feat: roles, permissions

app/delivery/middleware/auth.go

@@ -63,7 +63,7 @@ func AuthMiddleware() fiber.Handler {
 		// Set user in context
 		c.Locals(constdata.USER_LOCALES_NAME, user.ToSession())
 		c.Locals(constdata.USER_LOCALES_ID, user.ID)
-
+		c.Locals(constdata.LANG_LOCALES_ID, user.LangID)
 		return c.Next()
 	}
 }
@@ -85,7 +85,7 @@ func RequireAdmin() fiber.Handler {
 			})
 		}
 
-		if userSession.Role != model.RoleAdmin {
+		if model.CustomerRole(userSession.RoleName) != model.RoleAdmin {
 			return c.Status(fiber.StatusForbidden).JSON(fiber.Map{
 				"error": "admin access required",
 			})

app/delivery/middleware/permissions.go

@@ -0,0 +1,28 @@
+package middleware
+
+import (
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
+	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"github.com/gofiber/fiber/v3"
+)
+
+func Require(p perms.Permission) fiber.Handler {
+	return func(c fiber.Ctx) error {
+		u := c.Locals("user")
+		if u == nil {
+			return c.SendStatus(fiber.StatusUnauthorized)
+		}
+
+		user, ok := u.(*model.UserSession)
+		if !ok {
+			return c.SendStatus(fiber.StatusInternalServerError)
+		}
+
+		for _, perm := range user.Permissions {
+			if perm == p {
+				return c.Next()
+			}
+		}
+		return c.SendStatus(fiber.StatusForbidden)
+	}
+}

app/delivery/middleware/perms/permissions.go

@@ -0,0 +1,11 @@
+package perms
+
+type Permission string
+
+const (
+	UserRead      Permission = "user.read"
+	UserWrite     Permission = "user.write"
+	UserReadAny   Permission = "user.read.any"
+	UserWriteAny  Permission = "user.write.any"
+	UserDeleteAny Permission = "user.delete.any"
+)

app/delivery/web/api/public/auth.go

@@ -360,7 +360,7 @@ func (h *AuthHandler) UpdateJWTToken(c fiber.Ctx) error {
 	user := model.Customer{
 		ID:        userLocals.UserID,
 		Email:     userLocals.Email,
-		Role:      userLocals.Role,
+		Role:      model.Role{ID: userLocals.RoleID, Name: userLocals.RoleName},
 		LangID:    userLocals.LangID,
 		CountryID: userLocals.CountryID,
 		IsActive:  userLocals.IsActive,

app/delivery/web/api/restricted/customer.go

@@ -0,0 +1,70 @@
+package restricted
+
+import (
+	"strconv"
+
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
+	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/service/customerService"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
+	"github.com/gofiber/fiber/v3"
+)
+
+type customerHandler struct {
+	service *customerService.CustomerService
+}
+
+func NewCustomerHandler() *customerHandler {
+	customerService := customerService.New()
+	return &customerHandler{
+		service: customerService,
+	}
+}
+
+func CustomerHandlerRoutes(r fiber.Router) fiber.Router {
+	handler := NewCustomerHandler()
+
+	r.Get("", handler.customerData)
+	return r
+}
+
+func (h *customerHandler) customerData(fc fiber.Ctx) error {
+	var customerId uint
+	customerIdStr := fc.Query("id")
+	if customerIdStr != "" {
+		user, ok := fc.Locals("user").(*model.UserSession)
+		if !ok {
+			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
+		}
+		id, err := strconv.ParseUint(customerIdStr, 10, 64)
+		if err != nil {
+			return fiber.ErrBadRequest
+		}
+
+		if user.UserID != uint(id) && !user.HasPermission(perms.UserReadAny) {
+			return fc.Status(fiber.StatusForbidden).
+				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrForbidden)))
+		}
+
+		customerId = uint(id)
+	} else {
+		id, ok := fc.Locals("userID").(uint)
+		if !ok {
+			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
+		}
+		customerId = id
+	}
+
+	customer, err := h.service.GetById(customerId)
+	if err != nil {
+		return fc.Status(responseErrors.GetErrorStatus(err)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, err)))
+	}
+
+	return fc.JSON(response.Make(&customer, 0, i18n.T_(fc, response.Message_OK)))
+}

app/delivery/web/api/restricted/menu.go

@@ -1,6 +1,7 @@
 package restricted
 
 import (
+	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/menuService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
@@ -45,12 +46,12 @@ func (h *MenuHandler) GetMenu(c fiber.Ctx) error {
 }
 
 func (h *MenuHandler) GetTopMenu(c fiber.Ctx) error {
-	lang_id, ok := c.Locals("langID").(uint)
+	session, ok := c.Locals("user").(*model.UserSession)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
 	}
-	menu, err := h.menuService.GetTopMenu(lang_id)
+	menu, err := h.menuService.GetTopMenu(session.LangID, session.RoleID)
 	if err != nil {
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))

app/delivery/web/api/restricted/product.go

@@ -1,10 +1,12 @@
 package restricted
 
 import (
+	"fmt"
 	"strconv"
 
 	"git.ma-al.com/goc_daniel/b2b/app/config"
 	"git.ma-al.com/goc_daniel/b2b/app/service/productService"
+	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
@@ -30,7 +32,7 @@ func ProductsHandlerRoutes(r fiber.Router) fiber.Router {
 	handler := NewProductsHandler()
 
 	//TODO: WIP doesn't work yet
-	r.Get("/product/:id/:country_id/:quantity", handler.GetProductJson)
+	r.Get("/:id/:country_id/:quantity", handler.GetProductJson)
 
 	return r
 }
@@ -60,19 +62,18 @@ func (h *ProductsHandler) GetProductJson(c fiber.Ctx) error {
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
 
-	id_lang, ok := c.Locals("lang_id").(int)
+	p_id_customer, ok := c.Locals(constdata.USER_LOCALES_ID).(uint)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
 	}
-
-	p_id_customer, ok := c.Locals("user_id").(int)
+	fmt.Printf("p_id_customer: %v\n", p_id_customer)
+	id_lang, ok := c.Locals(constdata.LANG_LOCALES_ID).(uint)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
 	}
-
-	productJson, err := h.productService.GetJSON(p_id_product, id_lang, p_id_customer, b2b_id_country, p_quantity)
+	productJson, err := h.productService.GetJSON(p_id_product, int(id_lang), int(p_id_customer), b2b_id_country, p_quantity)
 	if err != nil {
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))

app/delivery/web/init.go

@@ -90,6 +90,9 @@ func (s *Server) Setup() error {
 	menuRouting := s.public.Group("/menu")
 	public.RoutingHandlerRoutes(menuRouting)
 
+	pCustomer := s.restricted.Group("/customer")
+	restricted.CustomerHandlerRoutes(pCustomer)
+
 	// product translation routes (restricted)
 	productTranslation := s.restricted.Group("/product-translation")
 	restricted.ProductTranslationHandlerRoutes(productTranslation)
@@ -98,7 +101,8 @@ func (s *Server) Setup() error {
 	list := s.restricted.Group("/list")
 	restricted.ListHandlerRoutes(list)
 
-	restricted.ProductsHandlerRoutes(s.restricted)
+	product := s.restricted.Group("/product")
+	restricted.ProductsHandlerRoutes(product)
 
 	// locale selector (restricted)
 	// this is basically for changing user's selected language and country