feat: 유저 관리 API 추가 (목록 조회, 권한 변경, 삭제)

- GET /api/users - 전체 유저 목록 (admin only) - PATCH /api/users/:id/role - 권한 변경 (admin only) - DELETE /api/users/:id - 유저 삭제 (admin only) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-24 14:52:45 +09:00
parent ec6ac35ac7
commit 17983ad775
4 changed files with 66 additions and 0 deletions
--- a/internal/auth/handler.go
+++ b/internal/auth/handler.go
@@ -39,3 +39,31 @@ func (h *Handler) Logout(c *fiber.Ctx) error {
 	h.svc.Logout(userID)
 	return c.JSON(fiber.Map{"message": "로그아웃 되었습니다"})
 }
+
+func (h *Handler) GetAllUsers(c *fiber.Ctx) error {
+	users, err := h.svc.GetAllUsers()
+	if err != nil {
+		return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "유저 목록을 불러오지 못했습니다"})
+	}
+	return c.JSON(users)
+}
+
+func (h *Handler) UpdateRole(c *fiber.Ctx) error {
+	var body struct {
+		Role string `json:"role"`
+	}
+	if err := c.BodyParser(&body); err != nil || (body.Role != "admin" && body.Role != "user") {
+		return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "role은 admin 또는 user여야 합니다"})
+	}
+	if err := h.svc.UpdateRole(c.Params("id"), Role(body.Role)); err != nil {
+		return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "권한 변경에 실패했습니다"})
+	}
+	return c.JSON(fiber.Map{"message": "권한이 변경되었습니다"})
+}
+
+func (h *Handler) DeleteUser(c *fiber.Ctx) error {
+	if err := h.svc.DeleteUser(c.Params("id")); err != nil {
+		return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "유저 삭제에 실패했습니다"})
+	}
+	return c.SendStatus(fiber.StatusNoContent)
+}
--- a/internal/auth/repository.go
+++ b/internal/auth/repository.go
@@ -19,3 +19,23 @@ func (r *Repository) FindByUsername(username string) (*User, error) {
 func (r *Repository) Create(user *User) error {
 	return r.db.Create(user).Error
 }
+
+func (r *Repository) FindAll() ([]User, error) {
+	var users []User
+	err := r.db.Order("created_at asc").Find(&users).Error
+	return users, err
+}
+
+func (r *Repository) FindByID(id string) (*User, error) {
+	var user User
+	err := r.db.First(&user, id).Error
+	return &user, err
+}
+
+func (r *Repository) UpdateRole(id string, role Role) error {
+	return r.db.Model(&User{}).Where("id = ?", id).Update("role", role).Error
+}
+
+func (r *Repository) Delete(id string) error {
+	return r.db.Delete(&User{}, id).Error
+}
--- a/internal/auth/service.go
+++ b/internal/auth/service.go
@@ -65,6 +65,18 @@ func (s *Service) Logout(userID uint) {
 	s.rdb.Del(context.Background(), key)
 }

+func (s *Service) GetAllUsers() ([]User, error) {
+	return s.repo.FindAll()
+}
+
+func (s *Service) UpdateRole(id string, role Role) error {
+	return s.repo.UpdateRole(id, role)
+}
+
+func (s *Service) DeleteUser(id string) error {
+	return s.repo.Delete(id)
+}
+
 func (s *Service) EnsureAdmin(username, password string) error {
 	if _, err := s.repo.FindByUsername(username); err == nil {
 		return nil // 이미 존재하면 스킵