성 점검.
*
* <p>PTL_PROPERTY (PROPERTY_GROUP_NAME, PROPERTY_NAME) 조합이 유일해야 하지만, 운영 정책상
* DB에 유니크 제약을 걸지 않는다. 대신 부팅 완료 시점에 중복 키를 스캔하여 존재하면 ERROR 로그로
* 남긴다. (Spring Data 리포지토리는 인터페이스라 초기화 훅이 없어, 리포지토리를 사용하는 startup
* 리스너로 점검한다.)</p>
*
* <p>중복은 {@code getOrCreateProperty} 최초 조회가 동시 요청으로 경합할 각각 INSERT되며 생길
* 있다. 제약이 없으므로 중복 행은 자동 제거되지 않는다 로그를 보고 수동 정리해야 한다.</p>
*/
@Slf4j
@Component
@RequiredArgsConstructor
public class PortalPropertyDuplicateChecker implements ApplicationListener<ApplicationReadyEvent> {
private final PortalPropertyRepository portalPropertyRepository;
@Override
@Transactional(readOnly = true)
public void onApplicationEvent(ApplicationReadyEvent event) {
List<Object[]> duplicates;
try {
duplicates = portalPropertyRepository.findDuplicatePropertyKeys();
} catch (Exception e) {
log.error("[PortalProperty 무결성] 중복 점검 쿼리 실패", e);
return;
}
if (duplicates == null || duplicates.isEmpty()) {
log.info("[PortalProperty 무결성] (PROPERTY_GROUP_NAME, PROPERTY_NAME) 중복 없음");
return;
}
// 1) (group, name) 유일해야 한다
// 2) 중복된 목록을 남긴다
log.error("[PortalProperty 무결성] (PROPERTY_GROUP_NAME, PROPERTY_NAME) 조합은 유일해야 합니다. "
+ "DB 유니크 제약이 없어 중복 {}건이 방치되어 있습니다. 수동 정리 필요:", duplicates.size());
for (Object[] row : duplicates) {
log.error(" - PROPERTY_GROUP_NAME='{}', PROPERTY_NAME='{}', count={}", row[0], row[1], row[2]);
}
}
}
@@ -43,7 +43,8 @@ public class InquiryCommentController {
public ResponseEntity<InquiryCommentDTO> create(@PathVariable String inquiryId,
@Valid @RequestBody InquiryCommentCreateRequest request) {
PortalAuthenticatedUser current = SecurityUtil.getPortalAuthenticatedUser();
InquiryCommentDTO created = inquiryCommentFacade.createUserComment(inquiryId, request.getContent(), current);
InquiryCommentDTO created = inquiryCommentFacade.createUserComment(
inquiryId, request.getContent(), request.getVisibility(), current);
return ResponseEntity.ok(created);
}
@@ -11,4 +11,7 @@ public class InquiryCommentCreateRequest {
@NotBlank(message = "댓글 내용을 입력해주세요.")
@Size(max = 2000, message = "댓글은 2000자를 초과할 수 없습니다.")
private String content;
/** 공개범위(ALL=공개, PRIVATE=비공개). 미지정 시 공개. */
private String visibility;
}
@@ -26,4 +26,13 @@ public class InquiryCommentDTO {
private LocalDateTime createdDate;
private boolean deletable;
/** 공개범위(ALL/PRIVATE). */
private String visibility;
/** 비공개 댓글 여부 — 허용 독자에게는 "비공개" 태그로 표시. */
private boolean privateComment;
/** 비공개 댓글이지만 열람 권한이 없어 "비공개 댓글"로만 노출되는지 여부. */
private boolean privatePlaceholder;
}
@@ -11,7 +11,7 @@ public interface InquiryCommentFacade {
List<InquiryCommentDTO> getComments(String inquiryId, PortalAuthenticatedUser current);
InquiryCommentDTO createUserComment(String inquiryId, String content, PortalAuthenticatedUser current);
InquiryCommentDTO createUserComment(String inquiryId, String content, String visibility, PortalAuthenticatedUser current);
void deleteOwnComment(String commentId, PortalAuthenticatedUser current);
@@ -3,15 +3,19 @@ package com.eactive.apim.portal.djb.community.qna.comment.service;
import com.eactive.apim.portal.apps.community.qna.service.InquiryService;
import com.eactive.apim.portal.common.exception.NotFoundException;
import com.eactive.apim.portal.common.user.PortalAuthenticatedUser;
import com.eactive.apim.portal.common.util.StringMaskingUtil;
import com.eactive.apim.portal.djb.community.qna.comment.dto.InquiryCommentDTO;
import com.eactive.apim.portal.djb.community.qna.comment.repository.InquiryCommentRepository;
import com.eactive.apim.portal.djb.community.qna.comment.repository.UserInfoRepository;
import com.eactive.apim.portal.djb.community.qna.constant.DjbInquiryStatus;
import com.eactive.apim.portal.djb.community.qna.support.InquiryCommentPermissionChecker;
import com.eactive.apim.portal.portalorg.entity.PortalOrg;
import com.eactive.apim.portal.portaluser.entity.PortalUser;
import com.eactive.apim.portal.portaluser.entity.PortalUserEnums;
import com.eactive.apim.portal.portaluser.repository.PortalUserRepository;
import com.eactive.apim.portal.qna.entity.Inquiry;
import com.eactive.apim.portal.qna.entity.InquiryComment;
import com.eactive.apim.portal.qna.entity.VisibilityScope;
import com.eactive.apim.portal.template.entity.MessageCode;
import com.eactive.apim.portal.user.entity.UserInfo;
import lombok.RequiredArgsConstructor;
@@ -37,6 +41,7 @@ public class InquiryCommentFacadeImpl implements InquiryCommentFacade {
private static final String ADMIN_N = "N";
private static final String DEL_N = "N";
private static final String UNKNOWN_WRITER = "(알 수 없음)";
private final InquiryService inquiryService;
private final InquiryCommentService commentService;
@@ -51,21 +56,24 @@ public class InquiryCommentFacadeImpl implements InquiryCommentFacade {
public List<InquiryCommentDTO> getComments(String inquiryId, PortalAuthenticatedUser current) {
inquiryService.getAccessibleInquiry(current, inquiryId);
List<InquiryComment> comments = commentService.findActiveByInquiryId(inquiryId);
Map<String, String> writerNames = resolveWriterNames(comments);
Map<String, Writer> writers = resolveWriters(comments);
return comments.stream()
.map(c -> toDto(c, current, writerNames))
.map(c -> toDto(c, current, writers))
.collect(Collectors.toList());
}
@Override
public InquiryCommentDTO createUserComment(String inquiryId, String content, PortalAuthenticatedUser current) {
public InquiryCommentDTO createUserComment(String inquiryId, String content, String visibility, PortalAuthenticatedUser current) {
Inquiry inquiry = inquiryService.getAccessibleInquiry(current, inquiryId);
permissionChecker.assertWritable(inquiry);
InquiryComment saved = commentService.create(inquiry, content, ADMIN_N);
// 댓글은 공개(ALL)/비공개(PRIVATE) 2단계만 지원
VisibilityScope scope = VisibilityScope.PRIVATE == VisibilityScope.fromString(visibility, VisibilityScope.ALL)
? VisibilityScope.PRIVATE : VisibilityScope.ALL;
InquiryComment saved = commentService.create(inquiry, content, ADMIN_N, scope);
publishAdminNotification(inquiry, saved, current);
Map<String, String> writerNames = new HashMap<>();
writerNames.put(current.getId(), current.getUserName());
return toDto(saved, current, writerNames);
Map<String, Writer> writers = new HashMap<>();
writers.put(current.getId(), currentWriter(current));
return toDto(saved, current, writers);
}
@Override
@@ -102,7 +110,7 @@ public class InquiryCommentFacadeImpl implements InquiryCommentFacade {
adminNotifier.notifyPortalAdmins(MessageCode.INQUIRY_COMMENT_CREATED, params);
}
private Map<String, String> resolveWriterNames(List<InquiryComment> comments) {
private Map<String, Writer> resolveWriters(List<InquiryComment> comments) {
Set<String> ids = new HashSet<>();
for (InquiryComment c : comments) {
String createdBy = c.getCreatedBy();
@@ -110,11 +118,11 @@ public class InquiryCommentFacadeImpl implements InquiryCommentFacade {
ids.add(createdBy);
}
}
Map<String, String> map = new HashMap<>();
Map<String, Writer> map = new HashMap<>();
for (String id : ids) {
String name = lookupWriterName(id);
if (name != null && !name.isEmpty()) {
map.put(id, name);
Writer writer = lookupWriter(id);
if (writer != null && writer.name != null && !writer.name.isEmpty()) {
map.put(id, writer);
} else {
log.warn("댓글 작성자명 조회 실패 — createdBy={}, isUuid={}", id, isUuid(id));
}
@@ -122,23 +130,35 @@ public class InquiryCommentFacadeImpl implements InquiryCommentFacade {
return map;
}
private String lookupWriterName(String createdBy) {
private Writer lookupWriter(String createdBy) {
if (isUuid(createdBy)) {
String name = portalUserRepository.findById(createdBy)
.map(PortalUser::getUserName).orElse(null);
if (name != null && !name.isEmpty()) {
return name;
PortalUser portalUser = portalUserRepository.findById(createdBy).orElse(null);
if (portalUser != null && portalUser.getUserName() != null && !portalUser.getUserName().isEmpty()) {
return toWriter(portalUser);
}
return userInfoRepository.findById(createdBy)
.map(UserInfo::getUsername).orElse(null);
UserInfo userInfo = userInfoRepository.findById(createdBy).orElse(null);
return userInfo != null ? new Writer(userInfo.getUsername(), null, null) : null;
}
String name = userInfoRepository.findById(createdBy)
.map(UserInfo::getUsername).orElse(null);
if (name != null && !name.isEmpty()) {
return name;
UserInfo userInfo = userInfoRepository.findById(createdBy).orElse(null);
if (userInfo != null && userInfo.getUsername() != null && !userInfo.getUsername().isEmpty()) {
return new Writer(userInfo.getUsername(), null, null);
}
return portalUserRepository.findById(createdBy)
.map(PortalUser::getUserName).orElse(null);
PortalUser portalUser = portalUserRepository.findById(createdBy).orElse(null);
return portalUser != null ? toWriter(portalUser) : null;
}
private Writer toWriter(PortalUser portalUser) {
PortalOrg org = portalUser.getPortalOrg();
return new Writer(portalUser.getUserName(),
org != null ? org.getId() : null,
org != null ? org.getOrgName() : null);
}
private Writer currentWriter(PortalAuthenticatedUser current) {
PortalOrg org = current.getPortalOrg();
return new Writer(current.getUserName(),
org != null ? org.getId() : null,
org != null ? org.getOrgName() : null);
}
private boolean isUuid(String value) {
@@ -154,15 +174,50 @@ public class InquiryCommentFacadeImpl implements InquiryCommentFacade {
}
private InquiryCommentDTO toDto(InquiryComment entity, PortalAuthenticatedUser current,
Map<String, String> writerNames) {
Map<String, Writer> writers) {
String writerId = entity.getCreatedBy();
boolean deletable = writerId != null
&& writerId.equals(current.getId())
boolean isAdmin = "Y".equals(entity.getAdminYn());
boolean isPrivate = entity.isPrivate();
boolean owner = writerId != null && writerId.equals(current.getId());
Writer writer = writerId != null ? writers.get(writerId) : null;
// 비공개 댓글 열람 권한: 관리자 댓글은 대상 아님, 작성자 본인 또는 같은 법인 관리자만
boolean canSee = owner || canSeePrivate(current, writer);
String scopeName = entity.getVisibility() != null ? entity.getVisibility().name() : VisibilityScope.ALL.name();
if (isPrivate && !canSee) {
// 열람 권한 없는 비공개 댓글 "비공개 댓글"로만 노출, 작성자 신원 숨김
return InquiryCommentDTO.builder()
.id(entity.getId())
.content("비공개 댓글")
.writerId(null)
.writerName("비공개")
.adminYn(entity.getAdminYn())
.createdDate(entity.getCreatedDate())
.deletable(false)
.visibility(scopeName)
.privateComment(true)
.privatePlaceholder(true)
.build();
}
boolean deletable = owner
&& entity.getInquiry() != null
&& !DjbInquiryStatus.isClosed(entity.getInquiry().getInquiryStatus());
String writerName = writerId != null ? writerNames.get(writerId) : null;
if (writerName == null || writerName.isEmpty()) {
writerName = "(알 수 없음)";
String writerName;
if (isAdmin) {
// 관리자 댓글은 실명 대신 "관리자"로만 표기 (신원 비노출)
writerName = "관리자";
} else {
String base = writer != null ? writer.name : null;
String masked = StringMaskingUtil.maskName(base, writerId, current.getId());
if (masked == null || masked.isEmpty()) {
masked = UNKNOWN_WRITER;
}
writerName = (writer != null && writer.orgName != null && !writer.orgName.isEmpty())
? masked + " (" + writer.orgName + ")"
: masked;
}
return InquiryCommentDTO.builder()
.id(entity.getId())
@@ -172,6 +227,34 @@ public class InquiryCommentFacadeImpl implements InquiryCommentFacade {
.adminYn(entity.getAdminYn())
.createdDate(entity.getCreatedDate())
.deletable(deletable)
.visibility(scopeName)
.privateComment(isPrivate)
.privatePlaceholder(false)
.build();
}
/** 비공개 댓글을 볼 수 있는 같은 법인 관리자 여부. */
private boolean canSeePrivate(PortalAuthenticatedUser current, Writer writer) {
if (writer == null || writer.orgId == null) {
return false;
}
if (current.getRoleCode() != PortalUserEnums.RoleCode.ROLE_CORP_MANAGER) {
return false;
}
PortalOrg org = current.getPortalOrg();
return org != null && org.getId() != null && org.getId().equals(writer.orgId);
}
/** 댓글 작성자 정보(이름/법인). */
private static final class Writer {
private final String name;
private final String orgId;
private final String orgName;
private Writer(String name, String orgId, String orgName) {
this.name = name;
this.orgId = orgId;
this.orgName = orgName;
}
}
}
@@ -4,6 +4,7 @@ import com.eactive.apim.portal.common.exception.NotFoundException;
import com.eactive.apim.portal.djb.community.qna.comment.repository.InquiryCommentRepository;
import com.eactive.apim.portal.qna.entity.Inquiry;
import com.eactive.apim.portal.qna.entity.InquiryComment;
import com.eactive.apim.portal.qna.entity.VisibilityScope;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@@ -25,12 +26,13 @@ public class InquiryCommentService {
return repository.findByInquiry_IdAndDelYnOrderByCreatedDateAsc(inquiryId, DEL_N);
}
public InquiryComment create(Inquiry inquiry, String content, String adminYn) {
public InquiryComment create(Inquiry inquiry, String content, String adminYn, VisibilityScope visibility) {
InquiryComment comment = new InquiryComment();
comment.setInquiry(inquiry);
comment.setCommentDetail(content);
comment.setAdminYn(adminYn);
comment.setDelYn(DEL_N);
comment.setVisibility(visibility != null ? visibility : VisibilityScope.ALL);
return repository.save(comment);
}
@@ -3,6 +3,7 @@ package com.eactive.apim.portal.djb.community.qna.constant;
public final class DjbInquiryStatus {
public static final String PENDING = "PENDING";
public static final String REVIEWING = "REVIEWING";
public static final String RESPONDED = "RESPONDED";
public static final String CLOSED = "CLOSED";
@@ -12,4 +13,37 @@ public final class DjbInquiryStatus {
public static boolean isClosed(String status) {
return CLOSED.equals(status);
}
/**
* 상태 코드에 대응하는 사용자 노출용 한글명을 반환한다.
* (미매칭/null은 대기 상태로 간주)
*/
public static String displayName(String status) {
if (RESPONDED.equals(status)) {
return "답변완료";
}
if (CLOSED.equals(status)) {
return "종료";
}
if (REVIEWING.equals(status)) {
return "검토중";
}
return "답변대기"; // PENDING 기본값
}
/**
* 상태 코드에 대응하는 배지 CSS modifier 클래스를 반환한다.
*/
public static String badgeClass(String status) {
if (RESPONDED.equals(status)) {
return "inquiry-status-badge--completed";
}
if (CLOSED.equals(status)) {
return "inquiry-status-badge--closed";
}
if (REVIEWING.equals(status)) {
return "inquiry-status-badge--reviewing";
}
return "inquiry-status-badge--pending"; // PENDING 기본값
}
}
+2 -2
View File
@@ -7,8 +7,8 @@ spring:
jpa:
properties:
hibernate:
show_sql: true
format_sql: true
show_sql: false
format_sql: false
use_sql_comments: true
devtools:
restart:
+9 -5
View File
@@ -2,9 +2,13 @@ server:
servlet:
context-path: /
session:
timeout: 10m
# 물리 세션 타임아웃은 DB PortalProperty(Portal/session.timeout.minutes)로 관리한다.
# 로그인 성공 시 PortalAuthenticationSuccessHandler 가
# session.setMaxInactiveInterval(session.timeout.minutes * 60) 으로 적용 → 물리=논리 일치.
# 익명/로그인 전 세션은 컨테이너 기본값으로 fallback (weblogic.xml <timeout-secs>1800).
# timeout: 10m
cookie:
name: PORTAL_JSESSIONID
name: JSESSIONID_PORTAL
encoding:
charset: UTF-8
port: '39130'
@@ -314,6 +318,9 @@ page:
faq_list:
name: FAQ
path: "/faq_list"
faq_detail:
name: FAQ
path: "/faq_view"
inquiry:
name: "Q&A"
path: "/inquiry"
@@ -378,9 +385,6 @@ page:
myapikey_modify_step3:
name: "앱 수정 요청 완료"
path: "/myapikey/modify/step3"
commission:
name: "과금 관리"
path: "/commission/manage"
api_statistics:
name: "이용 통계"
path: "/statistics/api"
+150 -411
View File
@@ -663,75 +663,6 @@ hr {
--shadow-xl: 0 16px 40px rgba(75, 155, 255, 0.2);
}
.design-survey-bar {
position: fixed;
top: 0;
left: 0;
right: 0;
height: 48px;
background: linear-gradient(90deg, #667eea 0%, #764ba2 100%);
z-index: 400;
display: flex;
align-items: center;
justify-content: center;
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
}
.design-survey-bar .survey-container {
display: flex;
align-items: center;
gap: 16px;
}
.design-survey-bar .survey-label {
color: #ffffff;
font-size: 14px;
font-weight: 500;
}
.design-survey-bar .survey-buttons {
display: flex;
gap: 8px;
}
.design-survey-bar .survey-btn {
padding: 6px 16px;
border: 2px solid rgba(255, 255, 255, 0.5);
border-radius: 20px;
background: transparent;
color: #ffffff;
font-size: 14px;
font-weight: 600;
cursor: pointer;
transition: all 0.3s ease;
}
.design-survey-bar .survey-btn:hover {
background: rgba(255, 255, 255, 0.2);
border-color: #ffffff;
}
.design-survey-bar .survey-btn.active {
background: #ffffff;
color: #667eea;
border-color: #ffffff;
}
@media (max-width: 768px) {
.design-survey-bar {
height: 40px;
}
.design-survey-bar .survey-label {
display: none;
}
.design-survey-bar .survey-btn {
padding: 4px 12px;
font-size: 12px;
}
}
body.design-survey-active .global-header {
margin-top: 48px;
}
@media (max-width: 768px) {
body.design-survey-active .global-header {
margin-top: 40px;
}
}
.blind {
position: absolute;
width: 1px;
@@ -5333,14 +5264,44 @@ select.form-control {
font-weight: 700;
}
.session-timer-mobile {
margin-right: 8px;
font-size: 12px;
.session-float {
position: fixed;
top: 16px;
right: 20px;
z-index: 1000;
display: flex;
align-items: center;
gap: 8px;
padding: 6px 14px;
background: #fff;
border: 1px solid #e0e0e0;
border-radius: 20px;
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.12);
}
.session-timer-mobile .session-timer-text {
min-width: 34px;
.session-float .session-keepalive {
display: inline-flex;
align-items: center;
gap: 4px;
margin: 0;
padding-left: 8px;
border-left: 1px solid #e0e0e0;
font-size: 12px;
color: #64748B;
cursor: pointer;
white-space: nowrap;
}
.session-float .session-keepalive input {
margin: 0;
cursor: pointer;
}
@media (max-width: 768px) {
.session-float {
top: 12px;
right: 72px;
padding: 4px 10px;
}
}
.data-table {
width: 100%;
background: #FFFFFF;
@@ -6973,6 +6934,37 @@ button.djb-comment-submit:disabled {
font-size: 13px;
}
.djb-comment-private-toggle {
display: inline-flex;
align-items: center;
gap: 4px;
margin-right: auto;
color: #6B7280;
font-size: 13px;
cursor: pointer;
}
.djb-comment-private-tag {
display: inline-block;
margin-left: 6px;
padding: 1px 8px;
border-radius: 10px;
background-color: #FEF3C7;
color: #92400E;
font-size: 11px;
vertical-align: middle;
}
.djb-comment-item--private {
background-color: #FFFBEB;
}
.djb-comment-item--private-hidden .djb-comment-body,
.djb-comment-item--private-hidden .djb-comment-writer {
color: #9CA3AF;
font-style: italic;
}
.hero-carousel-section {
position: relative;
width: 100%;
@@ -15715,6 +15707,87 @@ input[type=checkbox]:checked + .custom-checkbox {
}
}
.list-table-row--private {
opacity: 0.55;
cursor: default;
}
.list-table-row--private .inquiry-private-label {
color: #94A3B8;
font-style: italic;
}
.notice-title-link--disabled {
pointer-events: none;
cursor: default;
}
.inquiry-detail-views {
color: #94A3B8;
font-size: 13px;
}
.inquiry-detail-attach {
margin-top: 16px;
}
.inquiry-detail-attach .inquiry-attach-link {
display: inline-flex;
align-items: center;
gap: 6px;
padding: 8px 14px;
border: 1px solid #CBD5E1;
border-radius: 6px;
color: #1E40AF;
font-size: 13px;
text-decoration: none;
}
.inquiry-detail-attach .inquiry-attach-link:hover {
background-color: #F1F5F9;
}
.row-cell--writer {
flex-direction: column;
justify-content: center;
line-height: 1.3;
}
.row-cell--writer .inquiry-writer-org {
color: #94A3B8;
font-size: 12px;
}
.inquiry-visibility-notice {
margin-left: 12px;
font-size: 13px;
font-weight: normal;
color: #64748B;
}
.list-table-body .inquiry-status-badge {
height: 24px;
padding: 0 10px;
font-size: 12px;
}
.inquiry-lock-icon {
vertical-align: -2px;
margin-right: 3px;
color: #64748B;
}
.inquiry-detail-visibility {
display: inline-flex;
align-items: center;
gap: 2px;
color: #64748B;
font-size: 13px;
}
.inquiry-detail-visibility--private {
color: #c0392b;
font-weight: 600;
}
.inquiry-detail-visibility--private .inquiry-lock-icon {
color: #c0392b;
}
.org-register-page {
min-height: 100vh;
padding: 0;
@@ -17077,6 +17150,9 @@ input[type=checkbox]:checked + .custom-checkbox {
.inquiry-status-badge--pending {
background-color: #8c959f;
}
.inquiry-status-badge--reviewing {
background-color: #e08e0b;
}
.inquiry-status-badge--closed {
background-color: #4a5560;
}
@@ -17578,343 +17654,6 @@ input[type=checkbox]:checked + .custom-checkbox {
transform: translateY(4px);
}
.commission-container {
max-width: 1400px;
margin: 0 auto;
}
.wrap {
max-width: 1400px;
margin: 0 auto;
background: #FFFFFF;
padding: 24px;
border-radius: 8px;
box-shadow: 0 4px 12px rgba(75, 155, 255, 0.1);
}
.searchInfo {
display: inline-block;
margin-right: 8px;
margin-bottom: 16px;
}
.searchBox {
background: #f8f9fa;
padding: 20px;
border-radius: 8px;
margin-bottom: 20px;
}
.searchBox.row-two {
display: flex;
align-items: center;
gap: 20px;
flex-wrap: wrap;
}
.searchBox label {
font-weight: 500;
color: #1A1A2E;
min-width: 80px;
}
.searchBox .form-control {
padding: 6px 12px;
border: 1px solid #E2E8F0;
border-radius: 6px;
font-size: 14px;
min-width: 100px;
}
.form-inline {
display: flex;
align-items: center;
gap: 10px;
}
.form-inline .period-selects {
display: flex;
align-items: center;
gap: 10px;
}
.form-inline .period-selects .period-unit {
margin-right: 10px;
}
.btnBox {
margin-left: auto;
}
.btnBox .btn + .btn {
margin-left: 5px;
}
#printBtn {
display: none;
}
.commission-notice {
color: #dc3545;
margin-top: 30px;
line-height: 1.6;
}
.voffset3 {
margin-top: 30px;
}
.color_red {
color: #FF6B6B;
}
.color_blue {
color: #007bff;
}
.color_darkRed {
color: #8b0000;
}
.table-responsive {
overflow-x: auto;
margin-top: 30px;
}
.table {
width: 100%;
border-collapse: collapse;
font-size: 14px;
}
.table th {
background: #F8FAFC;
font-weight: 500;
color: #1A1A2E;
padding: 16px;
text-align: center;
border: 1px solid #E2E8F0;
}
.table td {
padding: 16px;
text-align: center;
border: 1px solid #E2E8F0;
}
.table-bordered {
border: 1px solid #E2E8F0;
}
.table-bordered th,
.table-bordered td {
border: 1px solid #E2E8F0;
}
.border-type {
border: 2px solid #dee2e6;
}
.commission-table-wrapper {
margin-top: 30px;
}
.commission-table-wrapper .table {
border: 2px solid #dee2e6;
}
.summary-row {
background-color: #fff3cd !important;
}
.summary-row td {
font-weight: 600;
}
.summary-row .summary-amount {
font-size: 16px;
color: #007bff;
}
.text-center {
text-align: center;
}
.text-right {
text-align: right;
}
.text-left {
text-align: left;
}
.bg-warning {
background-color: #fff3cd !important;
}
.glyphicon-search::before {
content: "🔍";
}
.info-table {
border-top: 10px solid #64748B;
width: 100%;
border-bottom: 2px solid #1A1A2E;
margin-bottom: 40px;
}
.info-table th {
text-align: left;
padding: 16px 24px;
font-weight: 600;
background: none;
border: none;
}
.info-table td {
padding: 16px 24px;
border: none;
}
.commission-table {
width: 100%;
margin-top: 40px;
}
.commission-table th,
.commission-table td {
border: 1px solid #999 !important;
padding: 16px 24px;
}
.commission-table td {
text-align: right;
}
.bg_ygreen {
background-color: aquamarine;
text-align: center;
}
.bg_skyBlue {
background-color: skyblue;
text-align: center;
}
.bg_yellow {
background-color: yellow;
text-align: center;
}
@media print {
body {
padding: 0;
background: #FFFFFF;
}
.searchBox,
.searchInfo,
#printButton,
#backButton,
#printBtn {
display: none !important;
}
@page {
size: auto;
margin: 0 0cm;
}
html {
margin: 0 0cm;
}
}
@media screen and (max-width: 1024px) {
.wrap {
padding: 16px;
}
.searchBox {
padding: 16px;
}
.searchBox.row-two {
flex-direction: column;
align-items: flex-start;
gap: 16px;
}
.form-inline {
width: 100%;
flex-direction: column;
align-items: flex-start;
}
.form-inline label {
min-width: auto;
margin-bottom: 4px;
}
.form-inline .form-control {
width: 100%;
}
.form-inline--period .period-selects {
display: flex;
flex-direction: row;
align-items: center;
gap: 8px;
width: 100%;
}
.form-inline--period .period-selects .form-control {
flex: 1;
min-width: 0;
}
.form-inline--period .period-selects .period-unit {
flex-shrink: 0;
font-size: 14px;
color: #1A1A2E;
}
.btnBox {
margin-left: 0;
width: 100%;
}
.btnBox .btn {
width: 100%;
display: flex;
justify-content: center;
align-items: center;
}
.table-responsive {
overflow-x: scroll;
-webkit-overflow-scrolling: touch;
}
}
body.commission-print-page {
font-size: 12px;
width: 600px;
margin: 90px;
font-family: "Spoqa Han Sans Neo", "SpoqaHanSans", "Noto Sans KR", -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif;
}
body.commission-print-page div {
position: relative;
}
body.commission-print-page table {
border-collapse: collapse;
}
body.commission-print-page table th,
body.commission-print-page table td {
padding: 5px 10px;
}
body.commission-print-page table tr {
font-size: 12px;
}
body.commission-print-page h1 {
text-align: center;
}
body.commission-print-page h1 img {
width: 300px;
}
body.commission-print-page h2 {
margin-top: 40px;
float: left;
}
body.commission-print-page p {
line-height: 1.6;
}
body.commission-print-page p[style*="float: right"] {
margin-top: 25px;
}
body.commission-print-page .btn {
padding: 8px 16px;
border: none;
border-radius: 4px;
cursor: pointer;
font-size: 14px;
}
body.commission-print-page .btn-primary {
background: #667eea;
color: white;
}
body.commission-print-page .btn-primary:hover {
background: #5a67d8;
}
.terms-page {
min-height: calc(100vh - 140px);
background: #F8FAFC;
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
Binary file not shown.

After

Width:  |  Height:  |  Size: 1.6 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.1 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 6.8 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.3 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.6 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.1 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 26 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.6 KiB

@@ -0,0 +1,60 @@
/**
* client-guard.js
*
* 클라이언트측 하드닝. 서버가 내려준 window.__CLIENT_GUARD__ 플래그에 따라 기능을 독립 적용한다.
* - contextmenu: 우클릭(컨텍스트 메뉴) 차단
* - devtools : 크기 휴리스틱으로 DevTools 열림 감지 화면 전체 요소 영구 삭제
*
* 주의(한계): 크기 휴리스틱은 오탐/미탐이 있다(·북마크바·사이드패널·좁은창=오탐, undock =미탐).
* JS 비활성화·breakpoint·DOM 편집으로 우회 가능하므로 실질 보안이 아니라 억제용 데코이다.
*/
(function () {
'use strict';
var cfg = window.__CLIENT_GUARD__ || {};
// ── 우클릭(contextmenu) 차단 ─────────────────────────────────────────
if (cfg.contextmenu) {
document.addEventListener('contextmenu', function (e) {
e.preventDefault();
}, true);
}
// ── DevTools 감지 → 화면 영구 삭제 ───────────────────────────────────
if (cfg.devtools) {
var THRESHOLD = 160; // 도킹된 DevTools 패널이 차지하는 최소 폭/높이(px) 추정값
var POLL_MS = 500;
var wiped = false;
function isDevtoolsOpen() {
var widthGap = window.outerWidth - window.innerWidth;
var heightGap = window.outerHeight - window.innerHeight;
return widthGap > THRESHOLD || heightGap > THRESHOLD;
}
function wipe() {
if (wiped) {
return;
}
wiped = true;
// 화면 전체 요소 영구 삭제 (닫아도 복구되지 않음, 새로고침 필요)
try {
document.documentElement.replaceChildren();
} catch (ignore) {
if (document.body) {
document.body.innerHTML = '';
}
}
}
function check() {
if (!wiped && isDevtoolsOpen()) {
wipe();
}
}
window.setInterval(check, POLL_MS);
window.addEventListener('resize', check);
check();
}
})();
@@ -12,6 +12,7 @@
const formEl = document.getElementById('djbCommentForm');
const inputEl = document.getElementById('djbCommentInput');
const counterEl = document.getElementById('djbCommentCharCounter');
const privateEl = document.getElementById('djbCommentPrivate');
function getCsrfToken() {
// 세션 기반 CSRF: 쿠키 대신 <meta name="_csrf">에서 토큰을 읽는다.
@@ -74,13 +75,25 @@
}
comments.forEach(function (c) {
const li = document.createElement('li');
li.className = 'djb-comment-item' + (c.adminYn === 'Y' ? ' djb-comment-item--admin' : '');
var cls = 'djb-comment-item';
if (c.adminYn === 'Y') cls += ' djb-comment-item--admin';
if (c.privatePlaceholder) cls += ' djb-comment-item--private-hidden';
else if (c.privateComment) cls += ' djb-comment-item--private';
li.className = cls;
li.setAttribute('data-comment-id', c.id);
var writerHtml = (c.adminYn === 'Y')
? '<span class="djb-comment-admin-badge">관리자</span>'
: '<span class="djb-comment-writer">' + escapeHtml(c.writerName || '(알 수 없음)') + '</span>';
// 비공개 댓글(열람 권한 있는 경우)에는 "비공개" 태그 표시
var privateTag = (c.privateComment && !c.privatePlaceholder)
? '<span class="djb-comment-private-tag">비공개</span>' : '';
li.innerHTML = ''
+ '<div class="djb-comment-meta">'
+ ' <div class="djb-comment-meta-left">'
+ ' <span class="djb-comment-writer">' + escapeHtml(c.writerName || '(알 수 없음)') + '</span>'
+ (c.adminYn === 'Y' ? ' <span class="djb-comment-admin-badge">관리자</span>' : '')
+ writerHtml
+ privateTag
+ ' </div>'
+ ' <div class="djb-comment-meta-right">'
+ ' <span class="djb-comment-date">' + escapeHtml(formatDate(c.createdDate)) + '</span>'
@@ -111,9 +124,10 @@
inputEl.focus();
return;
}
var visibility = (privateEl && privateEl.checked) ? 'PRIVATE' : 'ALL';
fetchJson('/djb/inquiry/' + encodeURIComponent(inquiryId) + '/comments', {
method: 'POST',
body: JSON.stringify({ content: content })
body: JSON.stringify({ content: content, visibility: visibility })
})
.then(function (res) {
if (res.status === 409) throw new Error('종료된 문의에는 댓글을 작성할 수 없습니다.');
@@ -122,6 +136,7 @@
})
.then(function () {
inputEl.value = '';
if (privateEl) privateEl.checked = false;
updateCounter();
load();
})
@@ -0,0 +1,35 @@
(function () {
'use strict';
// 조회수 비정상 증가 억제: sessionStorage 로 한 세션 내 중복 증가 방지.
var container = document.querySelector('.inquiry-detail-container[data-inquiry-id]');
if (!container) return;
var inquiryId = container.getAttribute('data-inquiry-id');
if (!inquiryId) return;
var viewedKey = 'inquiry_viewed_' + inquiryId;
if (sessionStorage.getItem(viewedKey)) {
return; // 이미 이번 세션에서 조회 → 증가하지 않음
}
function getCsrfToken() {
// 세션 기반 CSRF: 쿠키 대신 <meta name="_csrf">에서 토큰을 읽는다.
var meta = document.querySelector('meta[name="_csrf"]');
return meta ? meta.getAttribute('content') : '';
}
fetch('/inquiry/' + encodeURIComponent(inquiryId) + '/view', {
method: 'POST',
credentials: 'same-origin',
headers: { 'X-XSRF-TOKEN': getCsrfToken() }
})
.then(function (res) {
if (res.ok) {
sessionStorage.setItem(viewedKey, 'true');
}
})
.catch(function (err) {
console.error('[inquiry-view] increment error', err);
});
})();
@@ -254,3 +254,41 @@ button.djb-comment-submit {
color: #6B7280;
font-size: 13px;
}
// 260710 댓글 공개범위
// 작성 비공개 토글
.djb-comment-private-toggle {
display: inline-flex;
align-items: center;
gap: 4px;
margin-right: auto;
color: #6B7280;
font-size: 13px;
cursor: pointer;
}
// 비공개 댓글 태그 (열람 권한 있는 사용자에게 표시)
.djb-comment-private-tag {
display: inline-block;
margin-left: 6px;
padding: 1px 8px;
border-radius: 10px;
background-color: #FEF3C7;
color: #92400E;
font-size: 11px;
vertical-align: middle;
}
// 비공개 댓글 (열람 권한 있음) 배경 강조
.djb-comment-item--private {
background-color: #FFFBEB;
}
// 열람 권한 없는 비공개 댓글 (placeholder)
.djb-comment-item--private-hidden {
.djb-comment-body,
.djb-comment-writer {
color: #9CA3AF;
font-style: italic;
}
}
@@ -32,12 +32,51 @@
}
}
// 모바일 헤더(햄버거 버튼 좌측) 타이머
.session-timer-mobile {
margin-right: $spacing-sm;
font-size: $font-size-xs;
// -----------------------------------------------------------------------------
// 우측 상단 Float 세션 타이머 위젯
// 데스크톱: 헤더 우측(유저 메뉴 우측) 상단 정렬로 고정(fixed).
// 모바일: 헤더 우측 햄버거(메뉴 버튼) 바로 왼쪽에 배치.
// -----------------------------------------------------------------------------
.session-float {
position: fixed;
top: 16px;
right: 20px;
z-index: 1000;
display: flex;
align-items: center;
gap: $spacing-sm;
padding: 6px 14px;
background: #fff;
border: 1px solid #e0e0e0;
border-radius: 20px;
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.12);
.session-timer-text {
min-width: 34px;
// 세션 유지 체크박스 (비운영 전용, 조건부 렌더)
.session-keepalive {
display: inline-flex;
align-items: center;
gap: 4px;
margin: 0;
padding-left: 8px;
border-left: 1px solid #e0e0e0;
font-size: $font-size-xs;
color: $text-gray;
cursor: pointer;
white-space: nowrap;
input {
margin: 0;
cursor: pointer;
}
}
}
// 모바일: 헤더 우측 햄버거(메뉴 버튼) 바로 왼쪽에 나란히 배치.
// right = 헤더 padding(20px) + 햄버거 (~32px) + 간격(~20px) 72px
@media (max-width: $breakpoint-sm) {
.session-float {
top: 12px;
right: 72px;
padding: 4px 10px;
}
}
@@ -33,80 +33,6 @@
--shadow-xl: 0 16px 40px rgba(75, 155, 255, 0.2);
}
// ===========================
// Design Survey Bar
// ===========================
.design-survey-bar {
position: fixed;
top: 0;
left: 0;
right: 0;
height: 48px;
background: linear-gradient(90deg, #667eea 0%, #764ba2 100%);
z-index: 400;
display: flex;
align-items: center;
justify-content: center;
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.15);
.survey-container {
display: flex;
align-items: center;
gap: 16px;
}
.survey-label {
color: #ffffff;
font-size: 14px;
font-weight: 500;
}
.survey-buttons {
display: flex;
gap: 8px;
}
.survey-btn {
padding: 6px 16px;
border: 2px solid rgba(255, 255, 255, 0.5);
border-radius: 20px;
background: transparent;
color: #ffffff;
font-size: 14px;
font-weight: 600;
cursor: pointer;
transition: all 0.3s ease;
&:hover {
background: rgba(255, 255, 255, 0.2);
border-color: #ffffff;
}
&.active {
background: #ffffff;
color: #667eea;
border-color: #ffffff;
}
}
@media (max-width: 768px) {
height: 40px;
.survey-label { display: none; }
.survey-btn { padding: 4px 12px; font-size: 12px; }
}
}
// Body offset when survey is active
body.design-survey-active {
.global-header { margin-top: 48px; }
@media (max-width: 768px) {
.global-header { margin-top: 40px; }
}
}
// 디자인 변형 스타일은 JavaScript에서 동적으로 적용됩니다.
// header_container.html의 DESIGN_OPTIONS 참조
// Blind text for screen readers
.blind {
position: absolute;
-1
View File
@@ -63,7 +63,6 @@
@use 'pages/org-register' as *;
@use 'pages/partnership' as *;
@use 'pages/user-management' as *;
@use 'pages/commission' as *;
@use 'pages/terms-agreements' as *;
@use 'pages/service' as *;
@use 'pages/api-statistics' as *;
@@ -1,412 +0,0 @@
@use '../abstracts/variables' as *;
@use '../abstracts/color-functions' as *;
@use '../abstracts/mixins' as *;
// Commission Pages Styles
// 수수료 관리 청구서 출력 페이지 스타일
// ==================== Commission Management Page ====================
// Commission Container
.commission-container {
max-width: 1400px;
margin: 0 auto;
}
.wrap {
max-width: 1400px;
margin: 0 auto;
background: $white;
padding: $spacing-lg;
border-radius: $border-radius-md;
box-shadow: $shadow-md;
}
.searchInfo {
display: inline-block;
margin-right: $spacing-sm;
margin-bottom: $spacing-md;
}
// Search Box
.searchBox {
background: #f8f9fa;
padding: 20px;
border-radius: $border-radius-md;
margin-bottom: 20px;
&.row-two {
display: flex;
align-items: center;
gap: 20px;
flex-wrap: wrap;
}
label {
font-weight: $font-weight-medium;
color: $text-dark;
min-width: 80px;
}
.form-control {
padding: 6px 12px;
border: 1px solid $border-gray;
border-radius: $border-radius-sm;
font-size: $font-size-sm;
min-width: 100px;
}
}
.form-inline {
display: flex;
align-items: center;
gap: 10px;
// 조회기간 [] [] 컨테이너 - PC 기본 스타일
.period-selects {
display: flex;
align-items: center;
gap: 10px;
.period-unit {
margin-right: 10px;
}
}
}
.btnBox {
margin-left: auto;
.btn + .btn {
margin-left: 5px;
}
}
// Print Button (initially hidden)
#printBtn {
display: none;
}
// Notice Text
.commission-notice {
color: #dc3545;
margin-top: 30px;
line-height: 1.6;
}
.voffset3 {
margin-top: 30px;
}
// Color Utilities
.color_red {
color: $accent-orange;
}
.color_blue {
color: #007bff;
}
.color_darkRed {
color: #8b0000;
}
// Table Styles
.table-responsive {
overflow-x: auto;
margin-top: 30px;
}
.table {
width: 100%;
border-collapse: collapse;
font-size: $font-size-sm;
th {
background: $gray-bg;
font-weight: $font-weight-medium;
color: $text-dark;
padding: $spacing-md;
text-align: center;
border: 1px solid $border-gray;
}
td {
padding: $spacing-md;
text-align: center;
border: 1px solid $border-gray;
}
}
.table-bordered {
border: 1px solid $border-gray;
th,
td {
border: 1px solid $border-gray;
}
}
.border-type {
border: 2px solid #dee2e6;
}
// Commission Tables
.commission-table-wrapper {
margin-top: 30px;
.table {
border: 2px solid #dee2e6;
}
}
// Summary Row
.summary-row {
background-color: #fff3cd !important;
td {
font-weight: $font-weight-semibold;
}
.summary-amount {
font-size: 16px;
color: #007bff;
}
}
// Text Alignment Utilities
.text-center {
text-align: center;
}
.text-right {
text-align: right;
}
.text-left {
text-align: left;
}
// Background Utilities
.bg-warning {
background-color: #fff3cd !important;
}
// Icon
.glyphicon-search::before {
content: "🔍";
}
// ==================== Commission Print Page ====================
.info-table {
border-top: 10px solid $text-gray;
width: 100%;
border-bottom: 2px solid $text-dark;
margin-bottom: $spacing-2xl;
th {
text-align: left;
padding: $spacing-md $spacing-lg;
font-weight: $font-weight-semibold;
background: none;
border: none;
}
td {
padding: $spacing-md $spacing-lg;
border: none;
}
}
.commission-table {
width: 100%;
margin-top: $spacing-2xl;
th,
td {
border: 1px solid #999 !important;
padding: $spacing-md $spacing-lg;
}
td {
text-align: right;
}
}
.bg_ygreen {
background-color: aquamarine;
text-align: center;
}
.bg_skyBlue {
background-color: skyblue;
text-align: center;
}
.bg_yellow {
background-color: yellow;
text-align: center;
}
// Print-specific styles
@media print {
body {
padding: 0;
background: $white;
}
.searchBox,
.searchInfo,
#printButton,
#backButton,
#printBtn {
display: none !important;
}
@page {
size: auto;
margin: 0 -0cm;
}
html {
margin: 0 0cm;
}
}
// Responsive Design
@media screen and (max-width: $breakpoint-md) {
.wrap {
padding: $spacing-md;
}
.searchBox {
padding: $spacing-md;
&.row-two {
flex-direction: column;
align-items: flex-start;
gap: $spacing-md;
}
}
.form-inline {
width: 100%;
flex-direction: column;
align-items: flex-start;
label {
min-width: auto;
margin-bottom: $spacing-xs;
}
.form-control {
width: 100%;
}
// 조회기간: [] [] 유지
&--period {
.period-selects {
display: flex;
flex-direction: row;
align-items: center;
gap: $spacing-sm;
width: 100%;
.form-control {
flex: 1;
min-width: 0;
}
.period-unit {
flex-shrink: 0;
font-size: $font-size-sm;
color: $text-dark;
}
}
}
}
.btnBox {
margin-left: 0;
width: 100%;
.btn {
width: 100%;
display: flex;
justify-content: center;
align-items: center;
}
}
.table-responsive {
overflow-x: scroll;
-webkit-overflow-scrolling: touch;
}
}
// Commission Print Page Specific
// Note: commissionPrint.html uses body class for scoping
body.commission-print-page {
font-size: 12px;
width: 600px;
margin: 90px;
font-family: $font-family-primary;
div {
position: relative;
}
table {
border-collapse: collapse;
th,
td {
padding: 5px 10px;
}
tr {
font-size: 12px;
}
}
h1 {
text-align: center;
img {
width: 300px;
}
}
h2 {
margin-top: $spacing-2xl;
float: left;
}
p {
line-height: 1.6;
&[style*="float: right"] {
margin-top: 25px;
}
}
// Print buttons
.btn {
padding: 8px 16px;
border: none;
border-radius: 4px;
cursor: pointer;
font-size: 14px;
}
.btn-primary {
background: #667eea;
color: white;
&:hover {
background: #5a67d8;
}
}
}
@@ -692,3 +692,101 @@
// Uses the same action button styles from .inquiry-actions above
// Supports: action-btn-primary, action-btn-secondary
}
// 260710 공개범위 / 조회수 / 첨부
// 비공개 게시물(목록) 본인·소속 법인 관리자 외에는 흐리게 + 링크 비활성
.list-table-row--private {
opacity: 0.55;
cursor: default;
.inquiry-private-label {
color: #94A3B8;
font-style: italic;
}
}
// 접근 권한 없는 비공개 제목 클릭 불가
.notice-title-link--disabled {
pointer-events: none;
cursor: default;
}
// 상세 조회수
.inquiry-detail-views {
color: #94A3B8;
font-size: 13px;
}
// 상세 첨부 다운로드 링크 (이미지 인라인 노출 없이 강제 다운로드)
.inquiry-detail-attach {
margin-top: $spacing-md;
.inquiry-attach-link {
display: inline-flex;
align-items: center;
gap: 6px;
padding: 8px 14px;
border: 1px solid #CBD5E1;
border-radius: 6px;
color: #1E40AF;
font-size: 13px;
text-decoration: none;
&:hover {
background-color: #F1F5F9;
}
}
}
// 목록 작성자 : 이름 아래 (법인명) 표기
// .row-cell display:flex(가로) 이므로 세로 정렬 위해 column 지정
.row-cell--writer {
flex-direction: column;
justify-content: center;
line-height: 1.3;
.inquiry-writer-org {
color: #94A3B8;
font-size: 12px;
}
}
// 목록 상단 PTL_PROPERTY 공개범위 상한 표기
.inquiry-visibility-notice {
margin-left: 12px;
font-size: 13px;
font-weight: normal;
color: #64748B;
}
// 목록 처리상태 배지 글자/크기 축소
.list-table-body .inquiry-status-badge {
height: 24px;
padding: 0 10px;
font-size: 12px;
}
// 비공개 자물쇠 아이콘 (목록 제목 )
.inquiry-lock-icon {
vertical-align: -2px;
margin-right: 3px;
color: #64748B;
}
// 상세 헤더 공개범위 표기
.inquiry-detail-visibility {
display: inline-flex;
align-items: center;
gap: 2px;
color: #64748B;
font-size: 13px;
&--private {
color: #c0392b;
font-weight: 600;
.inquiry-lock-icon {
color: #c0392b;
}
}
}
@@ -384,6 +384,11 @@
background-color: #8c959f;
}
// 검토중 - 주황색 배경
&--reviewing {
background-color: #e08e0b;
}
// 종료 - 짙은 회색 배경
&--closed {
background-color: #4a5560;
@@ -1,496 +0,0 @@
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org"
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
layout:decorate="~{layout/djbank_title_layout}">
<head>
<title>수수료 관리</title>
</head>
<body>
<section layout:fragment="title">
<div class="page-title-banner">
<img th:src="@{/img/img_title_bg.png}" class="title-image">
<h1>기관 수수료 관리</h1>
</div>
</section>
<th:block layout:fragment="contentFragment">
<section class="org-register-container">
<div class="searchBox row-two">
<span class="form-inline form-inline--period">
<label for="forYear">조회기간</label>
<span class="period-selects">
<select id="forYear" class="form-control">
<option value="">- 선택 -</option>
</select> <span class="period-unit"></span>
<select id="forMonth" class="form-control">
<option value="">- 선택 -</option>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
</select> <span class="period-unit"></span>
</span>
</span>
<span class="btnBox">
<span id="searchedPeriod" class="searched-period" style="display:none; margin-right:10px; font-weight:bold; color:#28a745;"></span>
<button type="button" class="btn btn-primary" onclick="loadData()">
<span class="fa fa-search"></span><span>조회</span>
</button>
<button type="button" id="printBtn" class="btn btn-secondary" onclick="printCommission()">
<span>청구서 출력</span>
</button>
</span>
</div>
<div class="commission-container">
<div class="col-md-12">
<p class="commission-notice">
이용기관은 매월 1~5일 전월 수수료 조회 가능하며, 10일 확정금액으로 정산됩니다. <br/>
금액이상시 담당자 연락 및 조정요청 하시기 바랍니다. (매월 1~5일 수수료 조회, 6~9일 수수료 조정 및 확정, 10일 정산)
</p>
<!-- API 수수료 테이블 -->
<div class="table-responsive">
<table class="table table-bordered border-type">
<colgroup>
<col style="width:6%"/>
<col style="width:16%"/>
<col style="width:8%"/>
<col style="width:8%"/>
<col style="width:8%"/>
<col style="width:8%"/>
<col style="width:8%"/>
<col style="width:8%"/>
<col style="width:8%"/>
<col style="width:8%"/>
<col/>
</colgroup>
<thead>
<tr>
<th rowspan="2">구분</th>
<th rowspan="2">API 명</th>
<th colspan="4">조정 전</th>
<th colspan="4">조정 후</th>
<th rowspan="2">조정사유</th>
</tr>
<tr>
<th>처리<br/>건수</th>
<th>적용<br/>수수료(원)</th>
<th>최저<br/>수수료</th>
<th>출금<br/>예상금액</th>
<th>조정<br/>건수</th>
<th>조정<br/>수수료(원)</th>
<th>최저<br/>수수료</th>
<th>출금<br/>예상금액</th>
</tr>
</thead>
<tbody id="apiTableBody">
<!-- 동적 생성 -->
</tbody>
</table>
<!-- 판매 수수료 테이블 -->
<table class="table table-bordered border-type voffset3">
<colgroup>
<col style="width: 6%;">
<col style="width: 8%;">
<col style="width: 8%;">
<col style="width: 5%;">
<col style="width: 5%;">
<col style="width: 7%;">
<col style="width: 6%;">
<col style="width: 6%;">
<col style="width: 7%;">
<col style="width: 7%;">
<col style="width: 6%;">
<col style="width: 6%;">
<col style="width: 7%;">
<col style="width: 7%;">
<col>
</colgroup>
<thead>
<tr>
<th rowspan="2">구분</th>
<th rowspan="2">과금대상<br/>업무</th>
<th rowspan="2">수수료<br/>유형</th>
<th rowspan="2">과금<br/>기준</th>
<th rowspan="2">값구분</th>
<th rowspan="2">판매액</th>
<th colspan="4">조정 전</th>
<th colspan="4">조정 후</th>
<th rowspan="2">조정사유</th>
</tr>
<tr>
<th>적용<br/>수수료</th>
<th>처리<br/>건수</th>
<th>최저<br/>수수료</th>
<th>출금<br/>예상수수료</th>
<th>적용<br/>수수료</th>
<th>처리<br/>건수</th>
<th>최저<br/>수수료</th>
<th>출금<br/>예상수수료</th>
</tr>
</thead>
<tbody id="saleTableBody">
<!-- 동적 생성 -->
</tbody>
</table>
<!-- 합계 테이블 -->
<table class="table table-bordered border-type voffset3">
<colgroup>
<col/>
<col style="width: 13%"/>
<col style="width: 13%"/>
<col style="width: 13%"/>
<col style="width: 13%"/>
<col style="width: 13%"/>
<col style="width: 13%"/>
</colgroup>
<thead>
<tr>
<th rowspan="2">구분</th>
<th colspan="3">조정 전</th>
<th colspan="3">조정 후</th>
</tr>
<tr>
<th>판매액</th>
<th>처리건수(건)</th>
<th>출금예상금액</th>
<th>판매액</th>
<th>처리건수(건)</th>
<th>출금예상금액</th>
</tr>
</thead>
<tbody>
<tr class="summary-row">
<td class="text-center"><strong id="totalTitle">합계</strong></td>
<td class="text-right"><strong id="totalSalesAmount1">-</strong></td>
<td class="text-right"><strong id="totalCount1">-</strong></td>
<td class="text-right"><strong class="summary-amount" id="totalAmount1">-</strong></td>
<td class="text-right"><strong id="totalSalesAmount2">-</strong></td>
<td class="text-right"><strong id="totalCount2">-</strong></td>
<td class="text-right"><strong class="summary-amount" id="totalAmount2">-</strong></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</section>
</th:block>
<th:block layout:fragment="contentScript">
<script th:inline="javascript">
// 페이지 로드 시 초기화 및 자동 조회
document.addEventListener('DOMContentLoaded', function() {
var noOrgCode = /*[[${noOrgCode}]]*/ false;
if (noOrgCode) {
customPopups.showAlert('제휴기관코드가 등록되지 않았습니다.<br/>관리자에게 문의하세요.', function() {
history.back();
});
return;
}
initializeDateSelects();
// 페이지 로딩 후 자동 조회
loadData();
});
function initializeDateSelects() {
const now = new Date();
const currentYear = now.getFullYear();
const currentMonth = now.getMonth() + 1; // 0-indexed
// 전월 계산
let lastMonth = currentMonth - 1;
let lastMonthYear = currentYear;
if (lastMonth === 0) {
lastMonth = 12;
lastMonthYear = currentYear - 1;
}
// 연도 옵션 동적 생성 (최근 3년)
const yearSelect = document.getElementById('forYear');
for (let year = currentYear; year >= currentYear - 2; year--) {
const option = document.createElement('option');
option.value = year;
option.textContent = year;
if (year === lastMonthYear) {
option.selected = true;
}
yearSelect.appendChild(option);
}
// 월 기본값 설정 (전월)
const monthSelect = document.getElementById('forMonth');
monthSelect.value = lastMonth.toString();
}
function showSearchedPeriod(year, month) {
const searchedPeriodEl = document.getElementById('searchedPeriod');
searchedPeriodEl.textContent = year + '년 ' + month + '월 조회완료';
searchedPeriodEl.style.display = 'inline';
}
function hideSearchedPeriod() {
const searchedPeriodEl = document.getElementById('searchedPeriod');
searchedPeriodEl.style.display = 'none';
}
function formatNumber(num) {
return new Intl.NumberFormat('ko-KR').format(num);
}
function loadData() {
const year = document.getElementById('forYear').value;
const month = document.getElementById('forMonth').value;
if (!year || !month) {
customPopups.showAlert('조회 기간을 선택해주세요.');
return;
}
// 서버에서 데이터 조회 API 호출
fetch('/commission', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-XSRF-TOKEN': /*[[${_csrf.token}]]*/ ''
},
body: JSON.stringify({
year: year,
month: month
})
})
.then(response => {
return response.json().then(data => {
if (!response.ok) {
// 서버에서 반환한 에러 메시지 추출
const errorMessage = data.description || data.message || '데이터 조회에 실패했습니다.';
throw new Error(errorMessage);
}
return data;
});
})
.then(data => renderCommissionData(data, year, month))
.catch(error => {
console.error('Error:', error);
hideSearchedPeriod();
customPopups.showAlert(error.message || '데이터 조회 중 오류가 발생했습니다.');
});
}
function renderCommissionData(data, year, month) {
// API 수수료 항목 필터링
const apiCommissions = data.list.filter(item => item.paymentTargetType === '01');
const saleCommissions = data.list.filter(item => item.paymentTargetType !== '01');
// API 수수료 테이블 렌더링
const apiTableBody = document.getElementById('apiTableBody');
apiTableBody.innerHTML = '';
let apiTotal1 = 0;
let apiTotal2 = 0;
let apiCount1 = 0;
let apiCount2 = 0;
apiCommissions.forEach((item, index) => {
if (index === 0) {
apiTableBody.innerHTML += `
<tr>
<td rowspan="${apiCommissions.length}" class="text-center">API<br/>수수료</td>
<td class="text-left">${item.paymentTargetName}</td>
<td class="text-right">${formatNumber(item.totalCount || 0)}</td>
<td class="text-right">${formatNumber(item.value || 0)}</td>
<td class="text-right">${formatNumber(item.minimumAmount || 0)}</td>
<td class="text-right"><span class="color_darkRed">${formatNumber(item.sum || 0)}</span></td>
<td class="text-right"><strong class="color_blue">${formatNumber(item.totalCount2 || 0)}</strong></td>
<td class="text-right">${formatNumber(item.value2 || 0)}</td>
<td class="text-right">${formatNumber(item.minimumAmount2 || 0)}</td>
<td class="text-right"><span class="color_darkRed">${formatNumber(item.sum2 || 0)}</span></td>
<td>${item.changeReason2 || ''}</td>
</tr>
`;
} else {
apiTableBody.innerHTML += `
<tr>
<td class="text-left">${item.paymentTargetName}</td>
<td class="text-right">${formatNumber(item.totalCount || 0)}</td>
<td class="text-right">${formatNumber(item.value || 0)}</td>
<td class="text-right">${formatNumber(item.minimumAmount || 0)}</td>
<td class="text-right"><span class="color_darkRed">${formatNumber(item.sum || 0)}</span></td>
<td class="text-right"><strong class="color_blue">${formatNumber(item.totalCount2 || 0)}</strong></td>
<td class="text-right">${formatNumber(item.value2 || 0)}</td>
<td class="text-right">${formatNumber(item.minimumAmount2 || 0)}</td>
<td class="text-right"><span class="color_darkRed">${formatNumber(item.sum2 || 0)}</span></td>
<td>${item.changeReason2 || ''}</td>
</tr>
`;
}
apiTotal1 += parseFloat(item.sum || 0);
apiTotal2 += parseFloat(item.sum2 || 0);
apiCount1 += parseInt(item.totalCount || 0);
apiCount2 += parseInt(item.totalCount2 || 0);
});
// API 소계
apiTableBody.innerHTML += `
<tr>
<td colspan="2" class="text-center">${year}년 ${month}월 API 수수료 소계</td>
<td class="text-right">${formatNumber(apiCount1)}</td>
<td class="text-right"></td>
<td class="text-right"></td>
<td class="text-right"><strong class="color_blue">${formatNumber(apiTotal1)}</strong></td>
<td class="text-right">${formatNumber(apiCount2)}</td>
<td class="text-right"></td>
<td class="text-right"></td>
<td class="text-right"><strong class="color_blue">${formatNumber(apiTotal2)}</strong></td>
<td></td>
</tr>
`;
// 판매 수수료 테이블 렌더링
const saleTableBody = document.getElementById('saleTableBody');
saleTableBody.innerHTML = '';
let saleTotal1 = 0;
let saleTotal2 = 0;
let saleCount1 = 0;
let saleCount2 = 0;
let saleSalesAmount = 0;
saleCommissions.forEach((item, index) => {
const isPercentageFee = item.paymentBaseName === '금액';
if (index === 0) {
saleTableBody.innerHTML += `
<tr>
<td rowspan="${saleCommissions.length}" class="text-center">판매<br/>수수료</td>
<td class="text-left">${item.paymentTargetName}</td>
<td>${item.detailFeeTypeName || ''}</td>
<td>${item.paymentBaseName || ''}</td>
<td>${item.valueDivisionName || ''}</td>
<td class="text-right">${item.totalValue ? formatNumber(item.totalValue) : ''}</td>
<td class="text-right">${isPercentageFee ? (parseFloat(item.value || 0) * 100) + '%' : formatNumber(item.value || 0)}</td>
<td class="text-right">${formatNumber(item.totalCount || 0)}</td>
<td class="text-right">${formatNumber(item.minimumAmount || 0)}</td>
<td class="text-right"><span class="color_darkRed">${formatNumber(item.sum || 0)}</span></td>
<td class="text-right">${isPercentageFee ? (parseFloat(item.value2 || 0) * 100) + '%' : formatNumber(item.value2 || 0)}</td>
<td class="text-right">${formatNumber(item.totalCount2 || 0)}</td>
<td class="text-right">${formatNumber(item.minimumAmount2 || 0)}</td>
<td class="text-right"><span class="color_darkRed">${formatNumber(item.sum2 || 0)}</span></td>
<td>${item.changeReason2 || ''}</td>
</tr>
`;
} else {
saleTableBody.innerHTML += `
<tr>
<td class="text-left">${item.paymentTargetName}</td>
<td>${item.detailFeeTypeName || ''}</td>
<td>${item.paymentBaseName || ''}</td>
<td>${item.valueDivisionName || ''}</td>
<td class="text-right">${item.totalValue ? formatNumber(item.totalValue) : ''}</td>
<td class="text-right">${isPercentageFee ? (parseFloat(item.value || 0) * 100) + '%' : formatNumber(item.value || 0)}</td>
<td class="text-right">${formatNumber(item.totalCount || 0)}</td>
<td class="text-right">${formatNumber(item.minimumAmount || 0)}</td>
<td class="text-right"><span class="color_darkRed">${formatNumber(item.sum || 0)}</span></td>
<td class="text-right">${isPercentageFee ? (parseFloat(item.value2 || 0) * 100) + '%' : formatNumber(item.value2 || 0)}</td>
<td class="text-right">${formatNumber(item.totalCount2 || 0)}</td>
<td class="text-right">${formatNumber(item.minimumAmount2 || 0)}</td>
<td class="text-right"><span class="color_darkRed">${formatNumber(item.sum2 || 0)}</span></td>
<td>${item.changeReason2 || ''}</td>
</tr>
`;
}
saleTotal1 += parseFloat(item.sum || 0);
saleTotal2 += parseFloat(item.sum2 || 0);
saleCount1 += parseInt(item.totalCount || 0);
saleCount2 += parseInt(item.totalCount2 || 0);
saleSalesAmount += parseFloat(item.totalValue || 0);
});
// 판매 소계
saleTableBody.innerHTML += `
<tr>
<td colspan="5" class="text-center">${year}년 ${month}월 판매 수수료 소계</td>
<td class="text-right">${formatNumber(saleSalesAmount)}</td>
<td class="text-right"></td>
<td class="text-right">${formatNumber(saleCount1)}</td>
<td></td>
<td class="text-right"><strong class="color_blue">${formatNumber(saleTotal1)}</strong></td>
<td class="text-right"></td>
<td class="text-right">${formatNumber(saleCount2)}</td>
<td></td>
<td class="text-right"><strong class="color_blue">${formatNumber(saleTotal2)}</strong></td>
<td></td>
</tr>
`;
// 합계 업데이트
document.getElementById('totalTitle').textContent = `${year}년 ${month}월 합계`;
document.getElementById('totalSalesAmount1').textContent = formatNumber(saleSalesAmount);
document.getElementById('totalCount1').textContent = formatNumber(apiCount1 + saleCount1);
document.getElementById('totalAmount1').textContent = formatNumber(apiTotal1 + saleTotal1);
document.getElementById('totalSalesAmount2').textContent = formatNumber(saleSalesAmount);
document.getElementById('totalCount2').textContent = formatNumber(apiCount2 + saleCount2);
document.getElementById('totalAmount2').textContent = formatNumber(apiTotal2 + saleTotal2);
// 출력 버튼 표시
document.getElementById('printBtn').style.display = 'inline-block';
// 조회 기간 표시
showSearchedPeriod(year, month);
}
function printCommission() {
const year = document.getElementById('forYear').value;
const month = document.getElementById('forMonth').value;
if (!year || !month) {
customPopups.showAlert('조회 기간을 선택해주세요.');
return;
}
// 먼저 청구서 출력용 API로 데이터 조회하여 에러 여부 확인
fetch('/commission/print/check', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-XSRF-TOKEN': /*[[${_csrf.token}]]*/ ''
},
body: JSON.stringify({
year: year,
month: month
})
})
.then(response => {
return response.json().then(data => {
if (!response.ok) {
const errorMessage = data.description || data.message || '데이터 조회에 실패했습니다.';
throw new Error(errorMessage);
}
return data;
});
})
.then(data => {
// 에러가 없으면 청구서 출력 페이지 열기
const printUrl = '/commission/print/' + year + '/' + month;
window.open(printUrl, '_blank', 'width=800,height=900,scrollbars=yes,resizable=yes');
})
.catch(error => {
console.error('Error:', error);
customPopups.showAlert(error.message || '청구서 조회 중 오류가 발생했습니다.');
});
}
</script>
</th:block>
</body>
</html>
@@ -1,197 +0,0 @@
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="utf-8">
<title>수수료 청구서</title>
<!-- <link rel="stylesheet" th:href="@{/content/css/vendor.css}">-->
<!-- <link rel="stylesheet" th:href="@{/css/main.css}">-->
<style>
html,body{font-size:12px;}
body{width:600px; margin:90px}
table{border-collapse: collapse;}
table th, td{padding:5px 10px;}
table tr{font-size:12px;}
.info-table{ border-top: 10px solid gray; width: 100%; border-bottom: 2px solid #333;}
.info-table th{text-align:left;}
.commission-table{width:100%;}
.commission-table th,.commission-table td{border:1px solid #999 !important}
.commission-table td{text-align:right}
.bg_ygreen{background-color:aquamarine; text-align:center}
.bg_skyBlue{background-color:skyblue; text-align:center}
.bg_yellow{background-color:yellow; text-align:center}
DIV { position: relative; }
.btn {
padding: 8px 16px;
border: none;
border-radius: 4px;
cursor: pointer;
font-size: 14px;
}
.btn-primary {
background: #667eea;
color: white;
}
.btn-primary:hover {
background: #5a67d8;
}
@media print {
@page {
size: auto;
margin: 0 -0cm;
}
html {
margin: 0 0cm;
}
.control {
display: none !important;
}
}
</style>
</head>
<body class="commission-print-page">
<div class="control">
<input id="printButton" type="button" class="btn btn-primary" value="청구서 인쇄" onclick="window.print()"/>
</div>
<div id="PrintDIV">
<h1 style="text-align:center">
<img style="height:30px;" th:src="@{/img/logo/logo-djb.png}" alt="DJBank 오픈뱅킹" />
</h1>
<p style="text-align:center">우61470 광주광역시 동구 제봉로 225 전화 (062)239-6722 FAX (062)239-6719 오픈뱅크 플랫폼 담당자</p>
<table class="info-table">
<colgroup>
<col style="width:15%;" />
<col/>
</colgroup>
<tbody>
<tr>
<th>문서번호</th>
<td><span th:text="|전자금융(OBP) ${year}-${month}-001호|">전자금융(OBP) 2024-03-001호</span></td>
</tr>
<tr>
<th>발 급 일</th>
<td><span th:text="${toDay}">2024년 3월 15일</span></td>
</tr>
<tr>
<th>수 신</th>
<td><span th:text="${organization}">ABC 핀테크 주식회사</span></td>
</tr>
<tr>
<th>참 조</th>
<td></td>
</tr>
<tr>
<th>제 목</th>
<td><span th:text="|${year}년 ${month}월 오픈뱅크플랫폼 API 서비스 이용수수료 청구|">2024년 3월 오픈뱅크플랫폼 API 서비스 이용수수료 청구</span></td>
</tr>
</tbody>
</table>
<div>
<p>1. 귀 사의 무궁한 발전을 기원합니다.</p>
<p>2. 귀 사와 체결된 서비스 이용 계약에 따라 동 업무처리와 관련하여 발생된 수수료를 다음과 같이 청구하오니 <br/>협조하여 주시기 바랍니다.</p>
</div>
<h2 style="float:left">1. 청구내역</h2>
<p style="float: right;margin-top: 25px;">(단위:건수/원)</p>
<table class="commission-table">
<colgroup>
<col style="width:35%"/>
<col style="width:20%"/>
<col style="width:15%"/>
<col style="width:15%"/>
<col style="width:15%"/>
</colgroup>
<thead>
<tr>
<th class="bg_ygreen">청구내용</th>
<th class="bg_ygreen">대출금액</th>
<th class="bg_ygreen">처리건수</th>
<th class="bg_ygreen">수수료</th>
<th class="bg_ygreen">수수료합계</th>
</tr>
</thead>
<tbody>
<th:block th:if="${commission != null and commission.list != null}">
<!-- API 수수료 -->
<tr th:each="item : ${commission.list}" th:if="${item.paymentTargetType == '01'}">
<td style="text-align:left" th:text="${item.paymentTargetName}">계좌잔액조회</td>
<td></td>
<td th:text="${#numbers.formatInteger(item.totalValue2, 0, 'COMMA')}">20,543</td>
<td th:text="|₩${#numbers.formatInteger(item.value2, 0, 'COMMA')}|">₩50</td>
<td th:text="|₩${#numbers.formatInteger(item.sum2, 0, 'COMMA')}|">₩1,027,150</td>
</tr>
<!-- API 소계 -->
<th:block th:if="${commission.apiSum2 != null}">
<tr>
<th class="bg_skyBlue" colspan="4">소계</th>
<td class="bg_skyBlue" th:text="|₩${#numbers.formatInteger(commission.apiSum2, 0, 'COMMA')}|">₩3,306,780</td>
</tr>
</th:block>
<!-- 판매 수수료 -->
<tr th:each="item : ${commission.list}" th:if="${item.paymentTargetType != '01'}">
<td style="text-align:left" th:text="${item.paymentTargetName}">개인대출 상품 A</td>
<td th:text="${item.paymentBaseName == '금액' ? '₩' + #numbers.formatInteger(item.totalValue2, 0, 'COMMA') : ''}">₩1,050,000,000</td>
<td th:text="${item.paymentBaseName == '건' ? #numbers.formatInteger(item.totalCount2, 0, 'COMMA') : ''}">55</td>
<td th:text="|₩${#numbers.formatInteger(item.value2, 0, 'COMMA')}|">₩5,000</td>
<td th:text="|₩${#numbers.formatInteger(item.sum2, 0, 'COMMA')}|">₩275,000</td>
</tr>
<!-- 판매 소계 -->
<th:block th:if="${commission.productSum2 != null}">
<tr>
<th class="bg_skyBlue" colspan="4">소계</th>
<td class="bg_skyBlue" th:text="|₩${#numbers.formatInteger(commission.productSum2, 0, 'COMMA')}|">₩533,000</td>
</tr>
</th:block>
<!-- 합계 -->
<th:block th:if="${commission.sum2 != null}">
<tr>
<th class="bg_yellow" colspan="4">합계</th>
<td class="bg_yellow" th:text="|₩${#numbers.formatInteger(commission.sum2, 0, 'COMMA')}|">₩3,839,780</td>
</tr>
</th:block>
</th:block>
</tbody>
</table>
<p>* 수수료는 Max(처리건수*금액, 월최저수수료) 금액으로 출금됩니다</p>
<br>
<h2>2. 수수료정산</h2>
<p>① 정산방법 : 수수료 결제계좌에서 자동출금</p>
<p>② 처리일자 : 매월10일 (휴,공휴일인 경우 익영업일). 끝.</p>
<div style="text-align:center;padding:20px 0">
<h1>
<span style="letter-spacing:0.8;">주식회사 광주은행</span><br/>
<span style="letter-spacing:6.5;">디지털</span> <span style="letter-spacing:6.5;">사업부장</span>
<small style="position: absolute; bottom: 39px; margin-left: 12px; font-weight: normal; font-size: 13px;">(직인생략)</small>
</h1>
</div>
</div>
<script th:if="${error}" th:inline="javascript">
document.addEventListener('DOMContentLoaded', function() {
var errorMessage = /*[[${error}]]*/ '';
if (errorMessage) {
alert(errorMessage);
// 에러 발생 시 인쇄 버튼 비활성화
var printButton = document.getElementById('printButton');
if (printButton) {
printButton.disabled = true;
printButton.value = '조회 오류';
}
}
});
</script>
</body>
</html>
@@ -20,6 +20,9 @@
placeholder="내용"
required></textarea>
<div class="djb-comment-form-actions">
<label class="djb-comment-private-toggle">
<input type="checkbox" id="djbCommentPrivate"> 비공개
</label>
<span class="djb-comment-char-counter" id="djbCommentCharCounter">0 / 2000</span>
<button type="submit" class="djb-comment-submit">댓글달기</button>
</div>
@@ -0,0 +1,77 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout" layout:decorate="~{layout/djbank_title_layout}">
<body>
<section layout:fragment="title">
<div class="page-title-banner">
<img th:src="@{/img/img_title_bg.png}" class="title-image" alt="타이틀 배경">
<h1>FAQ</h1>
</div>
</section>
<section layout:fragment="contentFragment">
<div class="notice-detail-container">
<!-- FAQ Header: Question and Date -->
<div class="notice-detail-header">
<h2 class="notice-detail-title">
<span th:text="${faq.faqQuestion}">FAQ 질문</span>
</h2>
<span class="notice-detail-date" th:text="${#temporals.format(faq.createdDate, 'yyyy.MM.dd')}">2025.11.01</span>
</div>
<!-- Attachment Section -->
<div class="notice-detail-attachment" th:if="${!#strings.isEmpty(faq.fileId)}">
<div class="attachment-list" th:with="fileInfo=${@fileService.findById(faq.fileId)}">
<div class="attachment-item" th:each="fileDetail, status : ${fileInfo.getFileDetails()}">
<a th:href="'javascript:fn_downloadFile(\'' + ${fileDetail.fileId} + '\',\''+ ${fileDetail.fileSn} +'\')'" class="notice-attachment-link">
<svg width="22" height="22" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
<path d="M18 15.75C18 17.4833 17.3917 18.9583 16.175 20.175C14.9583 21.3917 13.4833 22 11.75 22C10.0167 22 8.54167 21.3917 7.325 20.175C6.10833 18.9583 5.5 17.4833 5.5 15.75V6.5C5.5 5.25 5.9375 4.1875 6.8125 3.3125C7.6875 2.4375 8.75 2 10 2C11.25 2 12.3125 2.4375 13.1875 3.3125C14.0625 4.1875 14.5 5.25 14.5 6.5V15.25C14.5 16.0167 14.2333 16.6667 13.7 17.2C13.1667 17.7333 12.5167 18 11.75 18C10.9833 18 10.3333 17.7333 9.8 17.2C9.26667 16.6667 9 16.0167 9 15.25V6H11V15.25C11 15.4667 11.0708 15.6458 11.2125 15.7875C11.3542 15.9292 11.5333 16 11.75 16C11.9667 16 12.1458 15.9292 12.2875 15.7875C12.4292 15.6458 12.5 15.4667 12.5 15.25V6.5C12.4833 5.8 12.2375 5.20833 11.7625 4.725C11.2875 4.24167 10.7 4 10 4C9.3 4 8.70833 4.24167 8.225 4.725C7.74167 5.20833 7.5 5.8 7.5 6.5V15.75C7.48333 16.9333 7.89167 17.9375 8.725 18.7625C9.55833 19.5875 10.5667 20 11.75 20C12.9167 20 13.9083 19.5875 14.725 18.7625C15.5417 17.9375 15.9667 16.9333 16 15.75V6H18V15.75Z" fill="currentColor"/>
</svg>
<span class="attachment-label">첨부파일</span>
<span class="attachment-filename">[[${fileDetail.originalFileName}]].[[${fileDetail.fileExtension}]]</span>
</a>
</div>
</div>
</div>
<!-- Content Section -->
<div class="notice-detail-content">
<div id="faqDetail" class="notice-content-body editor-content" th:utext="${faq.faqAnswer}">
답변 내용이 여기에 표시됩니다.
</div>
</div>
<!-- Action Buttons -->
<div class="notice-detail-actions">
<button type="button" class="btn-notice-list" th:onclick="|location.href='@{/faq_list}'|">목록</button>
</div>
</div>
</section>
</body>
<th:block layout:fragment="contentScript">
<script>
function fn_downloadFile(fileId, fileSn) {
window.open('[[@{/file/download}]]' + "?fileId=" + fileId + "&fileSn=" + fileSn);
}
function decodeHTMLEntities(text) {
var textArea = document.createElement('textarea');
textArea.innerHTML = text;
return textArea.value;
}
document.addEventListener('DOMContentLoaded', function() {
var element = document.getElementById('faqDetail');
if (element) {
element.innerHTML = decodeHTMLEntities(element.innerHTML);
}
});
</script>
</th:block>
</html>
@@ -11,7 +11,7 @@
</section>
<th:block layout:fragment="contentFragment">
<section class="user-management-container">
<section class="user-management-container notice-list-container">
<!-- Search and Filter Controls -->
<form name="faqForm" th:action="@{/faq_list}" method="post" th:object="${search}" onsubmit="return false;">
@@ -38,21 +38,36 @@
</div>
</form>
<!-- FAQ Accordion -->
<div class="faq-accordion" th:if="${!#lists.isEmpty(page.content)}">
<div class="faq-item" th:each="faq : ${page.content}">
<div class="faq-question">
<span class="faq-question-text" th:text="${faq.faqQuestion}">질문 내용이 여기에 표시됩니다.</span>
<span class="faq-icon">
<svg width="14" height="8" viewBox="0 0 14 8" fill="none" xmlns="http://www.w3.org/2000/svg">
<path d="M1 1L7 7L13 1" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
</svg>
</span>
</div>
<div class="faq-answer">
<div class="faq-answer-content editor-content" th:utext="${faq.faqAnswer}">
답변 내용이 여기에 표시됩니다.
<!-- FAQ Table -->
<div class="list-table" th:if="${!#lists.isEmpty(page.content)}">
<!-- Table Header -->
<div class="list-table-header">
<div class="header-cell" style="width: 80px;">NO</div>
<div class="header-cell" style="flex: 1; min-width: 200px;">질문</div>
<div class="header-cell" style="width: 120px;">등록일</div>
</div>
<!-- Table Body -->
<div class="list-table-body">
<div class="list-table-row"
th:each="faq, status : ${page.content}"
th:onclick="'location.href=\'' + @{/faq_view(id=${faq.id})} + '\''"
style="cursor: pointer;">
<div class="row-cell row-cell--number" style="width: 80px;" data-label="NO"
th:text="${page.totalElements - (page.number * page.size) - status.index}">1</div>
<div class="row-cell row-cell--title" style="flex: 1; min-width: 200px;" data-label="질문">
<a th:href="@{/faq_view(id=${faq.id})}" class="notice-title-link">
<span class="notice-number" th:text="|[${page.totalElements - (page.number * page.size) - status.index}]|">[1]</span>
<span th:text="${faq.faqQuestion}">FAQ 질문</span>
<span class="file-icon" th:if="${faq.fileId != null and !faq.fileId.isEmpty()}">
<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
<path d="M18 15.75C18 17.4833 17.3917 18.9583 16.175 20.175C14.9583 21.3917 13.4833 22 11.75 22C10.0167 22 8.54167 21.3917 7.325 20.175C6.10833 18.9583 5.5 17.4833 5.5 15.75V6.5C5.5 5.25 5.9375 4.1875 6.8125 3.3125C7.6875 2.4375 8.75 2 10 2C11.25 2 12.3125 2.4375 13.1875 3.3125C14.0625 4.1875 14.5 5.25 14.5 6.5V15.25C14.5 16.0167 14.2333 16.6667 13.7 17.2C13.1667 17.7333 12.5167 18 11.75 18C10.9833 18 10.3333 17.7333 9.8 17.2C9.26667 16.6667 9 16.0167 9 15.25V6H11V15.25C11 15.4667 11.0708 15.6458 11.2125 15.7875C11.3542 15.9292 11.5333 16 11.75 16C11.9667 16 12.1458 15.9292 12.2875 15.7875C12.4292 15.6458 12.5 15.4667 12.5 15.25V6.5C12.4833 5.8 12.2375 5.20833 11.7625 4.725C11.2875 4.24167 10.7 4 10 4C9.3 4 8.70833 4.24167 8.225 4.725C7.74167 5.20833 7.5 5.8 7.5 6.5V15.75C7.48333 16.9333 7.89167 17.9375 8.725 18.7625C9.55833 19.5875 10.5667 20 11.75 20C12.9167 20 13.9083 19.5875 14.725 18.7625C15.5417 17.9375 15.9667 16.9333 16 15.75V6H18V15.75Z" fill="currentColor"/>
</svg>
</span>
</a>
</div>
<div class="row-cell" style="width: 120px;" data-label="등록일"
th:text="${#temporals.format(faq.createdDate, 'yyyy.MM.dd')}">2025.01.01</div>
</div>
</div>
</div>
@@ -95,37 +110,6 @@
document.faqForm.page.value = 1;
document.faqForm.submit();
}
function decodeHTMLEntities(text) {
var textArea = document.createElement('textarea');
textArea.innerHTML = text;
return textArea.value;
}
document.addEventListener('DOMContentLoaded', function() {
// Decode HTML entities in FAQ answers
document.querySelectorAll('.faq-answer-content').forEach(function(element) {
element.innerHTML = decodeHTMLEntities(element.innerHTML);
});
// FAQ Accordion functionality
document.querySelectorAll('.faq-question').forEach(function(question) {
question.addEventListener('click', function(e) {
e.preventDefault();
const faqItem = this.closest('.faq-item');
const isActive = faqItem.classList.contains('active');
// Close all other items (optional - for single open behavior)
// document.querySelectorAll('.faq-item.active').forEach(function(item) {
// item.classList.remove('active');
// });
// Toggle active state
faqItem.classList.toggle('active');
});
});
});
</script>
</th:block>
@@ -11,21 +11,31 @@
</section>
<section layout:fragment="contentFragment">
<div class="inquiry-detail-container">
<div class="inquiry-detail-container" th:attr="data-inquiry-id=${inquiry.id}">
<!-- Inquiry Header: Status Badge and Title -->
<div class="inquiry-detail-header">
<div class="inquiry-header-top">
<span class="inquiry-status-badge"
th:classappend="${inquiry.inquiryStatus == 'RESPONDED' ? 'inquiry-status-badge--completed' : (inquiry.inquiryStatus == 'CLOSED' ? 'inquiry-status-badge--closed' : 'inquiry-status-badge--pending')}"
th:text="${inquiry.inquiryStatus == 'RESPONDED' ? '답변완료' : (inquiry.inquiryStatus == 'CLOSED' ? '종료' : '답변대기')}">
th:classappend="${T(com.eactive.apim.portal.djb.community.qna.constant.DjbInquiryStatus).badgeClass(inquiry.inquiryStatus)}"
th:text="${T(com.eactive.apim.portal.djb.community.qna.constant.DjbInquiryStatus).displayName(inquiry.inquiryStatus)}">
답변대기
</span>
<div class="inquiry-header-right">
<span class="inquiry-detail-writer"
th:text="${inquiry.inquirerName != null ? inquiry.inquirerName : (inquiry.inquirer != null ? inquiry.inquirer.userName : '')}">작성자</span>
<span class="inquiry-detail-writer" th:text="${inquiry.inquirerDisplay}">작성자 (법인명)</span>
<span class="inquiry-detail-divider">|</span>
<span class="inquiry-detail-date" th:text="${#temporals.format(inquiry.createdDate, 'yyyy.MM.dd')}">2025.11.01</span>
<span class="inquiry-detail-divider">|</span>
<span class="inquiry-detail-views" th:text="|조회 ${inquiry.viewCount}|">조회 0</span>
<span class="inquiry-detail-divider">|</span>
<span class="inquiry-detail-visibility"
th:classappend="${inquiry.visibility == 'PRIVATE'} ? ' inquiry-detail-visibility--private'">
<svg th:if="${inquiry.visibility == 'PRIVATE'}" class="inquiry-lock-icon" width="13" height="13" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-label="비공개">
<rect x="4" y="10" width="16" height="11" rx="2" fill="currentColor"/>
<path d="M7 10V7a5 5 0 0 1 10 0v3" stroke="currentColor" stroke-width="2" fill="none"/>
</svg>
<span th:text="${inquiry.visibilityLabel}">법인공개</span>
</span>
</div>
</div>
<h2 class="inquiry-detail-title" th:text="${inquiry.inquirySubject}">질문 제목</h2>
@@ -36,6 +46,12 @@
<div id="inquiryDetail" class="inquiry-content-body" th:utext="${inquiry.inquiryDetail}">
문의 내용이 여기에 표시됩니다.
</div>
<!-- Attachment: 강제 다운로드 링크만 제공 (이미지 인라인 노출 안 함) -->
<div class="inquiry-detail-attach" th:if="${inquiry.attachFile != null and !inquiry.attachFile.isEmpty()}">
<a th:href="@{/file/download(fileId=${inquiry.attachFile}, fileSn=1)}" class="inquiry-attach-link" download>
첨부 이미지 다운로드
</a>
</div>
</div>
<!-- Admin Response Section -->
@@ -107,6 +123,7 @@
});
</script>
<script th:src="@{/js/djb/inquiry-comments.js}"></script>
<script th:src="@{/js/djb/inquiry-view.js}"></script>
</th:block>
</html>
@@ -22,7 +22,7 @@
<!-- Form Content -->
<div class="register-form-container">
<form name="inquiryForm" id="inquiryForm" th:action="${isNew}? @{/inquiry} : @{/inquiry/edit}"
th:object="${inquiry}" method="post" class="register-form">
th:object="${inquiry}" method="post" enctype="multipart/form-data" class="register-form">
<input type="hidden" th:field="*{id}" th:if="${!isNew}">
<!-- Subject Field -->
@@ -62,6 +62,35 @@
</div>
</div>
<!-- Visibility Field -->
<div class="form-row">
<div class="form-label-wrapper label-offset">
<span class="form-label-text">공개범위</span>
</div>
<div class="form-field-wrapper">
<select id="inquiryVisibility" th:field="*{visibility}" class="form-input">
<option th:if="${allowAll}" value="ALL">전체공개</option>
<option th:if="${allowOrg}" value="ORG">법인공개</option>
<option value="PRIVATE">비공개</option>
</select>
<small class="form-help-text">비공개 글은 본인과 소속 법인 관리자만 열람할 수 있습니다.</small>
</div>
</div>
<!-- Image Attach Field -->
<div class="form-row">
<div class="form-label-wrapper label-offset">
<span class="form-label-text">이미지 첨부</span>
</div>
<div class="form-field-wrapper">
<input type="file" id="inquiryImage" name="image" class="form-input"
accept="image/png,image/jpeg,image/gif">
<small class="form-help-text">jpg, jpeg, png, gif 이미지 1개만 첨부할 수 있습니다.</small>
<small th:if="${!isNew and inquiry.attachFile != null and !inquiry.attachFile.isEmpty()}"
class="form-help-text">현재 첨부된 이미지가 있습니다. 새 파일을 선택하면 교체됩니다.</small>
</div>
</div>
</form>
</div>
@@ -128,6 +157,15 @@
return false;
}
const imageInput = document.getElementById('inquiryImage');
if (imageInput && imageInput.files && imageInput.files.length > 0) {
const ext = imageInput.files[0].name.toLowerCase().split('.').pop();
if (['jpg', 'jpeg', 'png', 'gif'].indexOf(ext) === -1) {
customPopups.showAlert('이미지 파일(jpg, jpeg, png, gif)만 첨부할 수 있습니다.');
return;
}
}
form.submit();
});
@@ -21,6 +21,9 @@
<div class="table-controls">
<h2 class="total-count">
<strong th:text="${page.totalElements}">0</strong>
<span class="inquiry-visibility-notice" th:if="${visibilityCeiling != null}">
공개범위 설정: <span th:text="${visibilityCeiling.label()}">법인공개</span>
</span>
</h2>
<div class="search-field">
@@ -47,6 +50,7 @@
<div class="header-cell" style="flex: 1; min-width: 200px;">제목</div>
<div class="header-cell" style="width: 100px;">작성자</div>
<div class="header-cell" style="width: 120px;">처리상태</div>
<div class="header-cell" style="width: 80px;">조회수</div>
<div class="header-cell" style="width: 120px;">등록일</div>
</div>
@@ -54,27 +58,41 @@
<div class="list-table-body">
<div class="list-table-row"
th:each="inquiry, status : ${inquiries}"
th:onclick="'location.href=\'' + @{/inquiry/detail(id=${inquiry.id})} + '\''"
style="cursor: pointer;">
th:classappend="${inquiry.privatePlaceholder} ? ' list-table-row--private'"
th:onclick="${inquiry.privatePlaceholder} ? null : ('location.href=\'' + @{/inquiry/detail(id=${inquiry.id})} + '\'')"
th:style="${inquiry.privatePlaceholder} ? 'cursor: default;' : 'cursor: pointer;'">
<div class="row-cell row-cell--number" style="width: 80px;" data-label="NO"
th:text="${page.totalElements - (page.number * page.size) - status.index}">1</div>
<div class="row-cell row-cell--title" style="flex: 1; min-width: 200px;" data-label="제목">
<a th:href="@{/inquiry/detail(id=${inquiry.id})}" class="notice-title-link">
<a th:href="${inquiry.privatePlaceholder} ? null : @{/inquiry/detail(id=${inquiry.id})}"
class="notice-title-link"
th:classappend="${inquiry.privatePlaceholder} ? ' notice-title-link--disabled'">
<span class="notice-number" th:text="|[${page.totalElements - (page.number * page.size) - status.index}]|">[1]</span>
<span th:text="${inquiry.inquirySubject}">질문 제목</span>
<svg th:if="${inquiry.visibility == 'PRIVATE'}" class="inquiry-lock-icon" width="14" height="14" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-label="비공개">
<rect x="4" y="10" width="16" height="11" rx="2" fill="currentColor"/>
<path d="M7 10V7a5 5 0 0 1 10 0v3" stroke="currentColor" stroke-width="2" fill="none"/>
</svg>
<span th:if="${inquiry.privatePlaceholder}" class="inquiry-private-label">비공개 게시물</span>
<span th:unless="${inquiry.privatePlaceholder}" th:text="${inquiry.inquirySubject}">질문 제목</span>
<span class="inquiry-comment-count"
th:if="${commentCounts != null and commentCounts.get(inquiry.id) != null and commentCounts.get(inquiry.id) > 0}"
th:text="|[${commentCounts.get(inquiry.id)}]|">[3]</span>
</a>
</div>
<div class="row-cell" style="width: 100px;" data-label="작성자" th:text="${inquiry.maskedInquirerName}">홍**</div>
<div class="row-cell row-cell--writer" style="width: 100px;" data-label="작성자">
<span class="inquiry-writer-name" th:text="${inquiry.maskedInquirerName}">홍**</span>
<span class="inquiry-writer-org"
th:if="${inquiry.inquirerOrgName != null and !inquiry.inquirerOrgName.isEmpty()}"
th:text="|(${inquiry.inquirerOrgName})|">(법인명)</span>
</div>
<div class="row-cell" style="width: 120px;" data-label="처리상태">
<span class="inquiry-status-badge"
th:classappend="${inquiry.inquiryStatus == 'RESPONDED' ? 'inquiry-status-badge--completed' : (inquiry.inquiryStatus == 'CLOSED' ? 'inquiry-status-badge--closed' : 'inquiry-status-badge--pending')}"
th:text="${inquiry.inquiryStatus == 'RESPONDED' ? '답변완료' : (inquiry.inquiryStatus == 'CLOSED' ? '종료' : '답변대기')}">
th:classappend="${T(com.eactive.apim.portal.djb.community.qna.constant.DjbInquiryStatus).badgeClass(inquiry.inquiryStatus)}"
th:text="${T(com.eactive.apim.portal.djb.community.qna.constant.DjbInquiryStatus).displayName(inquiry.inquiryStatus)}">
답변대기
</span>
</div>
<div class="row-cell" style="width: 80px;" data-label="조회수" th:text="${inquiry.viewCount}">0</div>
<div class="row-cell" style="width: 120px;" data-label="등록일"
th:text="${#temporals.format(inquiry.createdDate, 'yyyy.MM.dd')}">2025.01.01</div>
</div>
@@ -11,6 +11,23 @@
</section>
<th:block layout:fragment="contentFragment">
<style>
.recent-apps { margin: 0 0 24px; }
.recent-apps-title { font-size: 15px; font-weight: 600; color: #334155; margin: 0 0 10px; }
.recent-apps-list { list-style: none; margin: 0; padding: 0; border: 1px solid #E2E8F0; border-radius: 8px; overflow: hidden; }
.recent-apps-item + .recent-apps-item { border-top: 1px solid #E2E8F0; }
.recent-apps-head { display: flex; align-items: center; gap: 12px; width: 100%; padding: 14px 16px;
background: #F8FAFC; border: 0; cursor: pointer; text-align: left; font: inherit; }
.recent-apps-head:hover { background: #F1F5F9; }
.recent-apps-subject { flex: 1; min-width: 0; font-size: 14px; font-weight: 500; color: #1E293B;
overflow: hidden; text-overflow: ellipsis; white-space: nowrap; }
.recent-apps-date { flex-shrink: 0; font-size: 12px; color: #94A3B8; }
.recent-apps-arrow { flex-shrink: 0; color: #94A3B8; transition: transform .2s ease; }
.recent-apps-item.is-open .recent-apps-arrow { transform: rotate(180deg); }
.recent-apps-body { display: none; padding: 14px 16px; background: #fff; }
.recent-apps-item.is-open .recent-apps-body { display: block; }
.recent-apps-detail { margin: 0; font-size: 13px; line-height: 1.6; color: #475569; white-space: pre-wrap; word-break: break-word; }
</style>
<section class="inquiry-form-container">
<!-- Title Bar -->
@@ -19,6 +36,27 @@
<span class="register-subtitle">DJBank은 온라인 비즈니스 혁신을 위한 피드백/개선요청을 환영합니다.</span>
</div>
<!-- 내가 작성한 최근 글(최대 3건) 아코디언 -->
<div class="recent-apps" th:if="${recentApplications != null and !recentApplications.isEmpty()}">
<p class="recent-apps-title">내가 작성한 최근 글</p>
<ul class="recent-apps-list">
<li class="recent-apps-item" th:each="item : ${recentApplications}">
<button type="button" class="recent-apps-head">
<span class="recent-apps-subject" th:text="${item.bizSubject}">제목</span>
<span class="recent-apps-date"
th:text="${item.createdDate != null ? #temporals.format(item.createdDate, 'yyyy.MM.dd') : ''}">2026.07.13</span>
<svg class="recent-apps-arrow" width="18" height="18" viewBox="0 0 24 24" fill="none"
stroke="currentColor" stroke-width="2" aria-hidden="true">
<polyline points="6 9 12 15 18 9"></polyline>
</svg>
</button>
<div class="recent-apps-body">
<p class="recent-apps-detail" th:text="${item.bizDetail}">내용</p>
</div>
</li>
</ul>
</div>
<!-- Form Content -->
<div class="register-form-container">
<form name="partnershipForm" id="partnershipForm" th:action="@{/partnership}" th:object="${partnership}"
@@ -131,6 +169,13 @@
</script>
<script th:inline="javascript">
$(function () {
// 최근 글 아코디언 토글
document.querySelectorAll('.recent-apps-head').forEach(function (head) {
head.addEventListener('click', function () {
head.closest('.recent-apps-item').classList.toggle('is-open');
});
});
const btnSubmit = document.querySelector('.btn-submit-form');
const fileInput = document.getElementById('file');
const fileDisplayText = document.getElementById('fileDisplayText');
@@ -157,6 +157,27 @@
$(function () {
// CSRF 토큰은 세션 기반 → 세션 만료(server.servlet.session.timeout=10m) 전에
// 메인 페이지로 이동시켜 stale 토큰 제출(403) 방지. 이동은 서버 요청이라 세션 idle도 리셋됨.
// 단, 입력 중에는 이탈 금지 → idle 타이머(활동 시 리셋, 입력값/포커스 있으면 보류).
// 만료 시간은 하드코딩하지 않고 서버 세션 타임아웃(초)을 렌더 시점에 읽어 파생 → yml 변경 시 자동 반영.
var SESSION_TIMEOUT_SEC = /*[[${#request.session.maxInactiveInterval}]]*/ 600;
var LOGIN_IDLE_LIMIT_MS = Math.max(60, SESSION_TIMEOUT_SEC - 120) * 1000; // 세션 만료 2분 전
var loginIdleTimer;
function scheduleIdleRedirect() {
clearTimeout(loginIdleTimer);
loginIdleTimer = setTimeout(function () {
var idEl = document.getElementById('id');
var pwEl = document.getElementById('password');
var busy = document.activeElement === idEl || document.activeElement === pwEl
|| (idEl && idEl.value) || (pwEl && pwEl.value);
if (busy) { scheduleIdleRedirect(); return; } // 입력 중/입력값 있음 → 이탈 보류
window.location.href = /*[[@{/}]]*/ '/';
}, LOGIN_IDLE_LIMIT_MS);
}
$('#id, #password, #checkId').on('input keydown focus click', scheduleIdleRedirect);
scheduleIdleRedirect();
var successMsg = [[${success}]];
console.log("Success message:", successMsg);
if (successMsg) {
@@ -59,6 +59,14 @@
<!-- Credential Info Section -->
<div class="apikey-info-section">
<!-- 인증 방식 -->
<div class="info-row">
<label class="info-label">인증 방식</label>
<div class="info-value">
<div class="info-value-box" th:text="${authType}">OAuth2</div>
</div>
</div>
<!-- Client ID -->
<div class="info-row info-row-with-action">
<label class="info-label">Client ID</label>
@@ -72,27 +80,47 @@
<!-- Client Secret -->
<div class="info-row">
<label class="info-label">Client Secret</label>
<label class="info-label">
Client Secret
<button type="button" class="btn-guide-info" onclick="showLostKeyGuide()" title="비밀정보 안내" aria-label="비밀정보 안내"
style="margin-left:6px;width:18px;height:18px;border-radius:50%;border:1px solid #bbb;background:#f5f5f5;color:#666;font-size:12px;line-height:1;cursor:pointer;padding:0;vertical-align:middle;">?</button>
</label>
<div class="info-value">
<!-- View Button (shown initially) -->
<button type="button" class="btn-view-secret" id="hiddenSecretBox" onclick="showPasswordPrompt()">
<span>조회</span>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<circle cx="11" cy="11" r="8"></circle>
<path d="m21 21-4.35-4.35"></path>
</svg>
</button>
<!-- Actual Secret (hidden initially) -->
<div id="revealedSecretBox" style="display: none;">
<div class="info-row info-row-with-action" style="margin-bottom: 0;">
<div class="info-value" style="display: flex; gap: 16px; align-items: center;">
<div class="info-value-box with-copy" th:text="${apiKey.clientsecret}">secret-key-67890</div>
<button type="button" class="btn-copy-action" th:data-secret="${apiKey.clientsecret}" onclick="copyToClipboardFromButton(this)">
+ 복사
</button>
<!-- secret이 아직 DB에 존재: 최초 1회 조회 가능 -->
<th:block th:if="${secretAvailable}">
<!-- View Button (shown initially) -->
<button type="button" class="btn-view-secret" id="hiddenSecretBox" onclick="showPasswordPrompt()">
<span>조회</span>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<circle cx="11" cy="11" r="8"></circle>
<path d="m21 21-4.35-4.35"></path>
</svg>
</button>
<!-- Actual Secret (hidden initially, 값은 서버 응답으로 JS가 주입) -->
<div id="revealedSecretBox" style="display: none;">
<div class="info-row info-row-with-action" style="margin-bottom: 0;">
<div class="info-value" style="display: flex; gap: 16px; align-items: center;">
<div class="info-value-box with-copy" id="revealedSecretValue"></div>
<button type="button" class="btn-copy-action" id="revealedSecretCopyBtn" onclick="copyToClipboardFromButton(this)">
+ 복사
</button>
</div>
</div>
<p class="secret-warning" style="margin:10px 0 0;padding:10px 12px;background:#fdecea;border:1px solid #f5c6c2;border-radius:6px;color:#c0392b;font-size:13px;line-height:1.6;">
⚠ 이 값은 <strong>지금 한 번만</strong> 표시되며, 이후에는 다시 조회할 수 없습니다.<br>
반드시 <strong>안전한 곳에 복사하여 보관</strong>해 주세요.
</p>
</div>
</th:block>
<!-- secret이 이미 노출·삭제됨 -->
<div th:unless="${secretAvailable}" class="secret-revealed-notice" style="display:flex;align-items:center;gap:12px;">
<span class="secret-revealed-text" style="color:#888;font-size:14px;">이미 1회 노출되어 삭제된 인증정보입니다.</span>
<button type="button" class="btn-guide-link" onclick="showLostKeyGuide()"
style="background:none;border:none;color:#2b6cb0;text-decoration:underline;cursor:pointer;font-size:13px;padding:0;">분실 시 안내</button>
</div>
</div>
</div>
@@ -178,36 +206,50 @@
<script th:inline="javascript">
/*<![CDATA[*/
// Show password prompt for viewing client secret
var CREDENTIAL_CLIENT_ID = /*[[${apiKey.clientid}]]*/ '';
// 비밀정보 안내(분실 시 조치) 가이드 팝업
function showLostKeyGuide() {
customPopups.showAlert(
'Client Secret은 보안을 위해 <strong>최초 1회만 조회</strong>할 수 있으며,<br>' +
'조회하는 즉시 개발자포탈에서 <strong>영구 삭제</strong>됩니다.<br><br>' +
'값을 분실하셨다면 복구가 불가능하므로,<br>' +
'<strong>인증키를 새로 신청</strong>하여 발급받아 주세요.'
);
}
// Show password prompt for viewing client secret (최초 1회 노출 + 서버측 물리 삭제)
function showPasswordPrompt() {
customPopups.showPasswordInput({
title: 'Client Secret 조회',
message: '보안을 위해 비밀번호를 입력해주세요.',
message: '보안을 위해 비밀번호를 입력해주세요.<br>조회 즉시 값은 영구 삭제됩니다.',
onConfirm: function(password) {
// Verify password via AJAX
$.ajax({
url: /*[[@{/myapikey/verify-password}]]*/ '/myapikey/verify-password',
url: /*[[@{/myapikey/credential/reveal-secret}]]*/ '/myapikey/credential/reveal-secret',
type: 'POST',
data: {password: password},
contentType: 'application/json',
data: JSON.stringify({ clientId: CREDENTIAL_CLIENT_ID, password: password }),
headers: {
'X-XSRF-TOKEN': /*[[${_csrf.token}]]*/ 'token'
},
success: function(response) {
if (response.success) {
// Hide password popup
customPopups.hidePasswordInput();
// Reveal the client secret
$('#hiddenSecretBox').hide();
$('#revealedSecretBox').fadeIn(300);
} else {
// Show error message
customPopups.showPasswordError(response.message || '비밀번호가 일치하지 않습니다.');
}
},
error: function() {
customPopups.showPasswordError('오류가 발생했습니다. 다시 시도해주세요.');
}
}).done(function(response) {
if (response.success) {
customPopups.hidePasswordInput();
// 서버가 반환한 secret을 화면에 1회 주입
$('#revealedSecretValue').text(response.secret);
$('#revealedSecretCopyBtn').attr('data-secret', response.secret).data('secret', response.secret);
$('#hiddenSecretBox').hide();
$('#revealedSecretBox').fadeIn(300);
} else if (response.alreadyRevealed) {
customPopups.hidePasswordInput();
showLostKeyGuide();
} else {
customPopups.showPasswordError(response.message || '비밀번호가 일치하지 않습니다.');
}
}).fail(function() {
customPopups.showPasswordError('오류가 발생했습니다. 다시 시도해주세요.');
});
},
onCancel: function() {
@@ -252,31 +294,38 @@
function deleteApiKeyFromButton(button) {
var clientId = $(button).data('client-id');
if (!confirm('정말로 이 인증키를 삭제하시겠습니까?')) {
return;
}
$('.loading-overlay').show();
const requestData = {
clientId: clientId
};
$.ajax({
url: '/myapikey/api_key_delete',
type: 'POST',
contentType: 'application/json',
data: JSON.stringify(requestData),
headers: {
'X-XSRF-TOKEN': /*[[${_csrf.token}]]*/ 'token'
customPopups.showConfirm('정말로 이 인증키를 삭제하시겠습니까?', function(confirmed) {
if (!confirmed) {
return;
}
}).done(function(response) {
alert(response.msg || 'API Key가 삭제되었습니다.');
window.location.href = /*[[@{/myapikey}]]*/ '/myapikey';
}).fail(function(jqXHR, textStatus, errorThrown) {
alert('API 삭제 요청 중 오류가 발생했습니다: ' + errorThrown);
}).always(function() {
$('.loading-overlay').hide();
$('.loading-overlay').show();
const requestData = {
clientId: clientId
};
$.ajax({
url: '/myapikey/api_key_delete',
type: 'POST',
contentType: 'application/json',
data: JSON.stringify(requestData),
headers: {
'X-XSRF-TOKEN': /*[[${_csrf.token}]]*/ 'token'
}
}).done(function(response) {
if (response && response.success === false) {
customPopups.showAlert(response.msg || 'API 삭제에 실패했습니다.');
return;
}
customPopups.showAlert(response.msg || 'API Key가 삭제되었습니다.', function() {
window.location.href = /*[[@{/myapikey}]]*/ '/myapikey';
});
}).fail(function(jqXHR, textStatus, errorThrown) {
customPopups.showAlert('API 삭제 요청 중 오류가 발생했습니다: ' + errorThrown);
}).always(function() {
$('.loading-overlay').hide();
});
});
}
@@ -123,7 +123,7 @@
<line x1="880" y1="170" x2="240" y2="170" stroke="#64748B" stroke-width="2" marker-end="url(#o2leg-arrow-gray)"/>
<text x="560" y="188" text-anchor="middle" font-size="11" font-weight="500" fill="#64748B">{ access_token, token_type:"bearer", expires_in:86400, scope, jti }</text>
<text x="560" y="216" text-anchor="middle" font-size="12" font-weight="700" fill="#0049b4">③ GET /api/v1/... · Authorization: Bearer &lt;access_token&gt;</text>
<text x="560" y="216" text-anchor="middle" font-size="12" font-weight="700" fill="#0049b4">③ GET /api/v1/... · X-AUTH-TOKEN: Bearer &lt;access_token&gt;</text>
<line x1="240" y1="226" x2="880" y2="226" stroke="#0049b4" stroke-width="2" marker-end="url(#o2leg-arrow-primary)"/>
<text x="560" y="248" text-anchor="middle" font-size="12" font-weight="700" fill="#64748B">④ 검증 후 API 응답</text>
@@ -139,7 +139,7 @@
<p class="oauth2-2legged__desc">ClientID/Secret 으로 토큰 엔드포인트에 POST 합니다.</p>
<div class="oauth2-2legged__endpoint-box">
<span class="oauth2-2legged__method">POST</span>
<span class="oauth2-2legged__method">GET · POST</span>
<code class="oauth2-2legged__endpoint-path">https://openapi.djbank.co.kr/dj/oauth/token</code>
<span class="oauth2-2legged__endpoint-content-type">x-www-form-urlencoded</span>
</div>
@@ -173,8 +173,8 @@
</tr>
<tr>
<td><code>scope</code></td>
<td><span class="oauth2-2legged__req-badge oauth2-2legged__req-badge--optional">선택</span></td>
<td>호출 권한 범위 (공백 구분)</td>
<td><span class="oauth2-2legged__req-badge oauth2-2legged__req-badge--required">필수</span></td>
<td>고정값 "api"</td>
</tr>
</tbody>
</table>
@@ -189,7 +189,7 @@ curl -X <span class="o2leg-y">POST</span> <span class="o2leg-c">'https://openapi
-d <span class="o2leg-c">'grant_type=client_credentials'</span> \
-d <span class="o2leg-c">'client_id=YOUR_CLIENT_ID'</span> \
-d <span class="o2leg-c">'client_secret=YOUR_CLIENT_SECRET'</span> \
-d <span class="o2leg-c">'scope=read.accounts'</span>
-d <span class="o2leg-c">'scope=api'</span>
<span class="o2leg-g"># 응답: 200 OK + JSON</span></pre>
</div>
@@ -208,8 +208,8 @@ curl -X <span class="o2leg-y">POST</span> <span class="o2leg-c">'https://openapi
<pre class="oauth2-2legged__code-block">{
<span class="o2leg-c">"access_token"</span>: <span class="o2leg-y">"eyJhbGciOiJSUzI1NiJ9..."</span>,
<span class="o2leg-c">"token_type"</span>: <span class="o2leg-y">"bearer"</span>,
<span class="o2leg-c">"expires_in"</span>: <span class="o2leg-p">86400</span>,
<span class="o2leg-c">"scope"</span>: <span class="o2leg-y">"read.accounts"</span>,
<span class="o2leg-c">"expires_in"</span>: <span class="o2leg-p">86399</span>,
<span class="o2leg-c">"scope"</span>: <span class="o2leg-y">"api"</span>,
<span class="o2leg-c">"jti"</span>: <span class="o2leg-y">"f47ac10b-58cc-4372-..."</span>
}
@@ -245,7 +245,7 @@ curl -X <span class="o2leg-y">POST</span> <span class="o2leg-c">'https://openapi
<tr>
<td><code class="oauth2-2legged__field-name">scope</code></td>
<td>string</td>
<td>실제 부여된 권한 범위</td>
<td>부여된 권한 범위 (api)</td>
</tr>
<tr>
<td><code class="oauth2-2legged__field-name">jti</code></td>
@@ -262,13 +262,13 @@ curl -X <span class="o2leg-y">POST</span> <span class="o2leg-c">'https://openapi
<section class="oauth2-2legged__step" aria-labelledby="o2leg-step3-title">
<span class="oauth2-2legged__eyebrow">STEP 3</span>
<h2 class="oauth2-2legged__h2" id="o2leg-step3-title">발급 토큰으로 API 호출</h2>
<p class="oauth2-2legged__desc">Authorization 헤더에 Bearer 토큰을 실어 보호 자원 API 를 호출합니다.</p>
<p class="oauth2-2legged__desc">X-AUTH-TOKEN 헤더에 Bearer 토큰을 실어 보호 자원 API 를 호출합니다.</p>
<div class="oauth2-2legged__step-grid">
<div class="oauth2-2legged__panel">
<h3 class="oauth2-2legged__panel-title">필수 헤더</h3>
<div class="oauth2-2legged__header-box">
<code class="oauth2-2legged__header-key">Authorization:</code>
<code class="oauth2-2legged__header-key">X-AUTH-TOKEN:</code>
<code class="oauth2-2legged__header-value">Bearer eyJhbGciOiJSUzI1NiJ9...</code>
</div>
@@ -277,7 +277,7 @@ curl -X <span class="o2leg-y">POST</span> <span class="o2leg-c">'https://openapi
<li>동일 토큰은 expires_in(기본 86400초) 동안 재사용</li>
<li>만료 임박 시 재발급 후 교체 (예: TTL의 80% 시점)</li>
<li>매 호출마다 토큰을 새로 발급하지 마세요</li>
<li>권한이 다른 API 는 scope 별로 토큰을 분리 발급</li>
<li>401 "Access token expired" 응답 시 재발급 후 재호출</li>
</ul>
</div>
@@ -286,7 +286,7 @@ curl -X <span class="o2leg-y">POST</span> <span class="o2leg-c">'https://openapi
<pre class="oauth2-2legged__code-block"><span class="o2leg-cm"># 보호 자원 API 호출</span>
curl -X <span class="o2leg-y">GET</span> \
<span class="o2leg-c">'https://openapi.djbank.co.kr/api/v1/accounts'</span> \
-H <span class="o2leg-c">'Authorization: Bearer eyJhbGciOiJSUzI..'</span> \
-H <span class="o2leg-c">'X-AUTH-TOKEN: Bearer eyJhbGciOiJSUzI..'</span> \
-H <span class="o2leg-c">'Accept: application/json'</span>
<span class="o2leg-g"># 응답</span>
@@ -313,28 +313,52 @@ HTTP/1.1 <span class="o2leg-g">200 OK</span>
</thead>
<tbody>
<tr>
<td><span class="oauth2-2legged__status-badge oauth2-2legged__status-badge--400">400</span></td>
<td><code>invalid_request</code></td>
<td>필수 파라미터 누락/형식 오류</td>
<td>grant_type, client_id, client_secret 확인</td>
<td><span class="oauth2-2legged__status-badge oauth2-2legged__status-badge--400">401</span></td>
<td><code>E.GW.AUTH_FAIL</code></td>
<td>client not found (client_id 오류)</td>
<td>client_id 확인</td>
</tr>
<tr>
<td><span class="oauth2-2legged__status-badge oauth2-2legged__status-badge--400">401</span></td>
<td><code>invalid_client</code></td>
<td>자격증명 불일치 / 미승인</td>
<td>ClientID·Secret 확인, 앱 상태 점검</td>
<td><code>E.GW.AUTH_FAIL</code></td>
<td>Bad client credentials (client_secret 불일치)</td>
<td>client_secret 확인</td>
</tr>
<tr>
<td><span class="oauth2-2legged__status-badge oauth2-2legged__status-badge--400">401</span></td>
<td><code>invalid_token</code></td>
<td>만료/위·변조된 토큰</td>
<td><code>E.GW.AUTH_FAIL</code></td>
<td>Include unacceptable scope (허용되지 않은 scope)</td>
<td>scope 를 api 로 설정</td>
</tr>
<tr>
<td><span class="oauth2-2legged__status-badge oauth2-2legged__status-badge--400">401</span></td>
<td><code>E.GW.AUTH_FAIL</code></td>
<td>Access token expired (토큰 만료)</td>
<td>토큰 재발급 후 재시도</td>
</tr>
<tr>
<td><span class="oauth2-2legged__status-badge oauth2-2legged__status-badge--403">403</span></td>
<td><code>insufficient_scope</code></td>
<td>scope 권한 부족</td>
<td>필요 scope 추가 신청 후 재발급</td>
<td><span class="oauth2-2legged__status-badge oauth2-2legged__status-badge--403">400</span></td>
<td><code>E.GW.AUTH_FAIL</code></td>
<td>Invalid Mandatory Field {grant_type} (누락)</td>
<td>grant_type 포함 여부 확인</td>
</tr>
<tr>
<td><span class="oauth2-2legged__status-badge oauth2-2legged__status-badge--403">400</span></td>
<td><code>E.GW.AUTH_FAIL</code></td>
<td>Invalid Mandatory Field {client_id} (누락)</td>
<td>client_id 포함 여부 확인</td>
</tr>
<tr>
<td><span class="oauth2-2legged__status-badge oauth2-2legged__status-badge--403">400</span></td>
<td><code>E.GW.AUTH_FAIL</code></td>
<td>Invalid Mandatory Field {client_secret} (누락)</td>
<td>client_secret 포함 여부 확인</td>
</tr>
<tr>
<td><span class="oauth2-2legged__status-badge oauth2-2legged__status-badge--403">400</span></td>
<td><code>E.GW.AUTH_FAIL</code></td>
<td>Invalid Mandatory Field {scope} (누락)</td>
<td>scope=api 포함 여부 확인</td>
</tr>
</tbody>
</table>
@@ -351,11 +375,9 @@ HTTP/1.1 <span class="o2leg-g">200 OK</span>
<div class="oauth2-2legged__code-panel oauth2-2legged__code-panel--error">
<span class="oauth2-2legged__code-tag oauth2-2legged__code-tag--error">401 Unauthorized · JSON</span>
<pre class="oauth2-2legged__code-block">{
<span class="o2leg-c">"error"</span>: <span class="o2leg-y">"invalid_client"</span>,
<span class="o2leg-c">"error"</span>: <span class="o2leg-y">"E.GW.AUTH_FAIL"</span>,
<span class="o2leg-c">"error_description"</span>:
<span class="o2leg-y">"Client authentication failed"</span>,
<span class="o2leg-c">"status"</span>: <span class="o2leg-p">401</span>,
<span class="o2leg-c">"timestamp"</span>: <span class="o2leg-y">"2026-06-10T11:23:45Z"</span>
<span class="o2leg-y">"Unauthorized. [Bad client credentials(Client Secret is not match)]"</span>
}
<span class="o2leg-g"># 처리: ClientID·Secret 확인 후 재시도</span></pre>
@@ -375,26 +397,16 @@ HTTP/1.1 <span class="o2leg-g">200 OK</span>
<tr>
<td><code class="oauth2-2legged__field-name">error</code></td>
<td>string</td>
<td>에러 코드 (예: invalid_client)</td>
<td>에러 코드 (예: E.GW.AUTH_FAIL)</td>
</tr>
<tr>
<td><code class="oauth2-2legged__field-name">error_description</code></td>
<td>string</td>
<td>사람이 읽을 수 있는 설명</td>
</tr>
<tr>
<td><code class="oauth2-2legged__field-name">status</code></td>
<td>int</td>
<td>HTTP 상태 코드</td>
</tr>
<tr>
<td><code class="oauth2-2legged__field-name">timestamp</code></td>
<td>string</td>
<td>에러 발생 시각 (ISO 8601)</td>
<td>오류 상세 설명 (사람이 읽을 수 있는 형태)</td>
</tr>
</tbody>
</table>
<p class="oauth2-2legged__error-note">⚠ error 코드는 RFC 6749 표준 코드 또는 DJBank 확장 코드</p>
<p class="oauth2-2legged__error-note">⚠ error 코드는 게이트웨이 표준 코드 (E.GW.AUTH_FAIL)</p>
</div>
</div>
</section>
@@ -7,6 +7,23 @@
<meta content="https://www.eactive.co.kr/" property="og:url"/>
<meta charset="UTF-8"/>
<!-- Favicon (DJB 로고) -->
<link rel="icon" type="image/png" sizes="32x32" th:href="@{/img/favicon/favicon-32x32.png}"/>
<link rel="icon" type="image/png" sizes="16x16" th:href="@{/img/favicon/favicon-16x16.png}"/>
<link rel="shortcut icon" type="image/png" th:href="@{/img/favicon/favicon.png}"/>
<link rel="apple-touch-icon" sizes="180x180" th:href="@{/img/favicon/apple-touch-icon.png}"/>
<!-- 클라이언트 가드 (우클릭 차단 · DevTools 감지). PortalProperty 토글이 하나라도 켜지면 로드 -->
<th:block th:if="${clientGuardContextmenu or clientGuardDevtools}">
<script th:inline="javascript">
window.__CLIENT_GUARD__ = {
contextmenu: /*[[${clientGuardContextmenu}]]*/ false,
devtools: /*[[${clientGuardDevtools}]]*/ false
};
</script>
<script th:src="@{/js/djb/client-guard.js}"></script>
</th:block>
<!-- CSRF 토큰 (세션 기반). 정적 JS/AJAX에서 토큰·헤더명을 읽어 사용한다. -->
<meta name="_csrf" th:content="${_csrf != null ? _csrf.token : ''}"/>
<meta name="_csrf_header" th:content="${_csrf != null ? _csrf.headerName : 'X-XSRF-TOKEN'}"/>
@@ -3,16 +3,6 @@
xmlns:sec="http://www.thymeleaf.org/extras/spring-security">
<body>
<th:block th:fragment="headerFragment(headerClass)">
<!-- Design Survey Bar -->
<div th:if="${designSurveyEnabled}" class="design-survey-bar" id="designSurveyBar">
<div class="survey-container">
<span class="survey-label">네비게이션 디자인을 선택해주세요:</span>
<div class="survey-buttons" id="surveyButtons">
<!-- 버튼은 JavaScript에서 동적으로 생성됩니다 -->
</div>
</div>
</div>
<!-- Global Header Container -->
<header class="global-header" th:classappend="${headerClass}">
<div class="container">
@@ -64,11 +54,6 @@
<!-- Logout State (Authenticated) -->
<div class="auth-group authenticated" sec:authorize="isAuthenticated()">
<div class="header-user-info">
<span class="session-timer" id="sessionTimer" title="남은 세션 시간">
<i class="fas fa-clock session-timer-icon"></i>
<span class="session-timer-text" id="sessionRemainingTime">--:--</span>
</span>
<span class="divider"></span>
<div class="user-identity">
<img th:src="@{/img/user_icon.svg}" alt="User" class="user-icon">
<span class="user-name">[[${#authentication.principal.userName}]]님</span>
@@ -107,10 +92,6 @@
</div>
<div class="mobile-right">
<span class="session-timer session-timer-mobile" sec:authorize="isAuthenticated()" title="남은 세션 시간">
<i class="fas fa-clock session-timer-icon"></i>
<span class="session-timer-text">--:--</span>
</span>
<button class="mobile-menu-btn" id="mobileMenuToggle" aria-label="메뉴">
<span class="hamburger-line"></span>
<span class="hamburger-line"></span>
@@ -123,6 +104,19 @@
</div>
</header>
<!-- 우측 상단 Float 세션 타이머 (인증 사용자). 모바일에선 헤더/햄버거 아래로 내려 겹침 방지 -->
<div class="session-float" sec:authorize="isAuthenticated()">
<span class="session-timer" id="sessionTimer" title="남은 세션 시간">
<i class="fas fa-clock session-timer-icon"></i>
<span class="session-timer-text" id="sessionRemainingTime">--:--</span>
</span>
<!-- 세션 유지(타임아웃 무시) 체크박스: 비운영 + property 활성 시에만 렌더 (prod 미노출) -->
<label class="session-keepalive" th:if="${sessionKeepAliveAllowed}" title="세션 자동 유지 (비운영 전용)">
<input type="checkbox" id="sessionKeepAliveToggle">
<span>세션 유지</span>
</label>
</div>
<!-- Mobile Drawer/Modal -->
<div class="mobile-drawer" id="mobileDrawer">
<div class="drawer-overlay" id="drawerOverlay"></div>
@@ -228,7 +222,6 @@
<li sec:authorize="hasRole('ROLE_USER_MANAGER')"><a th:href="@{/users}">이용자 관리</a></li>
<li sec:authorize="hasRole('ROLE_APP')"><a th:href="@{/myapikey}">인증 키 관리</a></li>
<li sec:authorize="hasRole('ROLE_APP')"><a th:href="@{/statistics/api}">이용 통계</a></li>
<li sec:authorize="hasRole('ROLE_APP')"><a th:href="@{/commission/manage}">과금 관리</a></li>
<li><a th:href="@{/mypage}">내 정보 관리</a></li>
<li><a th:href="@{/change_password}">비밀번호 변경</a></li>
</ul>
@@ -271,6 +264,7 @@
var countdownTimer = null;
var promptShown = false; // 연장 확인 모달 중복 표시 방지
var redirecting = false;
var keepAliveActive = false; // 세션 유지 체크 시 true → 카운트다운 정지, 무제한(∞) 표시
function getCookie(name) {
var m = document.cookie.match('(^|;)\\s*' + name + '\\s*=\\s*([^;]+)');
@@ -298,6 +292,14 @@
function render() {
if (!timerTexts.length) return;
// 세션 유지 활성 시 카운트다운 대신 무제한(∞) 표시
if (keepAliveActive) {
for (var k = 0; k < timerTexts.length; k++) {
timerTexts[k].textContent = '∞';
timerTexts[k].classList.remove('session-timer-warning');
}
return;
}
var label = formatTime(remainingSeconds);
var warn = remainingSeconds <= WARNING_SECONDS;
for (var i = 0; i < timerTexts.length; i++) {
@@ -361,6 +363,11 @@
}
function tick() {
// 세션 유지 활성 시 로컬 카운트다운·만료 처리 중단 (heartbeat가 세션 연장)
if (keepAliveActive) {
render();
return;
}
remainingSeconds--;
if (remainingSeconds <= 0) {
goTo(EXPIRED_URL);
@@ -398,6 +405,44 @@
render();
countdownTimer = setInterval(tick, 1000);
setInterval(pollStatus, POLL_INTERVAL_MS);
// 세션 유지(타임아웃 무시): 비운영 + DB property 활성 시에만 동작(prod는 서버가 false 주입 → 체크박스도 미렌더).
// 체크 시 주기적 heartbeat로 세션을 계속 연장. 탭을 닫으면 heartbeat 중단 → 정상 만료.
var KEEPALIVE_ALLOWED = /*[[${sessionKeepAliveAllowed}]]*/ false;
var KEEPALIVE_LS_KEY = 'sessionKeepAlive';
var KEEPALIVE_INTERVAL_MS = 60000; // 세션 타임아웃보다 충분히 짧게
var keepAliveTimer = null;
var keepAliveToggle = document.getElementById('sessionKeepAliveToggle');
function startKeepAlive() {
keepAliveActive = true;
render(); // 즉시 ∞ 표시
if (keepAliveTimer) return;
keepAliveTimer = setInterval(extendSession, KEEPALIVE_INTERVAL_MS);
extendSession(); // 즉시 1회 연장
}
function stopKeepAlive() {
keepAliveActive = false;
if (keepAliveTimer) { clearInterval(keepAliveTimer); keepAliveTimer = null; }
render(); // 카운트다운 표시 복귀
pollStatus(); // 정지 중 stale 해소: 서버 잔여시간 즉시 재동기화
}
if (KEEPALIVE_ALLOWED && keepAliveToggle) {
if (localStorage.getItem(KEEPALIVE_LS_KEY) === 'true') {
keepAliveToggle.checked = true;
startKeepAlive();
}
keepAliveToggle.addEventListener('change', function () {
if (keepAliveToggle.checked) {
localStorage.setItem(KEEPALIVE_LS_KEY, 'true');
startKeepAlive();
} else {
localStorage.removeItem(KEEPALIVE_LS_KEY);
stopKeepAlive();
}
});
}
})();
</script>
@@ -504,107 +549,6 @@
}
});
// ============================================================
// Design Survey Configuration
// 새 디자인 옵션 추가: DESIGN_OPTIONS 배열에 항목 추가
// 예: { id: 'D', label: 'D', styles: { '.logo-text': { 'font-size': '16px' } } }
// ============================================================
const DESIGN_OPTIONS = [
{
id: 'A',
label: 'A (현재)',
isDefault: true,
styles: {} // 기본 스타일 (변경 없음)
},
{
id: 'B',
label: 'B',
styles: {
'.logo-text': { 'font-size': '18px' },
'.nav-link': { 'margin': '0 20px' }
}
},
{
id: 'C',
label: 'C',
styles: {
'.nav-link': { 'margin': '0 20px', 'font-weight': 'bold' }
}
}
// 새 디자인 추가 예시:
// {
// id: 'D',
// label: 'D',
// styles: {
// '.logo-text': { 'font-size': '16px', 'color': '#333' },
// '.nav-link': { 'padding': '10px 24px' }
// }
// }
];
// Design Survey Logic
const surveyBar = document.getElementById('designSurveyBar');
if (surveyBar) {
const body = document.body;
const buttonContainer = document.getElementById('surveyButtons');
const STORAGE_KEY = 'design-survey-selection';
let styleElement = null;
body.classList.add('design-survey-active');
// 버튼 동적 생성
DESIGN_OPTIONS.forEach(option => {
const btn = document.createElement('button');
btn.type = 'button';
btn.className = 'survey-btn';
btn.dataset.design = option.id;
btn.textContent = option.label;
buttonContainer.appendChild(btn);
});
const surveyButtons = buttonContainer.querySelectorAll('.survey-btn');
const defaultOption = DESIGN_OPTIONS.find(o => o.isDefault) || DESIGN_OPTIONS[0];
const savedDesign = localStorage.getItem(STORAGE_KEY) || defaultOption.id;
applyDesign(savedDesign);
surveyButtons.forEach(btn => {
btn.classList.toggle('active', btn.dataset.design === savedDesign);
});
surveyButtons.forEach(btn => {
btn.addEventListener('click', function() {
surveyButtons.forEach(b => b.classList.remove('active'));
this.classList.add('active');
applyDesign(this.dataset.design);
localStorage.setItem(STORAGE_KEY, this.dataset.design);
});
});
function applyDesign(designId) {
// 기존 동적 스타일 제거
if (styleElement) {
styleElement.remove();
styleElement = null;
}
const option = DESIGN_OPTIONS.find(o => o.id === designId);
if (!option || Object.keys(option.styles).length === 0) return;
// 동적 스타일 생성
let css = '';
for (const [selector, props] of Object.entries(option.styles)) {
const propsStr = Object.entries(props)
.map(([prop, val]) => `${prop}: ${val} !important`)
.join('; ');
css += `${selector} { ${propsStr}; }\n`;
}
styleElement = document.createElement('style');
styleElement.id = 'design-survey-styles';
styleElement.textContent = css;
document.head.appendChild(styleElement);
}
}
});
</script>
</th:block>
+2 -4
View File
@@ -1,8 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<weblogic-web-app
xmlns="http://xmlns.oracle.com/weblogic/weblogic-web-app"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.oracle.com/weblogic/weblogic-web-app http://xmlns.oracle.com/weblogic/weblogic-web-app/1.6/weblogic-web-app.xsd">
<weblogic-web-app xmlns="http://xmlns.oracle.com/weblogic/weblogic-web-app">
<context-root>/</context-root>
@@ -18,6 +15,7 @@
<session-descriptor>
<timeout-secs>1800</timeout-secs>
<cookie-name>JSESSIONID_PORTAL</cookie-name>
<persistent-store-type>replicated_if_clustered</persistent-store-type>
</session-descriptor>
</weblogic-web-app>