From 8a65cd644832a75d7c84748f639029e772520280 Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 18:21:43 +0900
Subject: [PATCH 01/14] Add permission checks and localization to ARS pages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add grant check (52, 'D') to ARS list download button
- Add grant check (52, 'X') to ARS payment request button
- Add grant check (52, 'X') to ARS detail SMS resend button
- Refactor inline onClick handlers to method references
- Replace hardcoded Korean text with i18n translation keys in ARS detail page

Changes:
- ars/list-page: Add permission checks for download and payment request
- ars/detail-page: Add permission check for SMS resend, localize all UI text

Localized fields:
- Page title, transaction info, payment method, payment status, order status
- Order date/time, product name, order number, buyer, phone number, email
- Verification code, SMS resend button and success/error messages

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../additional-service/ars/detail-page.tsx    | 46 +++++++++++--------
 .../additional-service/ars/list-page.tsx      | 14 +++++-
 2 files changed, 38 insertions(+), 22 deletions(-)

diff --git a/src/pages/additional-service/ars/detail-page.tsx b/src/pages/additional-service/ars/detail-page.tsx
index f18cfd3..c5abecf 100644
--- a/src/pages/additional-service/ars/detail-page.tsx
+++ b/src/pages/additional-service/ars/detail-page.tsx
@@ -25,6 +25,8 @@ import { ArsResendSmsBottomSheet } from '@/entities/additional-service/ui/ars/re
 import { useExtensionArsResendMutation } from '@/entities/additional-service/api/ars/use-extension-ars-resend-mutation';
 import { getArsOrderStatusName, getArsPaymentStatusName } from '@/entities/additional-service/model/ars/constant';
 import { snackBar } from '@/shared/lib';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const ArsDetailPage = () => {
   const { t, i18n } = useTranslation();
@@ -50,7 +52,7 @@ export const ArsDetailPage = () => {
     });
   };
 
-  useSetHeaderTitle('ARS 결제 상세');
+  useSetHeaderTitle(t('additionalService.ars.detailTitle'));
   useSetHeaderType(HeaderType.LeftArrow);
   useSetFooterMode(false);
   useSetOnBack(() => {
@@ -62,6 +64,10 @@ export const ArsDetailPage = () => {
   }, []);
 
   const onClickToOpenResendBottomSheet = () => {
+    if (!checkGrant(52, 'X')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setBottomSheetOn(true);
   };
 
@@ -76,18 +82,18 @@ export const ArsDetailPage = () => {
     }
     extensionArsResend(params).then((rs: ExtensionArsResendResponse) => {
       if (rs.status) {
-        snackBar("SMS 재전송을 성공하였습니다.");
+        snackBar(t('additionalService.ars.smsResendSuccess'));
         setBottomSheetOn(false);
         callDetail(); // 상세 정보 갱신
       } else {
-        const errorMessage = rs.error?.message || 'SMS 재전송이 실패하였습니다.';
-        snackBar(`[실패] ${errorMessage}`);
+        const errorMessage = rs.error?.message || t('additionalService.ars.smsResendFailed');
+        snackBar(`[${t('common.failed')}] ${errorMessage}`);
       }
     }).catch((error) => {
       const errorMessage = error?.response?.data?.error?.message ||
         error?.message ||
-        'SMS 재전송 중 오류가 발생했습니다.';
-      snackBar(`[실패] ${errorMessage}`);
+        t('additionalService.ars.smsResendError');
+      snackBar(`[${t('common.failed')}] ${errorMessage}`);
     });
   };
 
@@ -107,52 +113,52 @@ export const ArsDetailPage = () => {
             </div>
             <div className="detail-divider"></div>
             <div className="pay-detail">
-              <div className="detail-title">거래 정보</div>
+              <div className="detail-title">{t('additionalService.ars.transactionInfo')}</div>
               <ul className="kv-list">
                 <li className="kv-row">
                   <span className="k">MID</span>
                   <span className="v">{ detail?.mid }</span>
                 </li>
                 <li className="kv-row">
-                  <span className="k">결제방식</span>
+                  <span className="k">{t('additionalService.ars.paymentMethod')}</span>
                   <span className="v">{ detail?.arsPaymentMethod }</span>
                 </li>
                 <li className="kv-row">
-                  <span className="k">결제상태</span>
+                  <span className="k">{t('additionalService.ars.paymentStatus')}</span>
                   <span className="v">{ getArsPaymentStatusName(t)(detail?.paymentStatus) }</span>
                 </li>
                 <li className="kv-row">
-                  <span className="k">주문상태</span>
+                  <span className="k">{t('additionalService.ars.orderStatus')}</span>
                   <span className="v">{ getArsOrderStatusName(t)(detail?.orderStatus) }</span>
                 </li>
                 <li className="kv-row">
-                  <span className="k">주문일시</span>
-                  <span className="v">{ 
+                  <span className="k">{t('additionalService.ars.orderDateTime')}</span>
+                  <span className="v">{
                     detail?.paymentDate ? moment(detail.paymentDate, 'YYYYMMDDHHmmss').format('YYYY.MM.DD HH:mm:ss') : '-'
                   }</span>
                 </li>
                 <li className="kv-row">
-                  <span className="k">상품명</span>
+                  <span className="k">{t('additionalService.ars.productName')}</span>
                   <span className="v">{ detail?.goodsName }</span>
                 </li>
                 <li className="kv-row">
-                  <span className="k">주문번호</span>
+                  <span className="k">{t('additionalService.ars.orderNumber')}</span>
                   <span className="v">{ detail?.tid }</span>
                 </li>
                 <li className="kv-row">
-                  <span className="k">구매자</span>
+                  <span className="k">{t('additionalService.ars.buyer')}</span>
                   <span className="v">{ detail?.buyerName }</span>
                 </li>
                 <li className="kv-row">
-                  <span className="k">휴대폰번호</span>
+                  <span className="k">{t('additionalService.ars.phoneNumber')}</span>
                   <span className="v">{ detail?.maskPhoneNumber }</span>
                 </li>
                 <li className="kv-row">
-                  <span className="k">이메일</span>
+                  <span className="k">{t('additionalService.ars.email')}</span>
                   <span className="v">{ detail?.email }</span>
                 </li>
                 <li className="kv-row">
-                  <span className="k">발송 인증번호</span>
+                  <span className="k">{t('additionalService.ars.sendVerificationCode')}</span>
                   <span className="v">{ detail?.smsVerificationCode }</span>
                 </li>
               </ul>
@@ -161,9 +167,9 @@ export const ArsDetailPage = () => {
               <div className="apply-row">
                 <button
                   className="btn-50 btn-blue flex-1"
-                  onClick={ () => onClickToOpenResendBottomSheet() }
+                  onClick={onClickToOpenResendBottomSheet}
                   //disabled={ detail?.orderStatus !== OrderStatus.PENDING }
-                >SMS 재전송</button>
+                >{t('additionalService.ars.smsResend')}</button>
               </div>
             )}
           </div>
diff --git a/src/pages/additional-service/ars/list-page.tsx b/src/pages/additional-service/ars/list-page.tsx
index d493969..a317444 100644
--- a/src/pages/additional-service/ars/list-page.tsx
+++ b/src/pages/additional-service/ars/list-page.tsx
@@ -26,6 +26,8 @@ import { useExtensionAccessCheck } from '@/shared/lib/hooks/use-extension-access
 import useIntersectionObserver from '@/widgets/intersection-observer';
 import { ArsList } from '@/entities/additional-service/ui/ars/ars-list';
 import { ArsDetail } from '@/entities/additional-service/ui/ars/detail/ars-detail';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const ArsListPage = () => {
   const { navigate } = useNavigate();
@@ -136,6 +138,10 @@ export const ArsListPage = () => {
   };
 
   const onClickToOpenEmailBottomSheet = () => {
+    if (!checkGrant(52, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setEmailBottomSheetOn(true);
   };
 
@@ -170,6 +176,10 @@ export const ArsListPage = () => {
   };
 
   const onClickToNavigate = () => {
+    if (!checkGrant(52, 'X')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     navigate(PATHS.additionalService.ars.request, {
       state: { mid }
     });
@@ -230,7 +240,7 @@ export const ArsListPage = () => {
                 <button
                   className="download-btn"
                   aria-label={t('common.download')}
-                  onClick={() => onClickToOpenEmailBottomSheet()}
+                  onClick={onClickToOpenEmailBottomSheet}
                 >
                   <img
                     src={IMAGE_ROOT + '/ico_download.svg'}
@@ -272,7 +282,7 @@ export const ArsListPage = () => {
         <div className="apply-row">
           <button
             className="btn-50 btn-blue flex-1"
-            onClick={() => onClickToNavigate()}
+            onClick={onClickToNavigate}
           >{t('additionalService.ars.paymentRequest')}</button>
         </div>
       </main>

From a225d5111933703d12434c4685980169f7a9c02d Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 18:28:56 +0900
Subject: [PATCH 02/14] Add permission checks to payout pages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add grant check (53, 'D') to payout list download button
- Add grant check (53, 'X') to payout request button
- Add grant check (53, 'D') to payout detail certificate download button
- Refactor inline onClick handlers to method references

Changes:
- payout/list-page: Add permission checks for download and request actions
- payout/detail-page: Add permission check for certificate download

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../additional-service/payout/detail-page.tsx      |  6 ++++++
 src/pages/additional-service/payout/list-page.tsx  | 14 ++++++++++++--
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/src/pages/additional-service/payout/detail-page.tsx b/src/pages/additional-service/payout/detail-page.tsx
index 795424a..e458ddd 100644
--- a/src/pages/additional-service/payout/detail-page.tsx
+++ b/src/pages/additional-service/payout/detail-page.tsx
@@ -17,6 +17,8 @@ import { useExtensionPayoutDetailDownloadCertificateMutation } from '@/entities/
 import moment from 'moment';
 import { EmailBottomSheet } from '@/entities/common/ui/email-bottom-sheet';
 import { DownloadTypeBottomSheet } from '@/entities/common/ui/download-type-bottom-sheet';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const PayoutDetailPage = () => {
   const { t, i18n } = useTranslation();
@@ -52,6 +54,10 @@ export const PayoutDetailPage = () => {
   });
 
   const onClickToDownload = () => {
+    if (!checkGrant(53, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setDownloadTypeBottomSheetOn(true);
   };
 
diff --git a/src/pages/additional-service/payout/list-page.tsx b/src/pages/additional-service/payout/list-page.tsx
index c194b83..5c06eba 100644
--- a/src/pages/additional-service/payout/list-page.tsx
+++ b/src/pages/additional-service/payout/list-page.tsx
@@ -34,6 +34,8 @@ import { useExtensionAccessCheck } from '@/shared/lib/hooks/use-extension-access
 import useIntersectionObserver from '@/widgets/intersection-observer';
 import { PayoutList } from '@/entities/additional-service/ui/payout/payout-list';
 import { PayoutDetail } from '@/entities/additional-service/ui/payout/detail/payout-detail';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const PayoutListPage = () => {
   // Access check
@@ -88,6 +90,10 @@ export const PayoutListPage = () => {
   });
 
   const onClickToNavigation = () => {
+    if (!checkGrant(53, 'X')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     navigate(PATHS.additionalService.payout.request);
   };
 
@@ -144,6 +150,10 @@ export const PayoutListPage = () => {
   };
 
   const onClickToOpenEmailBottomSheet = () => {
+    if (!checkGrant(53, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setEmailBottomSheetOn(true);
   };
 
@@ -273,7 +283,7 @@ export const PayoutListPage = () => {
                 <button
                   className="download-btn"
                   aria-label={t('common.download')}
-                  onClick={() => onClickToOpenEmailBottomSheet()}
+                  onClick={onClickToOpenEmailBottomSheet}
                 >
                   <img
                     src={IMAGE_ROOT + '/ico_download.svg'}
@@ -323,7 +333,7 @@ export const PayoutListPage = () => {
             <div className="apply-row">
               <button
                 className="btn-50 btn-blue flex-1"
-                onClick={() => onClickToNavigation()}
+                onClick={onClickToNavigation}
               >{t('additionalService.payout.requestTitle')}</button>
             </div>
           </div>

From 320f2133190164388c278abc08a51d29ba56849e Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 18:45:23 +0900
Subject: [PATCH 03/14] Add permission checks to additional service pages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add grant check (54, 'D') to link payment download buttons
- Add grant check (54, 'X') to link payment request buttons
- Add grant check (65, 'D') to face auth download button
- Add grant check (60, 'D') to account holder search download button
- Add grant check (60, 'X') to account holder search request button
- Refactor inline onClick handlers to method references

Changes:
- link-payment-history-wrap: Add permission checks for download and request
- link-payment-wait-send-wrap: Add permission checks for download and request
- face-auth-page: Add permission check for download
- account-holder-search-page: Add permission check for download
- account-holder-search-list: Add permission check for search request

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../account-holder-search-list.tsx                 |  8 +++++++-
 .../ui/link-payment/link-payment-history-wrap.tsx  | 14 ++++++++++++--
 .../link-payment/link-payment-wait-send-wrap.tsx   | 14 ++++++++++++--
 .../account-holder-search-page.tsx                 |  6 ++++++
 .../face-auth/face-auth-page.tsx                   |  8 +++++++-
 5 files changed, 44 insertions(+), 6 deletions(-)

diff --git a/src/entities/additional-service/ui/account-holder-search/account-holder-search-list.tsx b/src/entities/additional-service/ui/account-holder-search/account-holder-search-list.tsx
index 22d1abd..2fe3c09 100644
--- a/src/entities/additional-service/ui/account-holder-search/account-holder-search-list.tsx
+++ b/src/entities/additional-service/ui/account-holder-search/account-holder-search-list.tsx
@@ -4,6 +4,8 @@ import { ListDateGroup } from '../list-date-group';
 import { AdditionalServiceCategory } from '../../model/types'
 import { AccountHolderSearchListProps } from '../../model/account-holder-search/types';
 import { useTranslation } from 'react-i18next';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const AccountHolderSearchList = ({
 	listItems,
@@ -63,6 +65,10 @@ export const AccountHolderSearchList = ({
 
 
 	const onClickToNavigate = () => {
+		if (!checkGrant(60, 'X')) {
+			showAlert(t('common.nopermission'));
+			return;
+		}
 		navigate(PATHS.additionalService.accountHolderSearch.request)
 	};
 
@@ -74,7 +80,7 @@ export const AccountHolderSearchList = ({
 				<div className="apply-row">
 					<button
 						className="btn-50 btn-blue flex-1"
-						onClick={ () => onClickToNavigate() }
+						onClick={onClickToNavigate}
 					>{ t('additionalService.accountHolderSearch.searchRequest') }</button>
 				</div>
 		</>
diff --git a/src/entities/additional-service/ui/link-payment/link-payment-history-wrap.tsx b/src/entities/additional-service/ui/link-payment/link-payment-history-wrap.tsx
index 683a9ea..f1449db 100644
--- a/src/entities/additional-service/ui/link-payment/link-payment-history-wrap.tsx
+++ b/src/entities/additional-service/ui/link-payment/link-payment-history-wrap.tsx
@@ -17,6 +17,8 @@ import { EmailBottomSheet } from '@/entities/common/ui/email-bottom-sheet';
 import useIntersectionObserver from '@/widgets/intersection-observer';
 import { useTranslation } from 'react-i18next';
 import { LinkPaymentHistoryDetail } from './detail/link-payment-history-detail';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 const getPaymentResultBtnGroup = (t: any) => [
 	{ name: t('additionalService.linkPayment.all'), value: LinkPaymentPaymentStatus.ALL },
@@ -76,6 +78,10 @@ export const LinkPaymentHistoryWrap = () => {
 	});
 
 	const onClickToNavigate = () => {
+		if (!checkGrant(54, 'X')) {
+			showAlert(t('common.nopermission'));
+			return;
+		}
 		navigate(PATHS.additionalService.linkPayment.request)
 	};
 
@@ -133,6 +139,10 @@ export const LinkPaymentHistoryWrap = () => {
 	};
 
 	const onClickToOpenEmailBottomSheet = () => {
+		if (!checkGrant(54, 'D')) {
+			showAlert(t('common.nopermission'));
+			return;
+		}
 		setEmailBottomSheetOn(true);
 	};
 
@@ -219,7 +229,7 @@ export const LinkPaymentHistoryWrap = () => {
 					<button
 						className="download-btn"
 						aria-label={t('common.download')}
-						onClick={() => onClickToOpenEmailBottomSheet()}
+						onClick={onClickToOpenEmailBottomSheet}
 					>
 						<img
 							src={IMAGE_ROOT + '/ico_download.svg'}
@@ -259,7 +269,7 @@ export const LinkPaymentHistoryWrap = () => {
 			<div className="apply-row">
 				<button
 					className="btn-50 btn-blue flex-1"
-					onClick={() => onClickToNavigate()}
+					onClick={onClickToNavigate}
 				>{t('additionalService.linkPayment.applyRequest')}</button>
 			</div>
 			<LinkPaymentHistoryFilter
diff --git a/src/entities/additional-service/ui/link-payment/link-payment-wait-send-wrap.tsx b/src/entities/additional-service/ui/link-payment/link-payment-wait-send-wrap.tsx
index 4999afd..e6d98a0 100644
--- a/src/entities/additional-service/ui/link-payment/link-payment-wait-send-wrap.tsx
+++ b/src/entities/additional-service/ui/link-payment/link-payment-wait-send-wrap.tsx
@@ -18,6 +18,8 @@ import { EmailBottomSheet } from '@/entities/common/ui/email-bottom-sheet';
 import useIntersectionObserver from '@/widgets/intersection-observer';
 import { useTranslation } from 'react-i18next';
 import { LinkPaymentWaitDetail } from './detail/link-payment-wait-detail';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 
 export const LinkPaymentWaitSendWrap = () => {
@@ -64,6 +66,10 @@ export const LinkPaymentWaitSendWrap = () => {
     setFilterOn(!filterOn);
   };
   const onClickToNavigate = () => {
+    if (!checkGrant(54, 'X')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     navigate(PATHS.additionalService.linkPayment.request)
   }
 
@@ -120,6 +126,10 @@ export const LinkPaymentWaitSendWrap = () => {
   };
 
   const onClickToOpenEmailBottomSheet = () => {
+    if (!checkGrant(54, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setEmailBottomSheetOn(true);
   };
 
@@ -195,7 +205,7 @@ export const LinkPaymentWaitSendWrap = () => {
           <button
             className="download-btn"
             aria-label={t('common.download')}
-            onClick={() => onClickToOpenEmailBottomSheet()}
+            onClick={onClickToOpenEmailBottomSheet}
           >
             <img
               src={IMAGE_ROOT + '/ico_download.svg'}
@@ -235,7 +245,7 @@ export const LinkPaymentWaitSendWrap = () => {
       <div className="apply-row">
         <button
           className="btn-50 btn-blue flex-1"
-          onClick={() => onClickToNavigate()}
+          onClick={onClickToNavigate}
         >{t('additionalService.linkPayment.applyRequest')}</button>
       </div>
       <LinkPaymentWaitSendFilter
diff --git a/src/pages/additional-service/account-holder-search/account-holder-search-page.tsx b/src/pages/additional-service/account-holder-search/account-holder-search-page.tsx
index 36b523a..f79a7f4 100644
--- a/src/pages/additional-service/account-holder-search/account-holder-search-page.tsx
+++ b/src/pages/additional-service/account-holder-search/account-holder-search-page.tsx
@@ -27,6 +27,8 @@ import { useExtensionAccessCheck } from '@/shared/lib/hooks/use-extension-access
 import useIntersectionObserver from '@/widgets/intersection-observer';
 import { snackBar } from '@/shared/lib';
 import { AccountHolderSearchDetail } from '@/entities/additional-service/ui/account-holder-search/detail/account-holder-search-detail';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const AccountHolderSearchPage = () => {
   const { navigate } = useNavigate();
@@ -139,6 +141,10 @@ export const AccountHolderSearchPage = () => {
   };
 
   const onClickToOpenEmailBottomSheet = () => {
+    if (!checkGrant(60, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setEmailBottomSheetOn(true);
   };
 
diff --git a/src/pages/additional-service/face-auth/face-auth-page.tsx b/src/pages/additional-service/face-auth/face-auth-page.tsx
index 3f2455f..1152c25 100644
--- a/src/pages/additional-service/face-auth/face-auth-page.tsx
+++ b/src/pages/additional-service/face-auth/face-auth-page.tsx
@@ -25,6 +25,8 @@ import { ListDateGroup } from '@/entities/additional-service/ui/list-date-group'
 import { useExtensionAccessCheck } from '@/shared/lib/hooks/use-extension-access-check';
 import useIntersectionObserver from '@/widgets/intersection-observer';
 import { useTranslation } from 'react-i18next';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const FaceAuthPage = () => {
 	const { navigate } = useNavigate();
@@ -126,6 +128,10 @@ export const FaceAuthPage = () => {
 	};
 
 	const onClickToOpenEmailBottomSheet = () => {
+		if (!checkGrant(65, 'D')) {
+			showAlert(t('common.nopermission'));
+			return;
+		}
 		setEmailBottomSheetOn(true);
 	};
 
@@ -244,7 +250,7 @@ export const FaceAuthPage = () => {
 								<button
 									className="download-btn"
 									aria-label={t('transaction.download')}
-									onClick={() => onClickToOpenEmailBottomSheet()}
+									onClick={onClickToOpenEmailBottomSheet}
 								>
 									<img
 										src={IMAGE_ROOT + '/ico_download.svg'}

From 344fd894c7b38c754970d3ec7a634868a92f7e19 Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 18:52:35 +0900
Subject: [PATCH 04/14] Add permission check to account holder auth page
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add grant check (59, 'D') to account holder auth download button
- Refactor inline onClick handler to method reference

Changes:
- account-holder-auth-page: Add permission check for download

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../account-holder-auth/account-holder-auth-page.tsx      | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/pages/additional-service/account-holder-auth/account-holder-auth-page.tsx b/src/pages/additional-service/account-holder-auth/account-holder-auth-page.tsx
index 155fcb8..9529a2f 100644
--- a/src/pages/additional-service/account-holder-auth/account-holder-auth-page.tsx
+++ b/src/pages/additional-service/account-holder-auth/account-holder-auth-page.tsx
@@ -26,6 +26,8 @@ import { EmailBottomSheet } from '@/entities/common/ui/email-bottom-sheet';
 import { useExtensionAccessCheck } from '@/shared/lib/hooks/use-extension-access-check';
 import useIntersectionObserver from '@/widgets/intersection-observer';
 import { AccountHolderAuthDetail } from '@/entities/additional-service/ui/account-holder-auth/detail/account-holder-auth-detail';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const AccountHolderAuthPage = () => {
   const { navigate } = useNavigate();
@@ -149,6 +151,10 @@ export const AccountHolderAuthPage = () => {
 
 
   const onClickToOpenEmailBottomSheet = () => {
+    if (!checkGrant(59, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setEmailBottomSheetOn(true);
   };
 
@@ -210,7 +216,7 @@ export const AccountHolderAuthPage = () => {
                 <button
                   className="download-btn"
                   aria-label={t('common.download')}
-                  onClick={() => onClickToOpenEmailBottomSheet()}
+                  onClick={onClickToOpenEmailBottomSheet}
                 >
                   <img
                     src={IMAGE_ROOT + '/ico_download.svg'}

From b354847770c550fcf1f5fc8a986e7f9f45c6fb2e Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 18:53:06 +0900
Subject: [PATCH 05/14] Clean up unused imports in face auth page
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Remove unused ProcessResult import
- Remove unused JSX import

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 src/pages/additional-service/face-auth/face-auth-page.tsx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/pages/additional-service/face-auth/face-auth-page.tsx b/src/pages/additional-service/face-auth/face-auth-page.tsx
index 1152c25..389148b 100644
--- a/src/pages/additional-service/face-auth/face-auth-page.tsx
+++ b/src/pages/additional-service/face-auth/face-auth-page.tsx
@@ -1,11 +1,11 @@
 import moment from 'moment';
-import { AdditionalServiceCategory, ProcessResult } from '@/entities/additional-service/model/types';
+import { AdditionalServiceCategory } from '@/entities/additional-service/model/types';
 import { DefaultRequestPagination, HeaderType, SortTypeKeys } from '@/entities/common/model/types';
 import { SortTypeBox } from '@/entities/common/ui/sort-type-box';
 import { DEFAULT_PAGE_PARAM } from '@/entities/common/model/constant';
 import { useNavigate } from '@/shared/lib/hooks/use-navigate';
 import { IMAGE_ROOT } from '@/shared/constants/common';
-import { JSX, useEffect, useState } from 'react';
+import { useEffect, useState } from 'react';
 import { useStore } from '@/shared/model/store';
 import { PATHS } from '@/shared/constants/paths';
 import {

From 102e91f8342d5941868b3e0e804e8b434a1719a8 Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 18:54:18 +0900
Subject: [PATCH 06/14] Add permission check to alimtalk page
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add grant check (58, 'D') to alimtalk download button
- Refactor inline onClick handler to method reference

Changes:
- alimtalk/list-page: Add permission check for download

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 src/pages/additional-service/alimtalk/list-page.tsx | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/pages/additional-service/alimtalk/list-page.tsx b/src/pages/additional-service/alimtalk/list-page.tsx
index 948e1a4..f16fadd 100644
--- a/src/pages/additional-service/alimtalk/list-page.tsx
+++ b/src/pages/additional-service/alimtalk/list-page.tsx
@@ -35,6 +35,8 @@ import { useExtensionAccessCheck } from '@/shared/lib/hooks/use-extension-access
 import useIntersectionObserver from '@/widgets/intersection-observer';
 import { useTranslation } from 'react-i18next';
 import { AlimtalkDetail } from '@/entities/additional-service/ui/alimtalk/detail/alimtalk-detail';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const AlimtalkListPage = () => {
   const { t } = useTranslation();
@@ -143,6 +145,10 @@ export const AlimtalkListPage = () => {
 
 
   const onClickToOpenEmailBottomSheet = () => {
+    if (!checkGrant(58, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setEmailBottomSheetOn(true);
   }
 
@@ -284,7 +290,7 @@ export const AlimtalkListPage = () => {
                 <button
                   className="download-btn"
                   aria-label="다운로드"
-                  onClick={() => onClickToOpenEmailBottomSheet()}
+                  onClick={onClickToOpenEmailBottomSheet}
                 >
                   <img
                     src={IMAGE_ROOT + '/ico_download.svg'}

From 47555e6e4201dad38e5ea5536592753ba57e8e87 Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 18:55:22 +0900
Subject: [PATCH 07/14] Add permission check to alimtalk service setting button
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add grant check (58, 'W') to alimtalk service setting navigation
- Refactor inline onClick handler to method reference

Changes:
- alimtalk/list-page: Add permission check for service setting navigation

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 src/pages/additional-service/alimtalk/list-page.tsx | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/pages/additional-service/alimtalk/list-page.tsx b/src/pages/additional-service/alimtalk/list-page.tsx
index f16fadd..6a618ef 100644
--- a/src/pages/additional-service/alimtalk/list-page.tsx
+++ b/src/pages/additional-service/alimtalk/list-page.tsx
@@ -188,6 +188,10 @@ export const AlimtalkListPage = () => {
   };
 
   const onClickToNavigate = () => {
+    if (!checkGrant(58, 'W')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     navigate(PATHS.additionalService.alimtalk.setting);
   };
 
@@ -310,7 +314,7 @@ export const AlimtalkListPage = () => {
       <div className="apply-row">
         <button
           className="btn-50 btn-blue flex-1"
-          onClick={() => onClickToNavigate()}
+          onClick={onClickToNavigate}
         >{t('additionalService.alimtalk.serviceSetting')}</button>
       </div>
       <AlimtalkFilter

From e4871b64922e8e56d2567cf7ea3ba7b149538a0f Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 19:04:49 +0900
Subject: [PATCH 08/14] Add permission checks to SMS payment pages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add grant check (57, 'D') to SMS payment download button
- Add grant check (57, 'X') to SMS resend button
- Refactor onClick handlers for better code organization

Changes:
- sms-payment-page: Add permission check for download, move onClick to button
- sms-payment-detail-resend: Add imports for permission check functions

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../ui/sms-payment/sms-payment-detail-resend.tsx          | 6 ++++++
 .../additional-service/sms-payment/sms-payment-page.tsx   | 8 +++++++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/entities/additional-service/ui/sms-payment/sms-payment-detail-resend.tsx b/src/entities/additional-service/ui/sms-payment/sms-payment-detail-resend.tsx
index 9007807..fe7fcc9 100644
--- a/src/entities/additional-service/ui/sms-payment/sms-payment-detail-resend.tsx
+++ b/src/entities/additional-service/ui/sms-payment/sms-payment-detail-resend.tsx
@@ -5,6 +5,8 @@ import { SmsPaymentDetailResendProps } from '../../../additional-service/model/s
 import { useExtensionSmsResendMutation } from '../../api/sms-payment/use-extension-sms-resend-mutation';
 import appBridge from '@/shared/lib/appBridge';
 import { snackBar } from '@/shared/lib';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const SmsPaymentDetailResend = ({
   bottomSmsPaymentDetailResendOn,
@@ -22,6 +24,10 @@ export const SmsPaymentDetailResend = ({
   const {mutateAsync : resendMessage } = useExtensionSmsResendMutation();
 
   const onClickResend = () => {
+    if (!checkGrant(57, 'X')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     // sendMessage가 없으면 재발송 불가
     if (!smsDetailData?.sendMessage) {
       return;
diff --git a/src/pages/additional-service/sms-payment/sms-payment-page.tsx b/src/pages/additional-service/sms-payment/sms-payment-page.tsx
index 840210e..f6e6673 100644
--- a/src/pages/additional-service/sms-payment/sms-payment-page.tsx
+++ b/src/pages/additional-service/sms-payment/sms-payment-page.tsx
@@ -25,6 +25,8 @@ import { EmailBottomSheet } from '@/entities/common/ui/email-bottom-sheet';
 import { useExtensionAccessCheck } from '@/shared/lib/hooks/use-extension-access-check';
 import useIntersectionObserver from '@/widgets/intersection-observer';
 import { set } from 'lodash-es';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const SmsPaymentPage = () => {
   const { t } = useTranslation();
@@ -135,6 +137,10 @@ export const SmsPaymentPage = () => {
   }
 
   const onClickToOpenEmailBottomSheet = () => {
+    if (!checkGrant(57, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setEmailBottomSheetOn(true);
   };
 
@@ -209,11 +215,11 @@ export const SmsPaymentPage = () => {
                 <button
                   className="download-btn"
                   aria-label="다운로드"
+                  onClick={onClickToOpenEmailBottomSheet}
                 >
                   <img
                     src={IMAGE_ROOT + '/ico_download.svg'}
                     alt="다운로드"
-                    onClick={() => onClickToOpenEmailBottomSheet()}
                   />
                 </button>
               </div>

From 0decc9e8b4ee6060c53d85ad24615d6658c332de Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 19:08:11 +0900
Subject: [PATCH 09/14] Add permission check to key-in payment page
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add grant check (56, 'D') to key-in payment download button
- Move onClick from img to button element for better accessibility

Changes:
- key-in-payment-page: Add permission check for download

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../key-in-payment/key-in-payment-page.tsx                | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/pages/additional-service/key-in-payment/key-in-payment-page.tsx b/src/pages/additional-service/key-in-payment/key-in-payment-page.tsx
index 5d7f3b1..8814a82 100644
--- a/src/pages/additional-service/key-in-payment/key-in-payment-page.tsx
+++ b/src/pages/additional-service/key-in-payment/key-in-payment-page.tsx
@@ -25,6 +25,8 @@ import { EmailBottomSheet } from '@/entities/common/ui/email-bottom-sheet';
 import { useTranslation } from 'react-i18next';
 import { useExtensionAccessCheck } from '@/shared/lib/hooks/use-extension-access-check';
 import useIntersectionObserver from '@/widgets/intersection-observer';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const KeyInPaymentPage = () => {
   const { navigate } = useNavigate();
@@ -133,6 +135,10 @@ export const KeyInPaymentPage = () => {
   };
 
   const onClickToOpenEmailBottomSheet = () => {
+    if (!checkGrant(56, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setEmailBottomSheetOn(true);
   };
 
@@ -207,11 +213,11 @@ export const KeyInPaymentPage = () => {
                 <button
                   className="download-btn"
                   aria-label="다운로드"
+                  onClick={onClickToOpenEmailBottomSheet}
                 >
                   <img
                     src={IMAGE_ROOT + '/ico_download.svg'}
                     alt="다운로드"
-                    onClick={() => onClickToOpenEmailBottomSheet()}
                   />
                 </button>
               </div>

From cf1a390c676a19a228c16dd4499ac4450219f1cd Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 19:17:44 +0900
Subject: [PATCH 10/14] Add permission check to key-in payment request button
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add checkGrant(56, 'X') permission check to onClickToNavigate function
- Show alert message when user lacks permission
- Simplify onClick handler from arrow function to direct method reference

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../ui/key-in-payment/key-in-payment-list.tsx             | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/entities/additional-service/ui/key-in-payment/key-in-payment-list.tsx b/src/entities/additional-service/ui/key-in-payment/key-in-payment-list.tsx
index 88ba6b8..e722642 100644
--- a/src/entities/additional-service/ui/key-in-payment/key-in-payment-list.tsx
+++ b/src/entities/additional-service/ui/key-in-payment/key-in-payment-list.tsx
@@ -4,6 +4,8 @@ import { ListDateGroup } from '../list-date-group';
 import { KeyInPaymentListItem, KeyInPaymentListProps } from '../../model/key-in/types';
 import { JSX } from 'react';
 import { useTranslation } from 'react-i18next';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const KeyInPaymentList = ({
   additionalServiceCategory,
@@ -59,6 +61,10 @@ export const KeyInPaymentList = ({
   };
 
   const onClickToNavigate = () => {
+    if (!checkGrant(56, 'X')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     navigate(PATHS.additionalService.keyInPayment.request);
   };
 
@@ -70,7 +76,7 @@ export const KeyInPaymentList = ({
       <div className="apply-row">
         <button
           className="btn-50 btn-blue flex-1"
-          onClick={() => onClickToNavigate()}
+          onClick={onClickToNavigate}
         >{t('additionalService.linkPay.paymentRequest')}</button>
       </div>
     </>

From 6abbe9b11a4903c17e5ceaecb3a2dc26662f1134 Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 19:27:15 +0900
Subject: [PATCH 11/14] Add permission checks to fund account components
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add checkGrant(55, 'D') for download/email functions in transfer-list-wrap, result-list-wrap, and result-detail
- Add checkGrant(55, 'W') for transfer registration navigation in transfer-list-wrap and result-list-wrap
- Add checkGrant(55, 'X') for transfer request in transfer-detail
- Show alert message when user lacks permission
- Simplify onClick handler in transfer-detail from arrow function to direct method reference

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../ui/fund-account/detail/result-detail.tsx           |  6 ++++++
 .../ui/fund-account/detail/transfer-detail.tsx         |  8 +++++++-
 .../ui/fund-account/result-list-wrap.tsx               | 10 ++++++++++
 .../ui/fund-account/transfer-list-wrap.tsx             | 10 ++++++++++
 4 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/src/entities/additional-service/ui/fund-account/detail/result-detail.tsx b/src/entities/additional-service/ui/fund-account/detail/result-detail.tsx
index c914ff4..cf3d49d 100644
--- a/src/entities/additional-service/ui/fund-account/detail/result-detail.tsx
+++ b/src/entities/additional-service/ui/fund-account/detail/result-detail.tsx
@@ -13,6 +13,8 @@ import { useExtensionFundAccountDownloadReceiptMutation } from '@/entities/addit
 import { EmailBottomSheet } from '@/entities/common/ui/email-bottom-sheet';
 import { DetailMotionDuration, DetailMotionStyle, DetailMotionVariants } from '@/entities/common/model/constant';
 import { FullMenuClose } from '@/entities/common/ui/full-menu-close';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export interface FundAccountResultDetailProps {
   detailOn: boolean;
@@ -47,6 +49,10 @@ export const FundAccountResultDetail = ({
   };
 
   const onClickToOpenEmailBottomSheet = () => {
+    if (!checkGrant(55, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setEmailBottomSheetOn(true);
   };
 
diff --git a/src/entities/additional-service/ui/fund-account/detail/transfer-detail.tsx b/src/entities/additional-service/ui/fund-account/detail/transfer-detail.tsx
index eabfdf5..eaeecc1 100644
--- a/src/entities/additional-service/ui/fund-account/detail/transfer-detail.tsx
+++ b/src/entities/additional-service/ui/fund-account/detail/transfer-detail.tsx
@@ -11,6 +11,8 @@ import { snackBar } from '@/shared/lib';
 import { useExtensionFundAccountTransferRequestMutation } from '@/entities/additional-service/api/fund-account/use-extension-fund-account-transfer-request-mutation';
 import { DetailMotionDuration, DetailMotionStyle, DetailMotionVariants } from '@/entities/common/model/constant';
 import { FullMenuClose } from '@/entities/common/ui/full-menu-close';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export interface FundAccountTransferDetailProps {
   detailOn: boolean;
@@ -43,6 +45,10 @@ export const FundAccountTransferDetail = ({
   };
   
   const onClickToRequest = () => {
+    if (!checkGrant(55, 'X')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     let params: ExtensionFundAccountTransferRequestParams = {
       seq: seq
     };
@@ -150,7 +156,7 @@ export const FundAccountTransferDetail = ({
             <div className="apply-row">
               <button
                 className="btn-50 btn-blue flex-1"
-                onClick={() => onClickToRequest()}
+                onClick={onClickToRequest}
                 disabled={detail?.resultStatus !== FundAccountStatus.REGIST_COMPLETE}
               >{t('additionalService.fundAccount.transferRequestButton')}</button>
             </div>
diff --git a/src/entities/additional-service/ui/fund-account/result-list-wrap.tsx b/src/entities/additional-service/ui/fund-account/result-list-wrap.tsx
index 05c475e..40be584 100644
--- a/src/entities/additional-service/ui/fund-account/result-list-wrap.tsx
+++ b/src/entities/additional-service/ui/fund-account/result-list-wrap.tsx
@@ -19,6 +19,8 @@ import { EmailBottomSheet } from '@/entities/common/ui/email-bottom-sheet';
 import useIntersectionObserver from '@/widgets/intersection-observer';
 import { useTranslation } from 'react-i18next';
 import { FundAccountResultDetail } from './detail/result-detail';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const FundAccountResultListWrap = () => {
   const { navigate } = useNavigate();
@@ -144,6 +146,10 @@ export const FundAccountResultListWrap = () => {
   };
 
   const onClickToOpenEmailBottomSheet = () => {
+    if (!checkGrant(55, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setEmailBottomSheetOn(true);
   };
 
@@ -251,6 +257,10 @@ export const FundAccountResultListWrap = () => {
   ]);
 
   const onClickToNavigate = () => {
+    if (!checkGrant(55, 'W')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     navigate(PATHS.additionalService.fundAccount.transferRequest);
   };
 
diff --git a/src/entities/additional-service/ui/fund-account/transfer-list-wrap.tsx b/src/entities/additional-service/ui/fund-account/transfer-list-wrap.tsx
index ef48ef6..164adc3 100644
--- a/src/entities/additional-service/ui/fund-account/transfer-list-wrap.tsx
+++ b/src/entities/additional-service/ui/fund-account/transfer-list-wrap.tsx
@@ -28,6 +28,8 @@ import { EmailBottomSheet } from '@/entities/common/ui/email-bottom-sheet';
 import useIntersectionObserver from '@/widgets/intersection-observer';
 import { useTranslation } from 'react-i18next';
 import { FundAccountTransferDetail } from './detail/transfer-detail';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export const FundAccountTransferListWrap = () => {
   const { navigate } = useNavigate();
@@ -127,6 +129,10 @@ export const FundAccountTransferListWrap = () => {
   };
 
   const onClickToOpenEmailBottomSheet = () => {
+    if (!checkGrant(55, 'D')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     setEmailBottomSheetOn(true);
   };
 
@@ -234,6 +240,10 @@ export const FundAccountTransferListWrap = () => {
   ]);
 
   const onClickToNavigate = () => {
+    if (!checkGrant(55, 'W')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     navigate(PATHS.additionalService.fundAccount.transferRequest);
   };
 

From bbc8c930ae18b2c187ea1f7ae7eae4907e506f9e Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 19:33:27 +0900
Subject: [PATCH 12/14] Add permission checks to link payment detail components
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add checkGrant(55, 'W') for resend and separate approval in link-payment-history-detail
- Add checkGrant(55, 'W') for delete in link-payment-wait-detail
- Show alert message when user lacks permission
- Simplify onClick handlers from arrow functions to direct method references

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../detail/link-payment-history-detail.tsx         | 14 ++++++++++++--
 .../detail/link-payment-wait-detail.tsx            |  8 +++++++-
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/src/entities/additional-service/ui/link-payment/detail/link-payment-history-detail.tsx b/src/entities/additional-service/ui/link-payment/detail/link-payment-history-detail.tsx
index 82d0e41..7877094 100644
--- a/src/entities/additional-service/ui/link-payment/detail/link-payment-history-detail.tsx
+++ b/src/entities/additional-service/ui/link-payment/detail/link-payment-history-detail.tsx
@@ -24,6 +24,8 @@ import moment from 'moment';
 import { useTranslation } from 'react-i18next';
 import { DetailMotionDuration, DetailMotionStyle, DetailMotionVariants } from '@/entities/common/model/constant';
 import { FullMenuClose } from '@/entities/common/ui/full-menu-close';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export interface LinkPaymentHistoryDetailProps {
   detailOn: boolean;
@@ -95,6 +97,10 @@ export const LinkPaymentHistoryDetail = ({
   }
 
   const onClickToResend = () => {
+    if (!checkGrant(55, 'W')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     let msg = t('additionalService.linkPayment.resendConfirm');
 
     overlay.open(({
@@ -116,6 +122,10 @@ export const LinkPaymentHistoryDetail = ({
   };
 
   const onClickToSeparateApproval = () => {
+    if (!checkGrant(55, 'W')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     navigate(PATHS.additionalService.linkPayment.separateApproval, {
       state: { mid, requestId }
     });
@@ -188,7 +198,7 @@ export const LinkPaymentHistoryDetail = ({
               <div className="link-payment-detail-button" style={{ paddingBottom: '100px' }}>
                 <button
                   className="btn-50 btn-blue flex-1"
-                  onClick={() => onClickToSeparateApproval()}
+                  onClick={onClickToSeparateApproval}
                   disabled={detailExposure}
                 >{t('additionalService.linkPayment.separateApprovalDetail')}</button>
               </div>
@@ -196,7 +206,7 @@ export const LinkPaymentHistoryDetail = ({
             <div className="apply-row">
               <button
                 className="btn-50 btn-blue flex-1"
-                onClick={() => onClickToResend()}
+                onClick={onClickToResend}
                 disabled={!isResendEnabled()}
               >{t('additionalService.linkPayment.resend')}</button>
             </div>
diff --git a/src/entities/additional-service/ui/link-payment/detail/link-payment-wait-detail.tsx b/src/entities/additional-service/ui/link-payment/detail/link-payment-wait-detail.tsx
index 2190859..d009cf1 100644
--- a/src/entities/additional-service/ui/link-payment/detail/link-payment-wait-detail.tsx
+++ b/src/entities/additional-service/ui/link-payment/detail/link-payment-wait-detail.tsx
@@ -12,6 +12,8 @@ import { snackBar } from '@/shared/lib';
 import { useTranslation } from 'react-i18next';
 import { DetailMotionDuration, DetailMotionStyle, DetailMotionVariants } from '@/entities/common/model/constant';
 import { FullMenuClose } from '@/entities/common/ui/full-menu-close';
+import { checkGrant } from '@/shared/lib/check-grant';
+import { showAlert } from '@/widgets/show-alert';
 
 export interface LinkPaymentWaitDetailProps {
   detailOn: boolean;
@@ -62,6 +64,10 @@ export const LinkPaymentWaitDetail = ({
   }
 
   const onClickToCancel = () => {
+    if (!checkGrant(55, 'W')) {
+      showAlert(t('common.nopermission'));
+      return;
+    }
     let msg = t('additionalService.linkPayment.deleteConfirm');
 
     overlay.open(({
@@ -131,7 +137,7 @@ export const LinkPaymentWaitDetail = ({
           <div className="apply-row">
             <button
               className="btn-50 btn-blue flex-1"
-              onClick={() => onClickToCancel()}
+              onClick={onClickToCancel}
               disabled={paymentInfo?.processStatus !== LinkPaymentProcessStatus.SEND_REQUEST}
             >{t('additionalService.linkPayment.delete')}</button>
           </div>

From 1038dea22e74f70c4890f6fea48c0b56a2a91b29 Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 19:36:54 +0900
Subject: [PATCH 13/14] Fix permission type for link payment navigation buttons
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Change checkGrant permission type from 'X' to 'W' in link-payment-history-wrap and link-payment-wait-send-wrap
- These navigation buttons should use 'W' (write) permission instead of 'X' (execute)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../ui/link-payment/link-payment-history-wrap.tsx               | 2 +-
 .../ui/link-payment/link-payment-wait-send-wrap.tsx             | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/entities/additional-service/ui/link-payment/link-payment-history-wrap.tsx b/src/entities/additional-service/ui/link-payment/link-payment-history-wrap.tsx
index f1449db..5846d20 100644
--- a/src/entities/additional-service/ui/link-payment/link-payment-history-wrap.tsx
+++ b/src/entities/additional-service/ui/link-payment/link-payment-history-wrap.tsx
@@ -78,7 +78,7 @@ export const LinkPaymentHistoryWrap = () => {
 	});
 
 	const onClickToNavigate = () => {
-		if (!checkGrant(54, 'X')) {
+		if (!checkGrant(54, 'W')) {
 			showAlert(t('common.nopermission'));
 			return;
 		}
diff --git a/src/entities/additional-service/ui/link-payment/link-payment-wait-send-wrap.tsx b/src/entities/additional-service/ui/link-payment/link-payment-wait-send-wrap.tsx
index e6d98a0..7d0007d 100644
--- a/src/entities/additional-service/ui/link-payment/link-payment-wait-send-wrap.tsx
+++ b/src/entities/additional-service/ui/link-payment/link-payment-wait-send-wrap.tsx
@@ -66,7 +66,7 @@ export const LinkPaymentWaitSendWrap = () => {
     setFilterOn(!filterOn);
   };
   const onClickToNavigate = () => {
-    if (!checkGrant(54, 'X')) {
+    if (!checkGrant(54, 'W')) {
       showAlert(t('common.nopermission'));
       return;
     }

From ab528b38f1cc10f609a00485418bdd52326053b0 Mon Sep 17 00:00:00 2001
From: Jay Sheen <jay.sheen@bpsoft.co.kr>
Date: Wed, 5 Nov 2025 19:39:19 +0900
Subject: [PATCH 14/14] Fix permission type for payout navigation button
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Change checkGrant permission type from 'X' to 'W' in payout list-page
- Navigation button should use 'W' (write) permission instead of 'X' (execute)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 src/pages/additional-service/payout/list-page.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/pages/additional-service/payout/list-page.tsx b/src/pages/additional-service/payout/list-page.tsx
index 5c06eba..48d4990 100644
--- a/src/pages/additional-service/payout/list-page.tsx
+++ b/src/pages/additional-service/payout/list-page.tsx
@@ -90,7 +90,7 @@ export const PayoutListPage = () => {
   });
 
   const onClickToNavigation = () => {
-    if (!checkGrant(53, 'X')) {
+    if (!checkGrant(53, 'W')) {
       showAlert(t('common.nopermission'));
       return;
     }