From ec088239011787845a375fe41bec412860df04c7 Mon Sep 17 00:00:00 2001
From: Iman Mirazimi <imirazimi@gmail.com>
Date: Sat, 18 May 2024 18:15:29 +0330
Subject: [PATCH] fix(niki): update admin routes with authorization's
 permissions

---
 delivery/http_server/admin/kind_box_req/get_all.go   |  2 +-
 delivery/http_server/admin/kind_box_req/route.go     | 12 ++++++------
 docs/docs.go                                         |  2 +-
 docs/swagger.json                                    |  2 +-
 docs/swagger.yaml                                    |  2 +-
 entity/admin_permission.go                           | 10 ++++++----
 ...n_access_controls_table_permission_enum_field.sql |  4 +++-
 ...1708712565_insert_admin_access_controls_table.sql | 10 +++++++---
 8 files changed, 26 insertions(+), 18 deletions(-)

diff --git a/delivery/http_server/admin/kind_box_req/get_all.go b/delivery/http_server/admin/kind_box_req/get_all.go
index 90b300e..fefebdc 100644
--- a/delivery/http_server/admin/kind_box_req/get_all.go
+++ b/delivery/http_server/admin/kind_box_req/get_all.go
@@ -20,7 +20,7 @@ import (
 // @Success      200  {object}  param.KindBoxReqGetAllResponse
 // @Failure      400  {string}  "Bad request"
 // @Security 	 AuthBearerAdmin
-// @Router       /admin/kindboxreqs/ [get]
+// @Router       /admin/kindboxreqs [get]
 func (h Handler) GetAll(c echo.Context) error {
 	var req param.KindBoxReqGetAllRequest
 	if bErr := c.Bind(&req); bErr != nil {
diff --git a/delivery/http_server/admin/kind_box_req/route.go b/delivery/http_server/admin/kind_box_req/route.go
index 2269bc8..81769d8 100644
--- a/delivery/http_server/admin/kind_box_req/route.go
+++ b/delivery/http_server/admin/kind_box_req/route.go
@@ -9,10 +9,10 @@ import (
 func (h Handler) SetRoutes(e *echo.Echo) {
 	r := e.Group("/admin/kindboxreqs")
 
-	// todo - add acl
-	r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission))
-	r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission))
-	r.PATCH("/deliver-kind-box-req/:id", h.Deliver)
-	r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent)
-	r.GET("/", h.GetAll, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission))
+	r.Use(middleware.Auth(h.authSvc, h.authConfig))
+	r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission))
+	r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission))
+	r.PATCH("/deliver-kind-box-req/:id", h.Deliver, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqDeliverPermission))
+	r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAssignSenderAgentPermission))
+	r.GET("", h.GetAll, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission))
 }
diff --git a/docs/docs.go b/docs/docs.go
index 3659d1c..8dc0080 100644
--- a/docs/docs.go
+++ b/docs/docs.go
@@ -116,7 +116,7 @@ const docTemplate = `{
                 }
             }
         },
-        "/admin/kindboxreqs/": {
+        "/admin/kindboxreqs": {
             "get": {
                 "security": [
                     {
diff --git a/docs/swagger.json b/docs/swagger.json
index 647447f..65e5bf8 100644
--- a/docs/swagger.json
+++ b/docs/swagger.json
@@ -105,7 +105,7 @@
                 }
             }
         },
-        "/admin/kindboxreqs/": {
+        "/admin/kindboxreqs": {
             "get": {
                 "security": [
                     {
diff --git a/docs/swagger.yaml b/docs/swagger.yaml
index 52724df..3ca3877 100644
--- a/docs/swagger.yaml
+++ b/docs/swagger.yaml
@@ -544,7 +544,7 @@ paths:
       summary: Get all provinces
       tags:
       - Address
-  /admin/kindboxreqs/:
+  /admin/kindboxreqs:
     get:
       consumes:
       - application/json
diff --git a/entity/admin_permission.go b/entity/admin_permission.go
index 2249102..f421511 100644
--- a/entity/admin_permission.go
+++ b/entity/admin_permission.go
@@ -3,8 +3,10 @@ package entity
 type AdminPermission string
 
 const (
-	AdminAdminRegisterPermission    = AdminPermission("admin-register")
-	AdminKindBoxReqAcceptPermission = AdminPermission("kindboxreq-accept")
-	AdminKindBoxReqRejectPermission = AdminPermission("kindboxreq-reject")
-	AdminKindBoxReqGetAllPermission = AdminPermission("kindboxreq-getall")
+	AdminAdminRegisterPermission               = AdminPermission("admin-register")
+	AdminKindBoxReqAcceptPermission            = AdminPermission("kindboxreq-accept")
+	AdminKindBoxReqRejectPermission            = AdminPermission("kindboxreq-reject")
+	AdminKindBoxReqGetAllPermission            = AdminPermission("kindboxreq-getall")
+	AdminKindBoxReqDeliverPermission           = AdminPermission("kindboxreq-deliver")
+	AdminKindBoxReqAssignSenderAgentPermission = AdminPermission("kindboxreq-assign_sender_agent")
 )
diff --git a/repository/mysql/migration/1708712564_alter_admin_access_controls_table_permission_enum_field.sql b/repository/mysql/migration/1708712564_alter_admin_access_controls_table_permission_enum_field.sql
index 4aa5216..9e525b2 100644
--- a/repository/mysql/migration/1708712564_alter_admin_access_controls_table_permission_enum_field.sql
+++ b/repository/mysql/migration/1708712564_alter_admin_access_controls_table_permission_enum_field.sql
@@ -4,7 +4,9 @@ ALTER TABLE `admin_access_controls` MODIFY COLUMN `permission`
         'admin-register',
         'kindboxreq-accept',
         'kindboxreq-reject',
-        'kindboxreq-getall'
+        'kindboxreq-getall',
+        'kindboxreq-deliver',
+        'kindboxreq-assign_sender_agent'
     ) NOT NULL;
     
 -- +migrate Down
\ No newline at end of file
diff --git a/repository/mysql/migration/1708712565_insert_admin_access_controls_table.sql b/repository/mysql/migration/1708712565_insert_admin_access_controls_table.sql
index bb58fee..70607b3 100644
--- a/repository/mysql/migration/1708712565_insert_admin_access_controls_table.sql
+++ b/repository/mysql/migration/1708712565_insert_admin_access_controls_table.sql
@@ -5,9 +5,13 @@ INSERT INTO `admin_access_controls` (`id`, `actor_id`, `actor_type`,`permission`
         (2, 1 , 'role','kindboxreq-accept'),
         (3, 1 , 'role','kindboxreq-reject'),
         (4, 1 , 'role','kindboxreq-getall'),
-        (5, 2 , 'role','kindboxreq-accept'),
-        (6, 2 , 'role','kindboxreq-reject'),
-        (7, 2 , 'role','kindboxreq-getall');
+        (5, 1 , 'role','kindboxreq-deliver'),
+        (6, 1 , 'role','kindboxreq-assign_sender_agent'),
+        (8, 2 , 'role','kindboxreq-accept'),
+        (9, 2 , 'role','kindboxreq-reject'),
+        (10, 2 , 'role','kindboxreq-getall'),
+        (11, 2 , 'role','kindboxreq-deliver'),
+        (12, 2 , 'role','kindboxreq-assign_sender_agent');
 
 -- +migrate Down
 DELETE