ERP-node/backend-node/src/services/bomService.ts

/**
 * BOM 이력 및 버전 관리 서비스
 * 설정 패널에서 지정한 테이블명을 동적으로 사용
 */

import { query, queryOne, transaction } from "../database/db";
import { logger } from "../utils/logger";

// SQL 인젝션 방지: 테이블명은 알파벳, 숫자, 언더스코어만 허용
function safeTableName(name: string, fallback: string): string {
  if (!name || !/^[a-zA-Z_][a-zA-Z0-9_]*$/.test(name)) return fallback;
  return name;
}

// ─── 이력 (History) ─────────────────────────────

export async function getBomHistory(bomId: string, companyCode: string, tableName?: string) {
  const table = safeTableName(tableName || "", "bom_history");
  const sql = companyCode === "*"
    ? `SELECT * FROM ${table} WHERE bom_id = $1 ORDER BY changed_date DESC`
    : `SELECT * FROM ${table} WHERE bom_id = $1 AND company_code = $2 ORDER BY changed_date DESC`;
  const params = companyCode === "*" ? [bomId] : [bomId, companyCode];
  return query(sql, params);
}

export async function addBomHistory(
  bomId: string,
  companyCode: string,
  data: {
    revision?: string;
    version?: string;
    change_type: string;
    change_description?: string;
    changed_by?: string;
  },
  tableName?: string,
) {
  const table = safeTableName(tableName || "", "bom_history");
  const sql = `
    INSERT INTO ${table} (bom_id, revision, version, change_type, change_description, changed_by, company_code)
    VALUES ($1, $2, $3, $4, $5, $6, $7)
    RETURNING *
  `;
  return queryOne(sql, [
    bomId,
    data.revision || null,
    data.version || null,
    data.change_type,
    data.change_description || null,
    data.changed_by || null,
    companyCode,
  ]);
}

// ─── 버전 (Version) ─────────────────────────────

export async function getBomVersions(bomId: string, companyCode: string, tableName?: string) {
  const table = safeTableName(tableName || "", "bom_version");
  const sql = companyCode === "*"
    ? `SELECT * FROM ${table} WHERE bom_id = $1 ORDER BY created_date DESC`
    : `SELECT * FROM ${table} WHERE bom_id = $1 AND company_code = $2 ORDER BY created_date DESC`;
  const params = companyCode === "*" ? [bomId] : [bomId, companyCode];
  return query(sql, params);
}

export async function createBomVersion(
  bomId: string, companyCode: string, createdBy: string,
  versionTableName?: string, detailTableName?: string,
) {
  const vTable = safeTableName(versionTableName || "", "bom_version");
  const dTable = safeTableName(detailTableName || "", "bom_detail");

  return transaction(async (client) => {
    const bomRow = await client.query(`SELECT * FROM bom WHERE id = $1`, [bomId]);
    if (bomRow.rows.length === 0) throw new Error("BOM을 찾을 수 없습니다");
    const bomData = bomRow.rows[0];

    const detailRows = await client.query(
      `SELECT * FROM ${dTable} WHERE bom_id = $1 ORDER BY parent_detail_id NULLS FIRST, id`,
      [bomId],
    );

    const lastVersion = await client.query(
      `SELECT version_name FROM ${vTable} WHERE bom_id = $1 ORDER BY created_date DESC LIMIT 1`,
      [bomId],
    );
    let nextVersionNum = 1;
    if (lastVersion.rows.length > 0) {
      const parsed = parseFloat(lastVersion.rows[0].version_name);
      if (!isNaN(parsed)) nextVersionNum = Math.floor(parsed) + 1;
    }
    const versionName = `${nextVersionNum}.0`;

    const snapshot = {
      bom: bomData,
      details: detailRows.rows,
      detailTable: dTable,
      created_at: new Date().toISOString(),
    };

    const insertSql = `
      INSERT INTO ${vTable} (bom_id, version_name, revision, status, snapshot_data, created_by, company_code)
      VALUES ($1, $2, $3, 'developing', $4, $5, $6)
      RETURNING *
    `;
    const result = await client.query(insertSql, [
      bomId,
      versionName,
      bomData.revision ? parseInt(bomData.revision, 10) || 0 : 0,
      JSON.stringify(snapshot),
      createdBy,
      companyCode,
    ]);

    logger.info("BOM 버전 생성", { bomId, versionName, companyCode, vTable, dTable });
    return result.rows[0];
  });
}

export async function loadBomVersion(
  bomId: string, versionId: string, companyCode: string,
  versionTableName?: string, detailTableName?: string,
) {
  const vTable = safeTableName(versionTableName || "", "bom_version");
  const dTable = safeTableName(detailTableName || "", "bom_detail");

  return transaction(async (client) => {
    const verRow = await client.query(
      `SELECT * FROM ${vTable} WHERE id = $1 AND bom_id = $2`,
      [versionId, bomId],
    );
    if (verRow.rows.length === 0) throw new Error("버전을 찾을 수 없습니다");

    const snapshot = verRow.rows[0].snapshot_data;
    if (!snapshot || !snapshot.bom) throw new Error("스냅샷 데이터가 없습니다");

    // 스냅샷에 기록된 detailTable을 우선 사용, 없으면 파라미터 사용
    const snapshotDetailTable = safeTableName(snapshot.detailTable || "", dTable);

    await client.query(`DELETE FROM ${snapshotDetailTable} WHERE bom_id = $1`, [bomId]);

    const b = snapshot.bom;
    await client.query(
      `UPDATE bom SET base_qty = $1, unit = $2, revision = $3, remark = $4 WHERE id = $5`,
      [b.base_qty || null, b.unit || null, b.revision || null, b.remark || null, bomId],
    );

    const oldToNew: Record<string, string> = {};
    for (const d of snapshot.details || []) {
      const insertResult = await client.query(
        `INSERT INTO ${snapshotDetailTable} (bom_id, parent_detail_id, child_item_id, quantity, unit, process_type, loss_rate, remark, level, base_qty, revision, company_code)
         VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12) RETURNING id`,
        [
          bomId,
          d.parent_detail_id ? (oldToNew[d.parent_detail_id] || null) : null,
          d.child_item_id,
          d.quantity,
          d.unit,
          d.process_type,
          d.loss_rate,
          d.remark,
          d.level,
          d.base_qty,
          d.revision,
          companyCode,
        ],
      );
      oldToNew[d.id] = insertResult.rows[0].id;
    }

    logger.info("BOM 버전 불러오기 완료", { bomId, versionId, vTable, snapshotDetailTable });
    return { restored: true, versionName: verRow.rows[0].version_name };
  });
}

export async function deleteBomVersion(bomId: string, versionId: string, tableName?: string) {
  const table = safeTableName(tableName || "", "bom_version");
  const sql = `DELETE FROM ${table} WHERE id = $1 AND bom_id = $2 RETURNING id`;
  const result = await query(sql, [versionId, bomId]);
  return result.length > 0;
}
feat: Add BOM management features and enhance BOM tree component - Integrated BOM routes into the backend for managing BOM history and versions. - Enhanced the V2BomTreeConfigPanel to include options for history and version table management. - Updated the BomTreeComponent to support viewing BOM data in both tree and level formats, with modals for editing BOM details, viewing history, and managing versions. - Improved user interaction with new buttons for accessing BOM history and version management directly from the BOM tree view. 2026-02-25 14:50:51 +09:00			`/**`
			`* BOM 이력 및 버전 관리 서비스`
			`* 설정 패널에서 지정한 테이블명을 동적으로 사용`
			`*/`

			`import { query, queryOne, transaction } from "../database/db";`
			`import { logger } from "../utils/logger";`

			`// SQL 인젝션 방지: 테이블명은 알파벳, 숫자, 언더스코어만 허용`
			`function safeTableName(name: string, fallback: string): string {`
			`if (!name \|\| !/^[a-zA-Z_][a-zA-Z0-9_]*$/.test(name)) return fallback;`
			`return name;`
			`}`

			`// ─── 이력 (History) ─────────────────────────────`

			`export async function getBomHistory(bomId: string, companyCode: string, tableName?: string) {`
			`const table = safeTableName(tableName \|\| "", "bom_history");`
			`const sql = companyCode === "*"`
			? `SELECT * FROM ${table} WHERE bom_id = $1 ORDER BY changed_date DESC`
			: `SELECT * FROM ${table} WHERE bom_id = $1 AND company_code = $2 ORDER BY changed_date DESC`;
			`const params = companyCode === "*" ? [bomId] : [bomId, companyCode];`
			`return query(sql, params);`
			`}`

			`export async function addBomHistory(`
			`bomId: string,`
			`companyCode: string,`
			`data: {`
			`revision?: string;`
			`version?: string;`
			`change_type: string;`
			`change_description?: string;`
			`changed_by?: string;`
			`},`
			`tableName?: string,`
			`) {`
			`const table = safeTableName(tableName \|\| "", "bom_history");`
			const sql = `
			`INSERT INTO ${table} (bom_id, revision, version, change_type, change_description, changed_by, company_code)`
			`VALUES ($1, $2, $3, $4, $5, $6, $7)`
			`RETURNING *`
			`;
			`return queryOne(sql, [`
			`bomId,`
			`data.revision \|\| null,`
			`data.version \|\| null,`
			`data.change_type,`
			`data.change_description \|\| null,`
			`data.changed_by \|\| null,`
			`companyCode,`
			`]);`
			`}`

			`// ─── 버전 (Version) ─────────────────────────────`

			`export async function getBomVersions(bomId: string, companyCode: string, tableName?: string) {`
			`const table = safeTableName(tableName \|\| "", "bom_version");`
			`const sql = companyCode === "*"`
			? `SELECT * FROM ${table} WHERE bom_id = $1 ORDER BY created_date DESC`
			: `SELECT * FROM ${table} WHERE bom_id = $1 AND company_code = $2 ORDER BY created_date DESC`;
			`const params = companyCode === "*" ? [bomId] : [bomId, companyCode];`
			`return query(sql, params);`
			`}`

			`export async function createBomVersion(`
			`bomId: string, companyCode: string, createdBy: string,`
			`versionTableName?: string, detailTableName?: string,`
			`) {`
			`const vTable = safeTableName(versionTableName \|\| "", "bom_version");`
			`const dTable = safeTableName(detailTableName \|\| "", "bom_detail");`

			`return transaction(async (client) => {`
			const bomRow = await client.query(`SELECT * FROM bom WHERE id = $1`, [bomId]);
			`if (bomRow.rows.length === 0) throw new Error("BOM을 찾을 수 없습니다");`
			`const bomData = bomRow.rows[0];`

			`const detailRows = await client.query(`
			`SELECT * FROM ${dTable} WHERE bom_id = $1 ORDER BY parent_detail_id NULLS FIRST, id`,
			`[bomId],`
			`);`

			`const lastVersion = await client.query(`
			`SELECT version_name FROM ${vTable} WHERE bom_id = $1 ORDER BY created_date DESC LIMIT 1`,
			`[bomId],`
			`);`
			`let nextVersionNum = 1;`
			`if (lastVersion.rows.length > 0) {`
			`const parsed = parseFloat(lastVersion.rows[0].version_name);`
			`if (!isNaN(parsed)) nextVersionNum = Math.floor(parsed) + 1;`
			`}`
			const versionName = `${nextVersionNum}.0`;

			`const snapshot = {`
			`bom: bomData,`
			`details: detailRows.rows,`
			`detailTable: dTable,`
			`created_at: new Date().toISOString(),`
			`};`

			const insertSql = `
			`INSERT INTO ${vTable} (bom_id, version_name, revision, status, snapshot_data, created_by, company_code)`
			`VALUES ($1, $2, $3, 'developing', $4, $5, $6)`
			`RETURNING *`
			`;
			`const result = await client.query(insertSql, [`
			`bomId,`
			`versionName,`
			`bomData.revision ? parseInt(bomData.revision, 10) \|\| 0 : 0,`
			`JSON.stringify(snapshot),`
			`createdBy,`
			`companyCode,`
			`]);`

			`logger.info("BOM 버전 생성", { bomId, versionName, companyCode, vTable, dTable });`
			`return result.rows[0];`
			`});`
			`}`

			`export async function loadBomVersion(`
			`bomId: string, versionId: string, companyCode: string,`
			`versionTableName?: string, detailTableName?: string,`
			`) {`
			`const vTable = safeTableName(versionTableName \|\| "", "bom_version");`
			`const dTable = safeTableName(detailTableName \|\| "", "bom_detail");`

			`return transaction(async (client) => {`
			`const verRow = await client.query(`
			`SELECT * FROM ${vTable} WHERE id = $1 AND bom_id = $2`,
			`[versionId, bomId],`
			`);`
			`if (verRow.rows.length === 0) throw new Error("버전을 찾을 수 없습니다");`

			`const snapshot = verRow.rows[0].snapshot_data;`
			`if (!snapshot \|\| !snapshot.bom) throw new Error("스냅샷 데이터가 없습니다");`

			`// 스냅샷에 기록된 detailTable을 우선 사용, 없으면 파라미터 사용`
			`const snapshotDetailTable = safeTableName(snapshot.detailTable \|\| "", dTable);`

			await client.query(`DELETE FROM ${snapshotDetailTable} WHERE bom_id = $1`, [bomId]);

			`const b = snapshot.bom;`
			`await client.query(`
			`UPDATE bom SET base_qty = $1, unit = $2, revision = $3, remark = $4 WHERE id = $5`,
			`[b.base_qty \|\| null, b.unit \|\| null, b.revision \|\| null, b.remark \|\| null, bomId],`
			`);`

			`const oldToNew: Record<string, string> = {};`
			`for (const d of snapshot.details \|\| []) {`
			`const insertResult = await client.query(`
			`INSERT INTO ${snapshotDetailTable} (bom_id, parent_detail_id, child_item_id, quantity, unit, process_type, loss_rate, remark, level, base_qty, revision, company_code)
			VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12) RETURNING id`,
			`[`
			`bomId,`
			`d.parent_detail_id ? (oldToNew[d.parent_detail_id] \|\| null) : null,`
			`d.child_item_id,`
			`d.quantity,`
			`d.unit,`
			`d.process_type,`
			`d.loss_rate,`
			`d.remark,`
			`d.level,`
			`d.base_qty,`
			`d.revision,`
			`companyCode,`
			`],`
			`);`
			`oldToNew[d.id] = insertResult.rows[0].id;`
			`}`

			`logger.info("BOM 버전 불러오기 완료", { bomId, versionId, vTable, snapshotDetailTable });`
			`return { restored: true, versionName: verRow.rows[0].version_name };`
			`});`
			`}`

			`export async function deleteBomVersion(bomId: string, versionId: string, tableName?: string) {`
			`const table = safeTableName(tableName \|\| "", "bom_version");`
			const sql = `DELETE FROM ${table} WHERE id = $1 AND bom_id = $2 RETURNING id`;
			`const result = await query(sql, [versionId, bomId]);`
			`return result.length > 0;`
			`}`