add roles routes

This commit is contained in:
2026-07-06 23:32:38 +07:00
parent 728fcc6fda
commit 82ffda5c0a
9 changed files with 1029 additions and 39 deletions
+41 -1
View File
@@ -3,6 +3,7 @@ package app
import (
"context"
"evening_detective_server/internal/modules/processor_jwt"
"evening_detective_server/internal/modules/roles"
"evening_detective_server/internal/services/users_service"
proto "evening_detective_server/proto"
@@ -80,7 +81,7 @@ func (s *server) Refresh(ctx context.Context, req *proto.RefreshReq) (*proto.Ref
func (s *server) GetUsers(ctx context.Context, req *proto.GetUsersReq) (*proto.GetUsersRsp, error) {
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
if !claims.HasRole("admin") {
if !claims.HasRole(roles.Admin) {
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
}
users, err := s.usersService.GetUsers(ctx)
@@ -99,6 +100,19 @@ func (s *server) GetUsers(ctx context.Context, req *proto.GetUsersReq) (*proto.G
}, nil
}
func (s *server) GetUserById(ctx context.Context, req *proto.GetUserByIdReq) (*proto.GetUserByIdRsp, error) {
user, err := s.usersService.GetUserByID(ctx, int(req.Id))
if err != nil {
return &proto.GetUserByIdRsp{
Error: err.Error(),
}, nil
}
return &proto.GetUserByIdRsp{
User: mapUser(user),
}, nil
}
func (s *server) GetMe(ctx context.Context, req *proto.GetMeReq) (*proto.GetMeRsp, error) {
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
user, err := s.usersService.GetUserByID(ctx, claims.UserID)
@@ -112,3 +126,29 @@ func (s *server) GetMe(ctx context.Context, req *proto.GetMeReq) (*proto.GetMeRs
User: mapUser(user),
}, nil
}
func (s *server) AddUserRole(ctx context.Context, req *proto.AddUserRoleReq) (*proto.AddUserRoleRsp, error) {
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
if !claims.HasRole(roles.Admin) {
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
}
if err := s.usersService.AddUserRole(ctx, int(req.Id), req.Role); err != nil {
return &proto.AddUserRoleRsp{
Error: err.Error(),
}, nil
}
return &proto.AddUserRoleRsp{}, nil
}
func (s *server) DeleteUserRole(ctx context.Context, req *proto.DeleteUserRoleReq) (*proto.DeleteUserRoleRsp, error) {
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
if !claims.HasRole(roles.Admin) {
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
}
if err := s.usersService.DeleteUserRole(ctx, int(req.Id), req.Role); err != nil {
return &proto.DeleteUserRoleRsp{
Error: err.Error(),
}, nil
}
return &proto.DeleteUserRoleRsp{}, nil
}
+15
View File
@@ -0,0 +1,15 @@
package roles
const (
Admin = "admin"
Author = "author"
Organizer = "organizer"
User = "user"
)
var AllRoles = []string{
Admin,
Author,
Organizer,
User,
}
+33
View File
@@ -4,6 +4,7 @@ import (
"context"
"errors"
"evening_detective_server/internal/repos"
"fmt"
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgxpool"
@@ -175,3 +176,35 @@ func (s *UsersRepo) GetUsers(
return users, nil
}
func (s *UsersRepo) AddUserRole(
ctx context.Context,
userId int,
role string,
) error {
_, err := s.pool.Exec(
ctx,
`UPDATE users
SET roles = roles || $1::jsonb
WHERE id = $2 AND NOT roles @> $1::jsonb`,
fmt.Sprintf(`["%s"]`, role),
userId,
)
return err
}
func (s *UsersRepo) DeleteUserRole(
ctx context.Context,
userId int,
role string,
) error {
_, err := s.pool.Exec(
ctx,
`UPDATE users
SET roles = roles - $1::text
WHERE id = $2`,
role,
userId,
)
return err
}
@@ -6,10 +6,12 @@ import (
"evening_detective_server/internal/modules/email_sender"
"evening_detective_server/internal/modules/password_generator"
"evening_detective_server/internal/modules/processor_jwt"
"evening_detective_server/internal/modules/roles"
"evening_detective_server/internal/repos"
"evening_detective_server/internal/repos/refresh_tokens_repo"
"evening_detective_server/internal/repos/users_repo"
"fmt"
"slices"
"time"
"golang.org/x/crypto/bcrypt"
@@ -208,3 +210,25 @@ func (s *UsersService) GetUserByID(
}
return user, nil
}
func (s *UsersService) AddUserRole(
ctx context.Context,
userId int,
role string,
) error {
if !slices.Contains(roles.AllRoles, role) {
return fmt.Errorf("role %s not support", role)
}
return s.usersRepo.AddUserRole(ctx, userId, role)
}
func (s *UsersService) DeleteUserRole(
ctx context.Context,
userId int,
role string,
) error {
if !slices.Contains(roles.AllRoles, role) {
return fmt.Errorf("role %s not support", role)
}
return s.usersRepo.DeleteUserRole(ctx, userId, role)
}