forked from ebhomengo/niki
1
0
Fork 0

fix(niki): update admin routes with authorization's permissions

This commit is contained in:
Iman Mirazimi 2024-05-18 18:15:29 +03:30
parent 26d44dd7eb
commit ec08823901
8 changed files with 26 additions and 18 deletions

View File

@ -20,7 +20,7 @@ import (
// @Success 200 {object} param.KindBoxReqGetAllResponse // @Success 200 {object} param.KindBoxReqGetAllResponse
// @Failure 400 {string} "Bad request" // @Failure 400 {string} "Bad request"
// @Security AuthBearerAdmin // @Security AuthBearerAdmin
// @Router /admin/kindboxreqs/ [get] // @Router /admin/kindboxreqs [get]
func (h Handler) GetAll(c echo.Context) error { func (h Handler) GetAll(c echo.Context) error {
var req param.KindBoxReqGetAllRequest var req param.KindBoxReqGetAllRequest
if bErr := c.Bind(&req); bErr != nil { if bErr := c.Bind(&req); bErr != nil {

View File

@ -9,10 +9,10 @@ import (
func (h Handler) SetRoutes(e *echo.Echo) { func (h Handler) SetRoutes(e *echo.Echo) {
r := e.Group("/admin/kindboxreqs") r := e.Group("/admin/kindboxreqs")
// todo - add acl r.Use(middleware.Auth(h.authSvc, h.authConfig))
r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission)) r.PATCH("/accept-kind-box-req/:id", h.Accept, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAcceptPermission))
r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission)) r.PATCH("/reject-kind-box-req/:id", h.Reject, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqRejectPermission))
r.PATCH("/deliver-kind-box-req/:id", h.Deliver) r.PATCH("/deliver-kind-box-req/:id", h.Deliver, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqDeliverPermission))
r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent) r.PATCH("/assign-sender-agent/:id", h.AssignSenderAgent, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqAssignSenderAgentPermission))
r.GET("/", h.GetAll, middleware.Auth(h.authSvc, h.authConfig), middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission)) r.GET("", h.GetAll, middleware.AdminAuthorization(h.adminAuthorizeSvc, entity.AdminKindBoxReqGetAllPermission))
} }

View File

@ -116,7 +116,7 @@ const docTemplate = `{
} }
} }
}, },
"/admin/kindboxreqs/": { "/admin/kindboxreqs": {
"get": { "get": {
"security": [ "security": [
{ {

View File

@ -105,7 +105,7 @@
} }
} }
}, },
"/admin/kindboxreqs/": { "/admin/kindboxreqs": {
"get": { "get": {
"security": [ "security": [
{ {

View File

@ -544,7 +544,7 @@ paths:
summary: Get all provinces summary: Get all provinces
tags: tags:
- Address - Address
/admin/kindboxreqs/: /admin/kindboxreqs:
get: get:
consumes: consumes:
- application/json - application/json

View File

@ -7,4 +7,6 @@ const (
AdminKindBoxReqAcceptPermission = AdminPermission("kindboxreq-accept") AdminKindBoxReqAcceptPermission = AdminPermission("kindboxreq-accept")
AdminKindBoxReqRejectPermission = AdminPermission("kindboxreq-reject") AdminKindBoxReqRejectPermission = AdminPermission("kindboxreq-reject")
AdminKindBoxReqGetAllPermission = AdminPermission("kindboxreq-getall") AdminKindBoxReqGetAllPermission = AdminPermission("kindboxreq-getall")
AdminKindBoxReqDeliverPermission = AdminPermission("kindboxreq-deliver")
AdminKindBoxReqAssignSenderAgentPermission = AdminPermission("kindboxreq-assign_sender_agent")
) )

View File

@ -4,7 +4,9 @@ ALTER TABLE `admin_access_controls` MODIFY COLUMN `permission`
'admin-register', 'admin-register',
'kindboxreq-accept', 'kindboxreq-accept',
'kindboxreq-reject', 'kindboxreq-reject',
'kindboxreq-getall' 'kindboxreq-getall',
'kindboxreq-deliver',
'kindboxreq-assign_sender_agent'
) NOT NULL; ) NOT NULL;
-- +migrate Down -- +migrate Down

View File

@ -5,9 +5,13 @@ INSERT INTO `admin_access_controls` (`id`, `actor_id`, `actor_type`,`permission`
(2, 1 , 'role','kindboxreq-accept'), (2, 1 , 'role','kindboxreq-accept'),
(3, 1 , 'role','kindboxreq-reject'), (3, 1 , 'role','kindboxreq-reject'),
(4, 1 , 'role','kindboxreq-getall'), (4, 1 , 'role','kindboxreq-getall'),
(5, 2 , 'role','kindboxreq-accept'), (5, 1 , 'role','kindboxreq-deliver'),
(6, 2 , 'role','kindboxreq-reject'), (6, 1 , 'role','kindboxreq-assign_sender_agent'),
(7, 2 , 'role','kindboxreq-getall'); (8, 2 , 'role','kindboxreq-accept'),
(9, 2 , 'role','kindboxreq-reject'),
(10, 2 , 'role','kindboxreq-getall'),
(11, 2 , 'role','kindboxreq-deliver'),
(12, 2 , 'role','kindboxreq-assign_sender_agent');
-- +migrate Down -- +migrate Down
DELETE DELETE