forked from ebhomengo/niki
fix(niki): update admin routes with authorization's permissions
This commit is contained in:
parent
26d44dd7eb
commit
ec08823901
|
@ -20,7 +20,7 @@ import (
|
||||||
// @Success 200 {object} param.KindBoxReqGetAllResponse
|
// @Success 200 {object} param.KindBoxReqGetAllResponse
|
||||||
// @Failure 400 {string} "Bad request"
|
// @Failure 400 {string} "Bad request"
|
||||||
// @Security AuthBearerAdmin
|
// @Security AuthBearerAdmin
|
||||||
// @Router /admin/kindboxreqs/ [get]
|
// @Router /admin/kindboxreqs [get]
|
||||||
func (h Handler) GetAll(c echo.Context) error {
|
func (h Handler) GetAll(c echo.Context) error {
|
||||||
var req param.KindBoxReqGetAllRequest
|
var req param.KindBoxReqGetAllRequest
|
||||||
if bErr := c.Bind(&req); bErr != nil {
|
if bErr := c.Bind(&req); bErr != nil {
|
||||||
|
|
|
@ -9,10 +9,10 @@ import (
|
||||||
func (h Handler) SetRoutes(e *echo.Echo) {
|
func (h Handler) SetRoutes(e *echo.Echo) {
|
||||||
r := e.Group("/admin/kindboxreqs")
|
r := e.Group("/admin/kindboxreqs")
|
||||||
|
|
||||||
// todo - add acl
|
r.Use(middleware.Auth(h.authSvc, h.authConfig))
|
||||||
r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission))
|
r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission))
|
||||||
r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission))
|
r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission))
|
||||||
r.PATCH("/deliver-kind-box-req/:id", h.Deliver)
|
r.PATCH("/deliver-kind-box-req/:id", h.Deliver, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqDeliverPermission))
|
||||||
r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent)
|
r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAssignSenderAgentPermission))
|
||||||
r.GET("/", h.GetAll, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission))
|
r.GET("", h.GetAll, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission))
|
||||||
}
|
}
|
||||||
|
|
|
@ -116,7 +116,7 @@ const docTemplate = `{
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/admin/kindboxreqs/": {
|
"/admin/kindboxreqs": {
|
||||||
"get": {
|
"get": {
|
||||||
"security": [
|
"security": [
|
||||||
{
|
{
|
||||||
|
|
|
@ -105,7 +105,7 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/admin/kindboxreqs/": {
|
"/admin/kindboxreqs": {
|
||||||
"get": {
|
"get": {
|
||||||
"security": [
|
"security": [
|
||||||
{
|
{
|
||||||
|
|
|
@ -544,7 +544,7 @@ paths:
|
||||||
summary: Get all provinces
|
summary: Get all provinces
|
||||||
tags:
|
tags:
|
||||||
- Address
|
- Address
|
||||||
/admin/kindboxreqs/:
|
/admin/kindboxreqs:
|
||||||
get:
|
get:
|
||||||
consumes:
|
consumes:
|
||||||
- application/json
|
- application/json
|
||||||
|
|
|
@ -7,4 +7,6 @@ const (
|
||||||
AdminKindBoxReqAcceptPermission = AdminPermission("kindboxreq-accept")
|
AdminKindBoxReqAcceptPermission = AdminPermission("kindboxreq-accept")
|
||||||
AdminKindBoxReqRejectPermission = AdminPermission("kindboxreq-reject")
|
AdminKindBoxReqRejectPermission = AdminPermission("kindboxreq-reject")
|
||||||
AdminKindBoxReqGetAllPermission = AdminPermission("kindboxreq-getall")
|
AdminKindBoxReqGetAllPermission = AdminPermission("kindboxreq-getall")
|
||||||
|
AdminKindBoxReqDeliverPermission = AdminPermission("kindboxreq-deliver")
|
||||||
|
AdminKindBoxReqAssignSenderAgentPermission = AdminPermission("kindboxreq-assign_sender_agent")
|
||||||
)
|
)
|
||||||
|
|
|
@ -4,7 +4,9 @@ ALTER TABLE `admin_access_controls` MODIFY COLUMN `permission`
|
||||||
'admin-register',
|
'admin-register',
|
||||||
'kindboxreq-accept',
|
'kindboxreq-accept',
|
||||||
'kindboxreq-reject',
|
'kindboxreq-reject',
|
||||||
'kindboxreq-getall'
|
'kindboxreq-getall',
|
||||||
|
'kindboxreq-deliver',
|
||||||
|
'kindboxreq-assign_sender_agent'
|
||||||
) NOT NULL;
|
) NOT NULL;
|
||||||
|
|
||||||
-- +migrate Down
|
-- +migrate Down
|
|
@ -5,9 +5,13 @@ INSERT INTO `admin_access_controls` (`id`, `actor_id`, `actor_type`,`permission`
|
||||||
(2, 1 , 'role','kindboxreq-accept'),
|
(2, 1 , 'role','kindboxreq-accept'),
|
||||||
(3, 1 , 'role','kindboxreq-reject'),
|
(3, 1 , 'role','kindboxreq-reject'),
|
||||||
(4, 1 , 'role','kindboxreq-getall'),
|
(4, 1 , 'role','kindboxreq-getall'),
|
||||||
(5, 2 , 'role','kindboxreq-accept'),
|
(5, 1 , 'role','kindboxreq-deliver'),
|
||||||
(6, 2 , 'role','kindboxreq-reject'),
|
(6, 1 , 'role','kindboxreq-assign_sender_agent'),
|
||||||
(7, 2 , 'role','kindboxreq-getall');
|
(8, 2 , 'role','kindboxreq-accept'),
|
||||||
|
(9, 2 , 'role','kindboxreq-reject'),
|
||||||
|
(10, 2 , 'role','kindboxreq-getall'),
|
||||||
|
(11, 2 , 'role','kindboxreq-deliver'),
|
||||||
|
(12, 2 , 'role','kindboxreq-assign_sender_agent');
|
||||||
|
|
||||||
-- +migrate Down
|
-- +migrate Down
|
||||||
DELETE
|
DELETE
|
||||||
|
|
Loading…
Reference in New Issue