generated from VLADIMIR/template
add roles routes
This commit is contained in:
+41
-1
@@ -3,6 +3,7 @@ package app
|
||||
import (
|
||||
"context"
|
||||
"evening_detective_server/internal/modules/processor_jwt"
|
||||
"evening_detective_server/internal/modules/roles"
|
||||
"evening_detective_server/internal/services/users_service"
|
||||
proto "evening_detective_server/proto"
|
||||
|
||||
@@ -80,7 +81,7 @@ func (s *server) Refresh(ctx context.Context, req *proto.RefreshReq) (*proto.Ref
|
||||
|
||||
func (s *server) GetUsers(ctx context.Context, req *proto.GetUsersReq) (*proto.GetUsersRsp, error) {
|
||||
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
|
||||
if !claims.HasRole("admin") {
|
||||
if !claims.HasRole(roles.Admin) {
|
||||
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
|
||||
}
|
||||
users, err := s.usersService.GetUsers(ctx)
|
||||
@@ -99,6 +100,19 @@ func (s *server) GetUsers(ctx context.Context, req *proto.GetUsersReq) (*proto.G
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (s *server) GetUserById(ctx context.Context, req *proto.GetUserByIdReq) (*proto.GetUserByIdRsp, error) {
|
||||
user, err := s.usersService.GetUserByID(ctx, int(req.Id))
|
||||
if err != nil {
|
||||
return &proto.GetUserByIdRsp{
|
||||
Error: err.Error(),
|
||||
}, nil
|
||||
}
|
||||
|
||||
return &proto.GetUserByIdRsp{
|
||||
User: mapUser(user),
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (s *server) GetMe(ctx context.Context, req *proto.GetMeReq) (*proto.GetMeRsp, error) {
|
||||
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
|
||||
user, err := s.usersService.GetUserByID(ctx, claims.UserID)
|
||||
@@ -112,3 +126,29 @@ func (s *server) GetMe(ctx context.Context, req *proto.GetMeReq) (*proto.GetMeRs
|
||||
User: mapUser(user),
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (s *server) AddUserRole(ctx context.Context, req *proto.AddUserRoleReq) (*proto.AddUserRoleRsp, error) {
|
||||
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
|
||||
if !claims.HasRole(roles.Admin) {
|
||||
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
|
||||
}
|
||||
if err := s.usersService.AddUserRole(ctx, int(req.Id), req.Role); err != nil {
|
||||
return &proto.AddUserRoleRsp{
|
||||
Error: err.Error(),
|
||||
}, nil
|
||||
}
|
||||
return &proto.AddUserRoleRsp{}, nil
|
||||
}
|
||||
|
||||
func (s *server) DeleteUserRole(ctx context.Context, req *proto.DeleteUserRoleReq) (*proto.DeleteUserRoleRsp, error) {
|
||||
claims := ctx.Value("claims").(*processor_jwt.JWTClaims)
|
||||
if !claims.HasRole(roles.Admin) {
|
||||
return nil, status.Errorf(codes.PermissionDenied, "permission denied")
|
||||
}
|
||||
if err := s.usersService.DeleteUserRole(ctx, int(req.Id), req.Role); err != nil {
|
||||
return &proto.DeleteUserRoleRsp{
|
||||
Error: err.Error(),
|
||||
}, nil
|
||||
}
|
||||
return &proto.DeleteUserRoleRsp{}, nil
|
||||
}
|
||||
|
||||
@@ -0,0 +1,15 @@
|
||||
package roles
|
||||
|
||||
const (
|
||||
Admin = "admin"
|
||||
Author = "author"
|
||||
Organizer = "organizer"
|
||||
User = "user"
|
||||
)
|
||||
|
||||
var AllRoles = []string{
|
||||
Admin,
|
||||
Author,
|
||||
Organizer,
|
||||
User,
|
||||
}
|
||||
@@ -4,6 +4,7 @@ import (
|
||||
"context"
|
||||
"errors"
|
||||
"evening_detective_server/internal/repos"
|
||||
"fmt"
|
||||
|
||||
"github.com/jackc/pgx/v5"
|
||||
"github.com/jackc/pgx/v5/pgxpool"
|
||||
@@ -175,3 +176,35 @@ func (s *UsersRepo) GetUsers(
|
||||
|
||||
return users, nil
|
||||
}
|
||||
|
||||
func (s *UsersRepo) AddUserRole(
|
||||
ctx context.Context,
|
||||
userId int,
|
||||
role string,
|
||||
) error {
|
||||
_, err := s.pool.Exec(
|
||||
ctx,
|
||||
`UPDATE users
|
||||
SET roles = roles || $1::jsonb
|
||||
WHERE id = $2 AND NOT roles @> $1::jsonb`,
|
||||
fmt.Sprintf(`["%s"]`, role),
|
||||
userId,
|
||||
)
|
||||
return err
|
||||
}
|
||||
|
||||
func (s *UsersRepo) DeleteUserRole(
|
||||
ctx context.Context,
|
||||
userId int,
|
||||
role string,
|
||||
) error {
|
||||
_, err := s.pool.Exec(
|
||||
ctx,
|
||||
`UPDATE users
|
||||
SET roles = roles - $1::text
|
||||
WHERE id = $2`,
|
||||
role,
|
||||
userId,
|
||||
)
|
||||
return err
|
||||
}
|
||||
|
||||
@@ -6,10 +6,12 @@ import (
|
||||
"evening_detective_server/internal/modules/email_sender"
|
||||
"evening_detective_server/internal/modules/password_generator"
|
||||
"evening_detective_server/internal/modules/processor_jwt"
|
||||
"evening_detective_server/internal/modules/roles"
|
||||
"evening_detective_server/internal/repos"
|
||||
"evening_detective_server/internal/repos/refresh_tokens_repo"
|
||||
"evening_detective_server/internal/repos/users_repo"
|
||||
"fmt"
|
||||
"slices"
|
||||
"time"
|
||||
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
@@ -208,3 +210,25 @@ func (s *UsersService) GetUserByID(
|
||||
}
|
||||
return user, nil
|
||||
}
|
||||
|
||||
func (s *UsersService) AddUserRole(
|
||||
ctx context.Context,
|
||||
userId int,
|
||||
role string,
|
||||
) error {
|
||||
if !slices.Contains(roles.AllRoles, role) {
|
||||
return fmt.Errorf("role %s not support", role)
|
||||
}
|
||||
return s.usersRepo.AddUserRole(ctx, userId, role)
|
||||
}
|
||||
|
||||
func (s *UsersService) DeleteUserRole(
|
||||
ctx context.Context,
|
||||
userId int,
|
||||
role string,
|
||||
) error {
|
||||
if !slices.Contains(roles.AllRoles, role) {
|
||||
return fmt.Errorf("role %s not support", role)
|
||||
}
|
||||
return s.usersRepo.DeleteUserRole(ctx, userId, role)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user