fix(niki): update admin routes with authorization's permissions

2024-05-18 18:15:29 +03:30 · 2024-05-18 18:15:29 +03:30 · ec08823901
parent 26d44dd7eb
commit ec08823901
8 changed files with 26 additions and 18 deletions
--- a/delivery/http_server/admin/kind_box_req/get_all.go
+++ b/delivery/http_server/admin/kind_box_req/get_all.go
@ -20,7 +20,7 @@ import (
 // @Success      200  {object}  param.KindBoxReqGetAllResponse
 // @Failure      400  {string}  "Bad request"
 // @Security 	 AuthBearerAdmin
-// @Router       /admin/kindboxreqs/ [get]
+// @Router       /admin/kindboxreqs [get]
 func (h Handler) GetAll(c echo.Context) error {
 	var req param.KindBoxReqGetAllRequest
 	if bErr := c.Bind(&req); bErr != nil {
--- a/delivery/http_server/admin/kind_box_req/route.go
+++ b/delivery/http_server/admin/kind_box_req/route.go
@ -9,10 +9,10 @@ import (
 func (h Handler) SetRoutes(e *echo.Echo) {
 	r := e.Group("/admin/kindboxreqs")

-	// todo - add acl
-	r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission))
-	r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission))
-	r.PATCH("/deliver-kind-box-req/:id", h.Deliver)
-	r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent)
-	r.GET("/", h.GetAll, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission))
+	r.Use(middleware.Auth(h.authSvc, h.authConfig))
+	r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission))
+	r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission))
+	r.PATCH("/deliver-kind-box-req/:id", h.Deliver, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqDeliverPermission))
+	r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAssignSenderAgentPermission))
+	r.GET("", h.GetAll, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission))
 }
--- a/docs/docs.go
+++ b/docs/docs.go
@ -116,7 +116,7 @@ const docTemplate = `{
                }
            }
        },
-        "/admin/kindboxreqs/": {
+        "/admin/kindboxreqs": {
            "get": {
                "security": [
                    {
--- a/docs/swagger.json
+++ b/docs/swagger.json
@ -105,7 +105,7 @@
                }
            }
        },
-        "/admin/kindboxreqs/": {
+        "/admin/kindboxreqs": {
            "get": {
                "security": [
                    {
--- a/docs/swagger.yaml
+++ b/docs/swagger.yaml
@ -544,7 +544,7 @@ paths:
      summary: Get all provinces
      tags:
      - Address
-  /admin/kindboxreqs/:
+  /admin/kindboxreqs:
    get:
      consumes:
      - application/json
--- a/entity/admin_permission.go
+++ b/entity/admin_permission.go
@ -3,8 +3,10 @@ package entity
 type AdminPermission string

 const (
-	AdminAdminRegisterPermission    = AdminPermission("admin-register")
-	AdminKindBoxReqAcceptPermission = AdminPermission("kindboxreq-accept")
-	AdminKindBoxReqRejectPermission = AdminPermission("kindboxreq-reject")
-	AdminKindBoxReqGetAllPermission = AdminPermission("kindboxreq-getall")
+	AdminAdminRegisterPermission               = AdminPermission("admin-register")
+	AdminKindBoxReqAcceptPermission            = AdminPermission("kindboxreq-accept")
+	AdminKindBoxReqRejectPermission            = AdminPermission("kindboxreq-reject")
+	AdminKindBoxReqGetAllPermission            = AdminPermission("kindboxreq-getall")
+	AdminKindBoxReqDeliverPermission           = AdminPermission("kindboxreq-deliver")
+	AdminKindBoxReqAssignSenderAgentPermission = AdminPermission("kindboxreq-assign_sender_agent")
 )
--- a/repository/mysql/migration/1708712564_alter_admin_access_controls_table_permission_enum_field.sql
+++ b/repository/mysql/migration/1708712564_alter_admin_access_controls_table_permission_enum_field.sql
@ -4,7 +4,9 @@ ALTER TABLE `admin_access_controls` MODIFY COLUMN `permission`
        'admin-register',
        'kindboxreq-accept',
        'kindboxreq-reject',
-        'kindboxreq-getall'
+        'kindboxreq-getall',
+        'kindboxreq-deliver',
+        'kindboxreq-assign_sender_agent'
    ) NOT NULL;
    
 -- +migrate Down
--- a/repository/mysql/migration/1708712565_insert_admin_access_controls_table.sql
+++ b/repository/mysql/migration/1708712565_insert_admin_access_controls_table.sql
@ -5,9 +5,13 @@ INSERT INTO `admin_access_controls` (`id`, `actor_id`, `actor_type`,`permission`
        (2, 1 , 'role','kindboxreq-accept'),
        (3, 1 , 'role','kindboxreq-reject'),
        (4, 1 , 'role','kindboxreq-getall'),
-        (5, 2 , 'role','kindboxreq-accept'),
-        (6, 2 , 'role','kindboxreq-reject'),
-        (7, 2 , 'role','kindboxreq-getall');
+        (5, 1 , 'role','kindboxreq-deliver'),
+        (6, 1 , 'role','kindboxreq-assign_sender_agent'),
+        (8, 2 , 'role','kindboxreq-accept'),
+        (9, 2 , 'role','kindboxreq-reject'),
+        (10, 2 , 'role','kindboxreq-getall'),
+        (11, 2 , 'role','kindboxreq-deliver'),
+        (12, 2 , 'role','kindboxreq-assign_sender_agent');

 -- +migrate Down
 DELETE