Rezoo
/
niki
forked from ebhomengo/niki
1
0
Fork 0
Code Pull Requests Activity

fix(niki): update admin routes with authorization's permissions

This commit is contained in:
Iman Mirazimi 2024-05-18 18:15:29 +03:30
parent 26d44dd7eb
commit ec08823901
8 changed files with 26 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
delivery/http_server/admin/kind_box_req/get_all.go
View File

@ -20,7 +20,7 @@ import (
// @Success 200 {object} param.KindBoxReqGetAllResponse // @Success 200 {object} param.KindBoxReqGetAllResponse
// @Failure 400 {string} "Bad request" // @Failure 400 {string} "Bad request"
// @Security AuthBearerAdmin // @Security AuthBearerAdmin
// @Router /admin/kindboxreqs/ [get] // @Router /admin/kindboxreqs [get]
func (h Handler) GetAll(c echo.Context) error { func (h Handler) GetAll(c echo.Context) error {
var req param.KindBoxReqGetAllRequest var req param.KindBoxReqGetAllRequest
if bErr := c.Bind(&req); bErr != nil { if bErr := c.Bind(&req); bErr != nil {

12
delivery/http_server/admin/kind_box_req/route.go
View File

@ -9,10 +9,10 @@ import (
func (h Handler) SetRoutes(e *echo.Echo) { func (h Handler) SetRoutes(e *echo.Echo) {
r := e.Group("/admin/kindboxreqs") r := e.Group("/admin/kindboxreqs")
// todo - add acl r.Use(middleware.Auth(h.authSvc, h.authConfig))
r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission)) r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission))
r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission)) r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission))
r.PATCH("/deliver-kind-box-req/:id", h.Deliver) r.PATCH("/deliver-kind-box-req/:id", h.Deliver, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqDeliverPermission))
r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent) r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAssignSenderAgentPermission))
r.GET("/", h.GetAll, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission)) r.GET("", h.GetAll, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission))
} }

2
docs/docs.go
View File

@ -116,7 +116,7 @@ const docTemplate = `{
} }
} }
}, },
"/admin/kindboxreqs/": { "/admin/kindboxreqs": {
"get": { "get": {
"security": [ "security": [
{ {

2
docs/swagger.json
View File

@ -105,7 +105,7 @@
} }
} }
}, },
"/admin/kindboxreqs/": { "/admin/kindboxreqs": {
"get": { "get": {
"security": [ "security": [
{ {

2
docs/swagger.yaml
View File

@ -544,7 +544,7 @@ paths:
summary: Get all provinces summary: Get all provinces
tags: tags:
- Address - Address
/admin/kindboxreqs/: /admin/kindboxreqs:
get: get:
consumes: consumes:
- application/json - application/json

10
entity/admin_permission.go
View File

@ -3,8 +3,10 @@ package entity
type AdminPermission string type AdminPermission string
const ( const (
AdminAdminRegisterPermission = AdminPermission("admin-register") AdminAdminRegisterPermission = AdminPermission("admin-register")
AdminKindBoxReqAcceptPermission = AdminPermission("kindboxreq-accept") AdminKindBoxReqAcceptPermission = AdminPermission("kindboxreq-accept")
AdminKindBoxReqRejectPermission = AdminPermission("kindboxreq-reject") AdminKindBoxReqRejectPermission = AdminPermission("kindboxreq-reject")
AdminKindBoxReqGetAllPermission = AdminPermission("kindboxreq-getall") AdminKindBoxReqGetAllPermission = AdminPermission("kindboxreq-getall")
AdminKindBoxReqDeliverPermission = AdminPermission("kindboxreq-deliver")
AdminKindBoxReqAssignSenderAgentPermission = AdminPermission("kindboxreq-assign_sender_agent")
) )

4
repository/mysql/migration/1708712564_alter_admin_access_controls_table_permission_enum_field.sql
View File

@ -4,7 +4,9 @@ ALTER TABLE `admin_access_controls` MODIFY COLUMN `permission`
'admin-register', 'admin-register',
'kindboxreq-accept', 'kindboxreq-accept',
'kindboxreq-reject', 'kindboxreq-reject',
'kindboxreq-getall' 'kindboxreq-getall',
'kindboxreq-deliver',
'kindboxreq-assign_sender_agent'
) NOT NULL; ) NOT NULL;
-- +migrate Down -- +migrate Down

10
repository/mysql/migration/1708712565_insert_admin_access_controls_table.sql
View File

@ -5,9 +5,13 @@ INSERT INTO `admin_access_controls` (`id`, `actor_id`, `actor_type`,`permission`
(2, 1 , 'role','kindboxreq-accept'), (2, 1 , 'role','kindboxreq-accept'),
(3, 1 , 'role','kindboxreq-reject'), (3, 1 , 'role','kindboxreq-reject'),
(4, 1 , 'role','kindboxreq-getall'), (4, 1 , 'role','kindboxreq-getall'),
(5, 2 , 'role','kindboxreq-accept'), (5, 1 , 'role','kindboxreq-deliver'),
(6, 2 , 'role','kindboxreq-reject'), (6, 1 , 'role','kindboxreq-assign_sender_agent'),
(7, 2 , 'role','kindboxreq-getall'); (8, 2 , 'role','kindboxreq-accept'),
(9, 2 , 'role','kindboxreq-reject'),
(10, 2 , 'role','kindboxreq-getall'),
(11, 2 , 'role','kindboxreq-deliver'),
(12, 2 , 'role','kindboxreq-assign_sender_agent');
-- +migrate Down -- +migrate Down
DELETE DELETE