chore: adapt code to new teleport feature

app/delivery/web/api/restricted/customer.go

@@ -4,9 +4,9 @@ import (
 	"strconv"
 
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
-	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/customerService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -28,37 +28,34 @@ func CustomerHandlerRoutes(r fiber.Router) fiber.Router {
 	handler := NewCustomerHandler()
 
 	r.Get("", handler.customerData)
-	r.Get("/list", handler.listCustomers)
+	// r.Get("/list", handler.listCustomers)
 	return r
 }
 
 func (h *customerHandler) customerData(fc fiber.Ctx) error {
 	var customerId uint
+
+	user, ok := localeExtractor.GetCustomer(fc)
+	if !ok || user == nil {
+		return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
+	}
+
 	customerIdStr := fc.Query("id")
 	if customerIdStr != "" {
-		user, ok := fc.Locals("user").(*model.UserSession)
-		if !ok {
-			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
-				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
-		}
 		id, err := strconv.ParseUint(customerIdStr, 10, 64)
 		if err != nil {
 			return fiber.ErrBadRequest
 		}
 
-		if user.UserID != uint(id) && !user.HasPermission(perms.UserReadAny) {
+		if user.ID != uint(id) && !user.HasPermission(perms.UserReadAny) {
 			return fc.Status(fiber.StatusForbidden).
 				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrForbidden)))
 		}
 
 		customerId = uint(id)
 	} else {
-		id, ok := fc.Locals("userID").(uint)
+		customerId = user.ID
-		if !ok {
-			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
-				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
-		}
-		customerId = id
 	}
 
 	customer, err := h.service.GetById(customerId)
@@ -70,40 +67,41 @@ func (h *customerHandler) customerData(fc fiber.Ctx) error {
 	return fc.JSON(response.Make(&customer, 0, i18n.T_(fc, response.Message_OK)))
 }
 
-func (h *customerHandler) listCustomers(fc fiber.Ctx) error {
+// func (h *customerHandler) listCustomers(fc fiber.Ctx) error {
-	var customerId uint
+// 	var customerId uint
-	customerIdStr := fc.Query("id")
+// 	customerIdStr := fc.Query("id")
-	if customerIdStr != "" {
+// 	if customerIdStr != "" {
-		user, ok := fc.Locals("user").(*model.UserSession)
-		if !ok {
-			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
-				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
-		}
-		id, err := strconv.ParseUint(customerIdStr, 10, 64)
-		if err != nil {
-			return fiber.ErrBadRequest
-		}
 
-		if user.UserID != uint(id) && !user.HasPermission(perms.UserReadAny) {
+// 		user, ok := localeExtractor.GetCustomer(fc)
-			return fc.Status(fiber.StatusForbidden).
+// 		if !ok || user == nil {
-				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrForbidden)))
+// 			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
-		}
+// 				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
+// 		}
+// 		id, err := strconv.ParseUint(customerIdStr, 10, 64)
+// 		if err != nil {
+// 			return fiber.ErrBadRequest
+// 		}
 
-		customerId = uint(id)
+// 		if user.UserID != uint(id) && !user.HasPermission(perms.UserReadAny) {
-	} else {
+// 			return fc.Status(fiber.StatusForbidden).
-		id, ok := fc.Locals("userID").(uint)
+// 				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrForbidden)))
-		if !ok {
+// 		}
-			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
-				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
-		}
-		customerId = id
-	}
 
-	customer, err := h.service.GetById(customerId)
+// 		customerId = uint(id)
-	if err != nil {
+// 	} else {
-		return fc.Status(responseErrors.GetErrorStatus(err)).
+// 		id, ok := fc.Locals("userID").(uint)
-			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, err)))
+// 		if !ok {
-	}
+// 			return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+// 				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
+// 		}
+// 		customerId = id
+// 	}
 
-	return fc.JSON(response.Make(&customer, 0, i18n.T_(fc, response.Message_OK)))
+// 	customer, err := h.service.GetById(customerId)
-}
+// 	if err != nil {
+// 		return fc.Status(responseErrors.GetErrorStatus(err)).
+// 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, err)))
+// 	}
+
+// 	return fc.JSON(response.Make(&customer, 0, i18n.T_(fc, response.Message_OK)))
+// }

app/model/customer.go

@@ -34,6 +34,15 @@ type Customer struct {
 	DeletedAt                gorm.DeletedAt `gorm:"index" json:"-"`
 }
 
+func (u *Customer) HasPermission(permission perms.Permission) bool {
+	for _, p := range u.Role.Permissions {
+		if p.Name == permission {
+			return true
+		}
+	}
+	return false
+}
+
 // AuthProvider represents the authentication provider
 type AuthProvider string
 

app/model/role.go

@@ -3,7 +3,7 @@ package model
 type Role struct {
 	ID          uint         `gorm:"primaryKey" json:"id"`
 	Name        string       `gorm:"size:64" json:"name"`
-	Permissions []Permission `gorm:"many2many:b2b_role_permissions;" json:"-"`
+	Permissions []Permission `gorm:"many2many:b2b_role_permissions;" json:"permissions"`
 }
 
 func (Role) TableName() string {

app/repos/customerRepo/customerRepo.go

@@ -19,7 +19,7 @@ func (repo *CustomerRepo) Get(id uint) (*model.Customer, error) {
 	var customer model.Customer
 
 	err := db.DB.
-		Preload("Role").
+		Preload("Role.Permissions").
 		First(&customer, id).
 		Error
 

bruno/api_v1/customer/Customer (me).yml

@@ -5,11 +5,7 @@ info:
 
 http:
   method: GET
-  url: "{{bas_url}}/restricted/customer?id=1"
+  url: "{{bas_url}}/restricted/customer"
-  params:
-    - name: id
-      value: "1"
-      type: query
   auth: inherit
 
 settings:

i18n/migrations/20260302163123_create_tables_data.sql

@@ -35,5 +35,12 @@ INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('2', 'user.write.any');
 INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('3', 'user.delete.any');
 INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('4', 'currency.write');
 
-
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '1');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '2');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '3');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '4');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '1');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '2');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '3');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '4');
 -- +goose Down