fix(niki): update admin routes with authorization's permissions

This commit is contained in:
Iman Mirazimi 2024-05-18 18:15:29 +03:30
parent 26d44dd7eb
commit ec08823901
8 changed files with 26 additions and 18 deletions

View File

@ -20,7 +20,7 @@ import (
// @Success 200 {object} param.KindBoxReqGetAllResponse
// @Failure 400 {string} "Bad request"
// @Security AuthBearerAdmin
// @Router /admin/kindboxreqs/ [get]
// @Router /admin/kindboxreqs [get]
func (h Handler) GetAll(c echo.Context) error {
var req param.KindBoxReqGetAllRequest
if bErr := c.Bind(&req); bErr != nil {

View File

@ -9,10 +9,10 @@ import (
func (h Handler) SetRoutes(e *echo.Echo) {
r := e.Group("/admin/kindboxreqs")
// todo - add acl
r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission))
r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission))
r.PATCH("/deliver-kind-box-req/:id", h.Deliver)
r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent)
r.GET("/", h.GetAll, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission))
r.Use(middleware.Auth(h.authSvc, h.authConfig))
r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission))
r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission))
r.PATCH("/deliver-kind-box-req/:id", h.Deliver, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqDeliverPermission))
r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAssignSenderAgentPermission))
r.GET("", h.GetAll, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission))
}

View File

@ -116,7 +116,7 @@ const docTemplate = `{
}
}
},
"/admin/kindboxreqs/": {
"/admin/kindboxreqs": {
"get": {
"security": [
{

View File

@ -105,7 +105,7 @@
}
}
},
"/admin/kindboxreqs/": {
"/admin/kindboxreqs": {
"get": {
"security": [
{

View File

@ -544,7 +544,7 @@ paths:
summary: Get all provinces
tags:
- Address
/admin/kindboxreqs/:
/admin/kindboxreqs:
get:
consumes:
- application/json

View File

@ -7,4 +7,6 @@ const (
AdminKindBoxReqAcceptPermission = AdminPermission("kindboxreq-accept")
AdminKindBoxReqRejectPermission = AdminPermission("kindboxreq-reject")
AdminKindBoxReqGetAllPermission = AdminPermission("kindboxreq-getall")
AdminKindBoxReqDeliverPermission = AdminPermission("kindboxreq-deliver")
AdminKindBoxReqAssignSenderAgentPermission = AdminPermission("kindboxreq-assign_sender_agent")
)

View File

@ -4,7 +4,9 @@ ALTER TABLE `admin_access_controls` MODIFY COLUMN `permission`
'admin-register',
'kindboxreq-accept',
'kindboxreq-reject',
'kindboxreq-getall'
'kindboxreq-getall',
'kindboxreq-deliver',
'kindboxreq-assign_sender_agent'
) NOT NULL;
-- +migrate Down

View File

@ -5,9 +5,13 @@ INSERT INTO `admin_access_controls` (`id`, `actor_id`, `actor_type`,`permission`
(2, 1 , 'role','kindboxreq-accept'),
(3, 1 , 'role','kindboxreq-reject'),
(4, 1 , 'role','kindboxreq-getall'),
(5, 2 , 'role','kindboxreq-accept'),
(6, 2 , 'role','kindboxreq-reject'),
(7, 2 , 'role','kindboxreq-getall');
(5, 1 , 'role','kindboxreq-deliver'),
(6, 1 , 'role','kindboxreq-assign_sender_agent'),
(8, 2 , 'role','kindboxreq-accept'),
(9, 2 , 'role','kindboxreq-reject'),
(10, 2 , 'role','kindboxreq-getall'),
(11, 2 , 'role','kindboxreq-deliver'),
(12, 2 , 'role','kindboxreq-assign_sender_agent');
-- +migrate Down
DELETE