From 408744ad071c019ebe512b08596d8b872c86dc2a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=EA=B9=80=EC=84=B1=EA=B2=BD?= <skkim@o2o.kr>
Date: Wed, 6 May 2026 14:01:17 +0900
Subject: [PATCH] =?UTF-8?q?=EA=B4=80=EB=A6=AC=EC=9E=90=20=EC=97=AD?=
 =?UTF-8?q?=ED=95=A0=20=EB=B3=84=20=EA=B6=8C=ED=95=9C=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/admin_manager.py                          |  19 ++
 app/backoffice/admin/admin_view.py            |   2 +-
 app/backoffice/admin/auth.py                  |   1 +
 app/backoffice/credit_view.py                 |   2 +
 .../frontend/templates/sqladmin/details.html  | 106 +++++++
 .../frontend/templates/sqladmin/layout.html   |  65 ++++
 .../frontend/templates/sqladmin/list.html     | 299 ++++++++++++++++++
 app/user/api/user_admin.py                    |   2 +
 8 files changed, 495 insertions(+), 1 deletion(-)
 create mode 100644 app/backoffice/frontend/templates/sqladmin/details.html
 create mode 100644 app/backoffice/frontend/templates/sqladmin/layout.html
 create mode 100644 app/backoffice/frontend/templates/sqladmin/list.html

diff --git a/app/admin_manager.py b/app/admin_manager.py
index 670eb13..87979a5 100644
--- a/app/admin_manager.py
+++ b/app/admin_manager.py
@@ -3,6 +3,7 @@ from pathlib import Path
 from fastapi import FastAPI
 from sqladmin import Admin
 from sqladmin.authentication import login_required
+from starlette.exceptions import HTTPException
 from starlette.requests import Request
 from starlette.responses import Response
 from sqlalchemy.ext.asyncio import AsyncEngine
@@ -28,6 +29,24 @@ class DashboardAdmin(Admin):
             {"title": "대시보드", "subtitle": "", "admin_role": admin_role, **ctx},
         )
 
+    @login_required
+    async def edit(self, request: Request) -> Response:
+        if request.session.get("admin_role") == "viewer":
+            raise HTTPException(status_code=403)
+        return await super().edit(request)
+
+    @login_required
+    async def create(self, request: Request) -> Response:
+        if request.session.get("admin_role") == "viewer":
+            raise HTTPException(status_code=403)
+        return await super().create(request)
+
+    @login_required
+    async def delete(self, request: Request) -> Response:
+        if request.session.get("admin_role") == "viewer":
+            raise HTTPException(status_code=403)
+        return await super().delete(request)
+
 
 def init_admin(
     app: FastAPI,
diff --git a/app/backoffice/admin/admin_view.py b/app/backoffice/admin/admin_view.py
index 7ab56b0..cf7ceac 100644
--- a/app/backoffice/admin/admin_view.py
+++ b/app/backoffice/admin/admin_view.py
@@ -43,7 +43,7 @@ class AdminAdmin(SuperAdminOnly, ModelView, model=Admin):
     form_args = {
         "role": {
             "label": "권한",
-            "choices": [("superadmin", "전체 관리자"), ("viewer", "조회 전용")],
+            "choices": [("superadmin", "전체 관리자"), ("viewer", "일반 관리자")],
             "default": "viewer",
         }
     }
diff --git a/app/backoffice/admin/auth.py b/app/backoffice/admin/auth.py
index 7c55642..6296b36 100644
--- a/app/backoffice/admin/auth.py
+++ b/app/backoffice/admin/auth.py
@@ -36,6 +36,7 @@ class AdminAuthBackend(AuthenticationBackend):
 
         request.session["admin_id"] = admin.id
         request.session["admin_role"] = admin.role
+        request.session["admin_name"] = admin.name or admin.username
         logger.info(f"[ADMIN-AUTH] login success admin_id={admin.id} username={username} role={admin.role}")
 
         # 마지막 로그인 시간 갱신
diff --git a/app/backoffice/credit_view.py b/app/backoffice/credit_view.py
index 026426c..295d048 100644
--- a/app/backoffice/credit_view.py
+++ b/app/backoffice/credit_view.py
@@ -21,6 +21,8 @@ class CreditChargeRequestAdmin(SuperAdminEditable, ModelView, model=CreditCharge
     icon = "fa-solid fa-coins"
     category = "크레딧 관리"
     page_size = 30
+    can_edit = True
+    can_delete = False
 
     column_list = [
         "id",
diff --git a/app/backoffice/frontend/templates/sqladmin/details.html b/app/backoffice/frontend/templates/sqladmin/details.html
new file mode 100644
index 0000000..612b7ae
--- /dev/null
+++ b/app/backoffice/frontend/templates/sqladmin/details.html
@@ -0,0 +1,106 @@
+{% extends "sqladmin/layout.html" %}
+{% block content %}
+<div class="col-12">
+  <div class="card">
+    <div class="card-header">
+      <h3 class="card-title">
+        {% for pk in model_view.pk_columns -%}
+        {{ pk.name }}
+        {%- if not loop.last %};{% endif -%}
+        {% endfor %}: {{ get_object_identifier(model) }}</h3>
+    </div>
+    <div class="card-body border-bottom py-3">
+      <div class="table-responsive">
+        <table class="table card-table table-vcenter text-nowrap table-hover table-bordered">
+          <thead>
+            <tr>
+              <th class="w-1">Column</th>
+              <th class="w-1">Value</th>
+            </tr>
+          </thead>
+          <tbody>
+            {% for name in model_view._details_prop_names %}
+            {% set label = model_view._column_labels.get(name, name) %}
+            <tr>
+              <td>{{ label }}</td>
+              {% set value, formatted_value = model_view.get_detail_value(model, name) %}
+              {% if name in model_view._relation_names %}
+              {% if is_list( value ) %}
+              <td>
+                {% for elem, formatted_elem in zip(value, formatted_value) %}
+                  {% if model_view.show_compact_lists %}
+                    <a href="{{ model_view._build_url_for('admin:details', request, elem) }}">({{ formatted_elem }})</a>
+                  {% else %}
+                    <a href="{{ model_view._build_url_for('admin:details', request, elem) }}">{{ formatted_elem }}</a><br/>
+                  {% endif %}
+                {% endfor %}
+              </td>
+              {% else %}
+              <td><a href="{{ model_view._url_for_details_with_prop(request, model, name) }}">{{ formatted_value }}</a>
+              </td>
+              {% endif %}
+              {% else %}
+              <td>{{ formatted_value }}</td>
+              {% endif %}
+            </tr>
+            {% endfor %}
+          </tbody>
+        </table>
+      </div>
+      <div class="card-footer container">
+        <div class="row">
+          <div class="col-md-1">
+            <a href="{{ url_for('admin:list', identity=model_view.identity) }}" class="btn">
+              Go Back
+            </a>
+          </div>
+          {% if model_view.can_delete and request.session.get('admin_role') == 'superadmin' %}
+          <div class="col-md-1">
+            <a href="#" data-name="{{ model_view.name }}" data-pk="{{ get_object_identifier(model) }}"
+              data-url="{{ model_view._url_for_delete(request, model) }}" data-bs-toggle="modal"
+              data-bs-target="#modal-delete" class="btn btn-danger">
+              Delete
+            </a>
+          </div>
+          {% endif %}
+          {% if model_view.can_edit and request.session.get('admin_role') == 'superadmin' %}
+          <div class="col-md-1">
+            <a href="{{ model_view._build_url_for('admin:edit', request, model) }}" class="btn btn-primary">
+              Edit
+            </a>
+          </div>
+          {% endif %}
+          {% for custom_action,label in model_view._custom_actions_in_detail.items() %}
+          <div class="col-md-1">
+            {% if custom_action in model_view._custom_actions_confirmation %}
+            <a href="#" class="btn btn-secondary" data-bs-toggle="modal"
+              data-bs-target="#modal-confirmation-{{ custom_action }}">
+              {{ label }}
+            </a>
+            {% else %}
+            <a href="{{ model_view._url_for_action(request, custom_action) }}?pks={{ get_object_identifier(model) }}"
+              class="btn btn-secondary">
+              {{ label }}
+            </a>
+            {% endif %}
+          </div>
+          {% endfor %}
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+{% if model_view.can_delete %}
+{% include 'sqladmin/modals/delete.html' %}
+{% endif %}
+
+{% for custom_action in model_view._custom_actions_in_detail %}
+{% if custom_action in model_view._custom_actions_confirmation %}
+{% with confirmation_message = model_view._custom_actions_confirmation[custom_action], custom_action=custom_action,
+url=model_view._url_for_action(request, custom_action) + '?pks=' + (get_object_identifier(model) | string) %}
+{% include 'sqladmin/modals/details_action_confirmation.html' %}
+{% endwith %}
+{% endif %}
+{% endfor %}
+
+{% endblock %}
\ No newline at end of file
diff --git a/app/backoffice/frontend/templates/sqladmin/layout.html b/app/backoffice/frontend/templates/sqladmin/layout.html
new file mode 100644
index 0000000..eb52700
--- /dev/null
+++ b/app/backoffice/frontend/templates/sqladmin/layout.html
@@ -0,0 +1,65 @@
+{% extends "sqladmin/base.html" %}
+{% from 'sqladmin/_macros.html' import display_menu %}
+{% block body %}
+<div class="wrapper">
+  <aside class="navbar navbar-expand-lg navbar-vertical navbar-expand-md navbar-dark">
+    <div class="container-fluid">
+      <h1 class="navbar-brand navbar-brand-autodark">
+        <a href="{{ url_for('admin:index') }}">
+          {% if admin.logo_url %}
+          <img src="{{ admin.logo_url }}" width="64" height="64" alt="Admin" class="navbar-brand-image" />
+          {% else %}
+          <h3>{{ admin.title }}</h3>
+          {% endif %}
+        </a>
+      </h1>
+      <nav class="navbar navbar-expand-sm" id="navbar-menu">
+        <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent"
+          aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
+          <span class="navbar-toggler-icon"></span>
+        </button>
+        <div class="collapse navbar-collapse" id="navbarSupportedContent">
+          {{ display_menu(admin._menu, request) }}
+        </div>
+      </nav>
+      {% if admin.authentication_backend %}
+      <div class="mb-2 text-center text-white">
+        <div class="fw-bold">{{ request.session.get('admin_name', '') }}</div>
+        <small>
+          {% if request.session.get('admin_role') == 'superadmin' %}
+          <span class="badge bg-danger">전체 관리자</span>
+          {% else %}
+          <span class="badge bg-warning text-dark">일반 관리자</span>
+          {% endif %}
+        </small>
+      </div>
+      <a href="{{ request.url_for('admin:logout') }}" class="btn btn-secondary btn-icon">
+        <i class="fa fa-sign-out"></i>
+        <span>Logout</span>
+      </a>
+      {% endif %}
+    </div>
+  </aside>
+  <div class="page-wrapper">
+    <div class="container-fluid">
+      <div class="page-header d-print-none">
+        {% block content_header %}
+        <div class="row align-items-center">
+          <div class="col">
+            <h2 class="page-title">{{ title }}</h2>
+            <div class="page-pretitle">{{ subtitle }}</div>
+          </div>
+        </div>
+        {% endblock %}
+      </div>
+    </div>
+    <div class="page-body flex-grow-1">
+      <div class="container-fluid">
+        <div class="row row-deck row-cards">
+          {% block content %} {% endblock %}
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+{% endblock %}
\ No newline at end of file
diff --git a/app/backoffice/frontend/templates/sqladmin/list.html b/app/backoffice/frontend/templates/sqladmin/list.html
new file mode 100644
index 0000000..d1e9430
--- /dev/null
+++ b/app/backoffice/frontend/templates/sqladmin/list.html
@@ -0,0 +1,299 @@
+{% extends "sqladmin/layout.html" %}
+{% block content %}
+<div class="container-fluid">
+  <div class="row">
+    <div class="col-12">
+      <div class="d-flex">
+        <div class="flex-grow-1 me-2">
+          <div class="card">
+            <div class="card-header">
+              <h3 class="card-title">{{ model_view.name_plural }}</h3>
+              <div class="ms-auto">
+                {% if model_view.can_export %}
+                {% if model_view.export_types | length > 1 %}
+                <div class="ms-3 d-inline-block dropdown">
+                  <a href="#" class="btn btn-secondary dropdown-toggle" id="dropdownMenuButton1" data-bs-toggle="dropdown"
+                    aria-expanded="false">
+                    Export
+                  </a>
+                  <ul class="dropdown-menu" aria-labelledby="dropdownMenuButton1">
+                    {% for export_type in model_view.export_types %}
+                    <li><a class="dropdown-item"
+                        href="{{ url_for('admin:export', identity=model_view.identity, export_type=export_type) }}">{{
+                        export_type | upper }}</a></li>
+                    {% endfor %}
+                  </ul>
+                </div>
+                {% elif model_view.export_types | length == 1 %}
+                <div class="ms-3 d-inline-block">
+                  <a href="{{ url_for('admin:export', identity=model_view.identity, export_type=model_view.export_types[0]) }}"
+                    class="btn btn-secondary">
+                    Export
+                  </a>
+                </div>
+                {% endif %}
+                {% endif %}
+                {% if model_view.can_create %}
+                <div class="ms-3 d-inline-block">
+                  <a href="{{ url_for('admin:create', identity=model_view.identity) }}" class="btn btn-primary">
+                    + New {{ model_view.name }}
+                  </a>
+                </div>
+                {% endif %}
+              </div>
+            </div>
+            <div class="card-body border-bottom py-3">
+              <div class="d-flex justify-content-between">
+                <div class="dropdown col-4">
+                  <button {% if not model_view.can_delete and not model_view._custom_actions_in_list %} disabled {% endif %}
+                    class="btn btn-light dropdown-toggle" type="button" id="dropdownMenuButton" data-toggle="dropdown"
+                    aria-haspopup="true" aria-expanded="false">
+                    Actions
+                  </button>
+                  {% if model_view.can_delete or model_view._custom_actions_in_list %}
+                  <div class="dropdown-menu" aria-labelledby="dropdownMenuButton">
+                    {% if model_view.can_delete and request.session.get('admin_role') == 'superadmin' %}
+                    <a class="dropdown-item" id="action-delete" href="#" data-name="{{ model_view.name }}"
+                      data-url="{{ url_for('admin:delete', identity=model_view.identity) }}" data-bs-toggle="modal"
+                      data-bs-target="#modal-delete">Delete selected items</a>
+                    {% endif %}
+                    {% for custom_action, label in model_view._custom_actions_in_list.items() %}
+                    {% if custom_action in model_view._custom_actions_confirmation %}
+                    <a class="dropdown-item" id="action-customconfirm-{{ custom_action }}" href="#" data-bs-toggle="modal"
+                      data-bs-target="#modal-confirmation-{{ custom_action }}">
+                      {{ label }}
+                    </a>
+                    {% else %}
+                    <a class="dropdown-item" id="action-custom-{{ custom_action }}" href="#"
+                      data-url="{{ model_view._url_for_action(request, custom_action) }}">
+                      {{ label }}
+                    </a>
+                    {% endif %}
+                    {% endfor %}
+                  </div>
+                  {% endif %}
+                </div>
+                {% if model_view.column_searchable_list %}
+                <div class="col-md-4 text-muted">
+                  <div class="input-group">
+                    <input id="search-input" type="text" class="form-control"
+                      placeholder="Search: {{ model_view.search_placeholder() }}"
+                      value="{{ request.query_params.get('search', '') }}">
+                    <button id="search-button" class="btn" type="button">Search</button>
+                    <button id="search-reset" class="btn" type="button" {% if not request.query_params.get('search')
+                      %}disabled{% endif %}><i class="fa-solid fa-times"></i></button>
+                  </div>
+                </div>
+                {% endif %}
+              </div>
+            </div>
+            <div class="table-responsive">
+              <table class="table card-table table-vcenter text-nowrap">
+                <thead>
+                  <tr>
+                    <th class="w-1"><input class="form-check-input m-0 align-middle" type="checkbox" aria-label="Select all"
+                        id="select-all"></th>
+                    <th class="w-1"></th>
+                    {% for name in model_view._list_prop_names %}
+                    {% set label = model_view._column_labels.get(name, name) %}
+                    <th>
+                      {% if name in model_view._sort_fields %}
+                      {% if request.query_params.get("sortBy") == name and request.query_params.get("sort") == "asc" %}
+                      <a href="{{ request.url.include_query_params(sort='desc') }}"><i class="fa-solid fa-arrow-up"></i> {{
+                        label }}</a>
+                      {% elif request.query_params.get("sortBy") == name and request.query_params.get("sort") == "desc" %}
+                      <a href="{{ request.url.include_query_params(sort='asc') }}"><i class="fa-solid fa-arrow-down"></i> {{ label
+                        }}</a>
+                      {% else %}
+                      <a href="{{ request.url.include_query_params(sortBy=name, sort='asc') }}">{{ label }}</a>
+                      {% endif %}
+                      {% else %}
+                      {{ label }}
+                      {% endif %}
+                    </th>
+                    {% endfor %}
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for row in pagination.rows %}
+                  <tr>
+                    <td>
+                      <input type="hidden" value="{{ get_object_identifier(row) }}">
+                      <input class="form-check-input m-0 align-middle select-box" type="checkbox" aria-label="Select item">
+                    </td>
+                    <td class="text-end">
+                      {% if model_view.can_view_details %}
+                      <a href="{{ model_view._build_url_for('admin:details', request, row) }}" data-bs-toggle="tooltip"
+                        data-bs-placement="top" title="View">
+                        <span class="me-1"><i class="fa-solid fa-eye"></i></span>
+                      </a>
+                      {% endif %}
+                      {% if model_view.can_edit and request.session.get('admin_role') == 'superadmin' %}
+                      <a href="{{ model_view._build_url_for('admin:edit', request, row) }}" data-bs-toggle="tooltip"
+                        data-bs-placement="top" title="Edit">
+                        <span class="me-1"><i class="fa-solid fa-pen-to-square"></i></span>
+                      </a>
+                      {% endif %}
+                      {% if model_view.can_delete and request.session.get('admin_role') == 'superadmin' %}
+                      <a href="#" data-name="{{ model_view.name }}" data-pk="{{ get_object_identifier(row) }}"
+                        data-url="{{ model_view._url_for_delete(request, row) }}" data-bs-toggle="modal"
+                        data-bs-target="#modal-delete" title="Delete">
+                        <span class="me-1"><i class="fa-solid fa-trash"></i></span>
+                      </a>
+                      {% endif %}
+                    </td>
+                    {% for name in model_view._list_prop_names %}
+                    {% set value, formatted_value = model_view.get_list_value(row, name) %}
+                    {% if name in model_view._relation_names %}
+                    {% if is_list( value ) %}
+                    <td>
+                      {% for elem, formatted_elem in zip(value, formatted_value) %}
+                        {% if model_view.show_compact_lists %}
+                          <a href="{{ model_view._build_url_for('admin:details', request, elem) }}">({{ formatted_elem }})</a>
+                        {% else %}
+                          <a href="{{ model_view._build_url_for('admin:details', request, elem) }}">{{ formatted_elem }}</a><br/>
+                        {% endif %}
+                      {% endfor %}
+                    </td>
+                    {% else %}
+                    <td><a href="{{ model_view._url_for_details_with_prop(request, row, name) }}">{{ formatted_value }}</a></td>
+                    {% endif %}
+                    {% else %}
+                    <td>{{ formatted_value }}</td>
+                    {% endif %}
+                    {% endfor %}
+                  </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
+            </div>
+            <div class="card-footer d-flex justify-content-between align-items-center gap-2">
+              <p class="m-0 text-muted">Showing <span>{{ ((pagination.page - 1) * pagination.page_size) + 1 }}</span> to
+                <span>{{ min(pagination.page * pagination.page_size, pagination.count) }}</span> of <span>{{ pagination.count
+                  }}</span> items
+              </p>
+              <ul class="pagination m-0 ms-auto">
+                <li class="page-item {% if not pagination.has_previous %}disabled{% endif %}">
+                  {% if pagination.has_previous %}
+                  <a class="page-link" href="{{ pagination.previous_page.url }}">
+                    {% else %}
+                    <a class="page-link" href="#">
+                      {% endif %}
+                      <i class="fa-solid fa-chevron-left"></i>
+                      prev
+                    </a>
+                </li>
+                {% for page_control in pagination.page_controls %}
+                <li class="page-item {% if page_control.number == pagination.page %}active{% endif %}"><a class="page-link"
+                    href="{{ page_control.url }}">{{ page_control.number }}</a></li>
+                {% endfor %}
+                <li class="page-item {% if not pagination.has_next %}disabled{% endif %}">
+                  {% if pagination.has_next %}
+                  <a class="page-link" href="{{ pagination.next_page.url }}">
+                    {% else %}
+                    <a class="page-link" href="#">
+                      {% endif %}
+                      next
+                      <i class="fa-solid fa-chevron-right"></i>
+                    </a>
+                </li>
+              </ul>
+              <div class="dropdown text-muted">
+                Show
+                <a href="#" class="btn btn-sm btn-light dropdown-toggle" data-toggle="dropdown" aria-haspopup="true"
+                  aria-expanded="false">
+                  {{ request.query_params.get("pageSize") or model_view.page_size }} / Page
+                </a>
+                <div class="dropdown-menu">
+                  {% for page_size_option in model_view.page_size_options %}
+                  <a class="dropdown-item" href="{{ request.url.include_query_params(pageSize=page_size_option, page=pagination.resize(page_size_option).page) }}">
+                    {{ page_size_option }} / Page
+                  </a>
+                  {% endfor %}
+                </div>
+              </div>
+            </div>
+          </div>
+        </div>
+        {% if model_view.get_filters() %}
+        <div class="col-md-3" style="width: 300px; flex-shrink: 0;">
+          <div id="filter-sidebar" class="card">
+            <div class="card-header">
+              <h3 class="card-title">Filters</h3>
+            </div>
+            <div class="card-body">
+              {% for filter in model_view.get_filters() %}
+              {% if filter.has_operator %}
+              <div class="mb-3">
+                <div class="fw-bold text-truncate">{{ filter.title }}</div>
+                <div>
+                  <!-- Show current filter if active -->
+                  {% set current_filter = request.query_params.get(filter.parameter_name, '') %}
+                  {% set current_op = request.query_params.get(filter.parameter_name + '_op', '') %}
+                  {% if current_filter %}
+                  <div class="mb-2 text-muted small">
+                    Current: {{ current_op }} {{ current_filter }} 
+                    <a href="{{ request.url.remove_query_params(filter.parameter_name).remove_query_params(filter.parameter_name + '_op') }}" class="text-decoration-none">[Clear]</a>
+                  </div>
+                  {% endif %}
+                  <!-- Single form with dropdown for operations -->
+                  <form method="get" class="d-flex flex-column" style="gap: 8px;">
+                    <!-- Preserve existing query parameters -->
+                    {% for key, value in request.query_params.items() %}
+                      {% if key != filter.parameter_name and key != filter.parameter_name + '_op' %}
+                      <input type="hidden" name="{{ key }}" value="{{ value }}">
+                      {% endif %}
+                    {% endfor %}
+                    <!-- Operation dropdown -->
+                    <select name="{{ filter.parameter_name }}_op" class="form-select form-select-sm" required>
+                      <option value="">Select operation...</option>
+                      {% for op_value, op_label in filter.get_operation_options_for_model(model_view.model) %}
+                      <option value="{{ op_value }}" {% if current_op == op_value %}selected{% endif %}>{{ op_label }}</option>
+                      {% endfor %}
+                    </select>
+                    <!-- Value input -->
+                    <input type="text" 
+                           name="{{ filter.parameter_name }}" 
+                           placeholder="Enter value"
+                           class="form-control form-control-sm"
+                           value="{{ current_filter }}"
+                           required>
+                    <button type="submit" class="btn btn-sm btn-outline-primary">Apply Filter</button>
+                  </form>
+                </div>
+              </div>
+              {% else %}
+              <!-- Fallback for other filter types -->
+              <div class="mb-3">
+                <div class="fw-bold text-truncate">{{ filter.title }}</div>
+                <div>
+                  {% for lookup in filter.lookups(request, model_view.model, model_view._run_arbitrary_query) %}
+                  <a href="{{ request.url.include_query_params(**{filter.parameter_name: lookup[0]}) }}" class="d-block text-decoration-none text-truncate">
+                    {{ lookup[1] }}
+                  </a>
+                  {% endfor %}
+                </div>
+              </div>
+              {% endif %}
+              {% endfor %}
+            </div>
+          </div>
+        </div>
+        {% endif %}
+      </div>
+    </div>
+  </div>
+  {% if model_view.can_delete %}
+  {% include 'sqladmin/modals/delete.html' %}
+  {% endif %}
+
+  {% for custom_action in model_view._custom_actions_in_list %}
+  {% if custom_action in model_view._custom_actions_confirmation %}
+  {% with confirmation_message = model_view._custom_actions_confirmation[custom_action], custom_action=custom_action,
+  url=model_view._url_for_action(request, custom_action) %}
+  {% include 'sqladmin/modals/list_action_confirmation.html' %}
+  {% endwith %}
+  {% endif %}
+  {% endfor %}
+</div>
+{% endblock %}
diff --git a/app/user/api/user_admin.py b/app/user/api/user_admin.py
index 8cc700e..9c20972 100644
--- a/app/user/api/user_admin.py
+++ b/app/user/api/user_admin.py
@@ -21,6 +21,8 @@ class UserAdmin(SuperAdminEditable, ModelView, model=User):
     icon = "fa-solid fa-user"
     category = "사용자 관리"
     page_size = 30
+    can_edit = True
+    can_delete = True
 
     column_list = [
         "id",