From 76ca2a2eed98f89f080e70165e755b6c64ca44b1 Mon Sep 17 00:00:00 2001
From: Wiktor <dudzic_wiktor@ma-al.com>
Date: Fri, 3 Apr 2026 15:58:35 +0200
Subject: [PATCH] chore: adapt code to new teleport feature

---
 app/delivery/web/api/restricted/customer.go   | 92 +++++++++----------
 app/model/customer.go                         |  9 ++
 app/model/role.go                             |  2 +-
 app/repos/customerRepo/customerRepo.go        |  2 +-
 bruno/api_v1/customer/Customer (me).yml       |  6 +-
 .../20260302163123_create_tables_data.sql     |  9 +-
 6 files changed, 65 insertions(+), 55 deletions(-)

diff --git a/app/delivery/web/api/restricted/customer.go b/app/delivery/web/api/restricted/customer.go
index 039efcb..da8a7e5 100644
--- a/app/delivery/web/api/restricted/customer.go
+++ b/app/delivery/web/api/restricted/customer.go
@@ -4,9 +4,9 @@ import (
 	"strconv"
 
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
-	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/customerService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -28,37 +28,34 @@ func CustomerHandlerRoutes(r fiber.Router) fiber.Router {
 	handler := NewCustomerHandler()
 
 	r.Get("", handler.customerData)
-	r.Get("/list", handler.listCustomers)
+	// r.Get("/list", handler.listCustomers)
 	return r
 }
 
 func (h *customerHandler) customerData(fc fiber.Ctx) error {
 	var customerId uint
+
+	user, ok := localeExtractor.GetCustomer(fc)
+	if !ok || user == nil {
+		return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
+	}
+
 	customerIdStr := fc.Query("id")
 	if customerIdStr != "" {
-		user, ok := fc.Locals("user").(*model.UserSession)
-		if !ok {
-			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
-				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
-		}
 		id, err := strconv.ParseUint(customerIdStr, 10, 64)
 		if err != nil {
 			return fiber.ErrBadRequest
 		}
 
-		if user.UserID != uint(id) && !user.HasPermission(perms.UserReadAny) {
+		if user.ID != uint(id) && !user.HasPermission(perms.UserReadAny) {
 			return fc.Status(fiber.StatusForbidden).
 				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrForbidden)))
 		}
 
 		customerId = uint(id)
 	} else {
-		id, ok := fc.Locals("userID").(uint)
-		if !ok {
-			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
-				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
-		}
-		customerId = id
+		customerId = user.ID
 	}
 
 	customer, err := h.service.GetById(customerId)
@@ -70,40 +67,41 @@ func (h *customerHandler) customerData(fc fiber.Ctx) error {
 	return fc.JSON(response.Make(&customer, 0, i18n.T_(fc, response.Message_OK)))
 }
 
-func (h *customerHandler) listCustomers(fc fiber.Ctx) error {
-	var customerId uint
-	customerIdStr := fc.Query("id")
-	if customerIdStr != "" {
-		user, ok := fc.Locals("user").(*model.UserSession)
-		if !ok {
-			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
-				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
-		}
-		id, err := strconv.ParseUint(customerIdStr, 10, 64)
-		if err != nil {
-			return fiber.ErrBadRequest
-		}
+// func (h *customerHandler) listCustomers(fc fiber.Ctx) error {
+// 	var customerId uint
+// 	customerIdStr := fc.Query("id")
+// 	if customerIdStr != "" {
 
-		if user.UserID != uint(id) && !user.HasPermission(perms.UserReadAny) {
-			return fc.Status(fiber.StatusForbidden).
-				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrForbidden)))
-		}
+// 		user, ok := localeExtractor.GetCustomer(fc)
+// 		if !ok || user == nil {
+// 			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+// 				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
+// 		}
+// 		id, err := strconv.ParseUint(customerIdStr, 10, 64)
+// 		if err != nil {
+// 			return fiber.ErrBadRequest
+// 		}
 
-		customerId = uint(id)
-	} else {
-		id, ok := fc.Locals("userID").(uint)
-		if !ok {
-			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
-				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
-		}
-		customerId = id
-	}
+// 		if user.UserID != uint(id) && !user.HasPermission(perms.UserReadAny) {
+// 			return fc.Status(fiber.StatusForbidden).
+// 				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrForbidden)))
+// 		}
 
-	customer, err := h.service.GetById(customerId)
-	if err != nil {
-		return fc.Status(responseErrors.GetErrorStatus(err)).
-			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, err)))
-	}
+// 		customerId = uint(id)
+// 	} else {
+// 		id, ok := fc.Locals("userID").(uint)
+// 		if !ok {
+// 			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+// 				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
+// 		}
+// 		customerId = id
+// 	}
 
-	return fc.JSON(response.Make(&customer, 0, i18n.T_(fc, response.Message_OK)))
-}
+// 	customer, err := h.service.GetById(customerId)
+// 	if err != nil {
+// 		return fc.Status(responseErrors.GetErrorStatus(err)).
+// 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, err)))
+// 	}
+
+// 	return fc.JSON(response.Make(&customer, 0, i18n.T_(fc, response.Message_OK)))
+// }
diff --git a/app/model/customer.go b/app/model/customer.go
index d036e5b..ccf2fe5 100644
--- a/app/model/customer.go
+++ b/app/model/customer.go
@@ -34,6 +34,15 @@ type Customer struct {
 	DeletedAt                gorm.DeletedAt `gorm:"index" json:"-"`
 }
 
+func (u *Customer) HasPermission(permission perms.Permission) bool {
+	for _, p := range u.Role.Permissions {
+		if p.Name == permission {
+			return true
+		}
+	}
+	return false
+}
+
 // AuthProvider represents the authentication provider
 type AuthProvider string
 
diff --git a/app/model/role.go b/app/model/role.go
index 3c663b5..2ea0789 100644
--- a/app/model/role.go
+++ b/app/model/role.go
@@ -3,7 +3,7 @@ package model
 type Role struct {
 	ID          uint         `gorm:"primaryKey" json:"id"`
 	Name        string       `gorm:"size:64" json:"name"`
-	Permissions []Permission `gorm:"many2many:b2b_role_permissions;" json:"-"`
+	Permissions []Permission `gorm:"many2many:b2b_role_permissions;" json:"permissions"`
 }
 
 func (Role) TableName() string {
diff --git a/app/repos/customerRepo/customerRepo.go b/app/repos/customerRepo/customerRepo.go
index 058d5fd..b46890f 100644
--- a/app/repos/customerRepo/customerRepo.go
+++ b/app/repos/customerRepo/customerRepo.go
@@ -19,7 +19,7 @@ func (repo *CustomerRepo) Get(id uint) (*model.Customer, error) {
 	var customer model.Customer
 
 	err := db.DB.
-		Preload("Role").
+		Preload("Role.Permissions").
 		First(&customer, id).
 		Error
 
diff --git a/bruno/api_v1/customer/Customer (me).yml b/bruno/api_v1/customer/Customer (me).yml
index 253bead..891919e 100644
--- a/bruno/api_v1/customer/Customer (me).yml	
+++ b/bruno/api_v1/customer/Customer (me).yml	
@@ -5,11 +5,7 @@ info:
 
 http:
   method: GET
-  url: "{{bas_url}}/restricted/customer?id=1"
-  params:
-    - name: id
-      value: "1"
-      type: query
+  url: "{{bas_url}}/restricted/customer"
   auth: inherit
 
 settings:
diff --git a/i18n/migrations/20260302163123_create_tables_data.sql b/i18n/migrations/20260302163123_create_tables_data.sql
index ce62f1b..dafebf7 100644
--- a/i18n/migrations/20260302163123_create_tables_data.sql
+++ b/i18n/migrations/20260302163123_create_tables_data.sql
@@ -35,5 +35,12 @@ INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('2', 'user.write.any');
 INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('3', 'user.delete.any');
 INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('4', 'currency.write');
 
-
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '1');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '2');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '3');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '4');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '1');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '2');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '3');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '4');
 -- +goose Down
\ No newline at end of file