Merge branch 'main' into cust-search

app/delivery/web/api/restricted/product.go

@@ -103,14 +103,15 @@ func (h *ProductsHandler) ListProducts(c fiber.Ctx) error {
 	return c.JSON(response.Make(&list.Items, int(list.Count), i18n.T_(c, response.Message_OK)))
 }
 
+// These are all the filterable fields
 var columnMappingListProducts map[string]string = map[string]string{
-	"product_id":    "ps.id_product",
-	"name":          "pl.name",
-	"reference":     "p.reference",
-	"category_name": "cl.name",
-	"category_id":   "cp.id_category",
-	"quantity":      "sa.quantity",
-	"is_favorite":   "ps.is_favorite",
+	"product_id":  "bp.product_id",
+	"name":        "bp.name",
+	"reference":   "bp.reference",
+	"category_id": "bp.category_id",
+	"quantity":    "bp.quantity",
+	"is_favorite": "bp.is_favorite",
+	"is_new":      "bp.is_new",
 }
 
 func (h *ProductsHandler) AddToFavorites(c fiber.Ctx) error {

app/delivery/web/api/restricted/productTranslation.go

@@ -4,7 +4,8 @@ import (
 	"strconv"
 
 	"git.ma-al.com/goc_daniel/b2b/app/config"
-	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
 	"git.ma-al.com/goc_daniel/b2b/app/service/productTranslationService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
@@ -35,8 +36,8 @@ func ProductTranslationHandlerRoutes(r fiber.Router) fiber.Router {
 	handler := NewProductTranslationHandler()
 
 	r.Get("/get-product-description", handler.GetProductDescription)
-	r.Post("/save-product-description", handler.SaveProductDescription)
-	r.Get("/translate-product-description", handler.TranslateProductDescription)
+	r.Post("/save-product-description", middleware.Require(perms.ProductTranslationSave), handler.SaveProductDescription)
+	r.Get("/translate-product-description", middleware.Require(perms.ProductTranslationTranslate), handler.TranslateProductDescription)
 
 	return r
 }
@@ -80,12 +81,6 @@ func (h *ProductTranslationHandler) SaveProductDescription(c fiber.Ctx) error {
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
 	}
 
-	userRole, ok := localeExtractor.GetOriginalUserRole(c)
-	if !ok || model.CustomerRole(userRole.Name) != model.RoleAdmin {
-		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrAdminAccessRequired)).
-			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrAdminAccessRequired)))
-	}
-
 	productID_attribute := c.Query("productID")
 	productID, err := strconv.Atoi(productID_attribute)
 	if err != nil {
@@ -123,12 +118,6 @@ func (h *ProductTranslationHandler) TranslateProductDescription(c fiber.Ctx) err
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
 	}
 
-	userRole, ok := localeExtractor.GetOriginalUserRole(c)
-	if !ok || model.CustomerRole(userRole.Name) != model.RoleAdmin {
-		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrAdminAccessRequired)).
-			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrAdminAccessRequired)))
-	}
-
 	productID_attribute := c.Query("productID")
 	productID, err := strconv.Atoi(productID_attribute)
 	if err != nil {

app/delivery/web/api/restricted/search.go

@@ -4,7 +4,8 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
 	"git.ma-al.com/goc_daniel/b2b/app/service/meiliService"
 	searchservice "git.ma-al.com/goc_daniel/b2b/app/service/searchService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
@@ -30,7 +31,7 @@ func NewMeiliSearchHandler() *MeiliSearchHandler {
 func MeiliSearchHandlerRoutes(r fiber.Router) fiber.Router {
 	handler := NewMeiliSearchHandler()
 
-	r.Get("/create-index", handler.CreateIndex)
+	r.Get("/create-index", middleware.Require(perms.SearchCreateIndex), handler.CreateIndex)
 	r.Post("/search", handler.Search)
 	r.Post("/settings", handler.GetSettings)
 
@@ -44,12 +45,6 @@ func (h *MeiliSearchHandler) CreateIndex(c fiber.Ctx) error {
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
 	}
 
-	userRole, ok := localeExtractor.GetOriginalUserRole(c)
-	if !ok || model.CustomerRole(userRole.Name) != model.RoleAdmin {
-		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrAdminAccessRequired)).
-			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrAdminAccessRequired)))
-	}
-
 	err := h.meiliService.CreateIndex(id_lang)
 	if err != nil {
 		fmt.Printf("CreateIndex error: %v\n", err)

app/delivery/web/api/restricted/specificPrice.go

@@ -5,6 +5,7 @@ import (
 
 	"git.ma-al.com/goc_daniel/b2b/app/config"
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
 	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/specificPriceService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
@@ -30,13 +31,13 @@ func NewSpecificPriceHandler() *SpecificPriceHandler {
 func SpecificPriceHandlerRoutes(r fiber.Router) fiber.Router {
 	handler := NewSpecificPriceHandler()
 
-	r.Post("/", middleware.Require("specific_price.manage"), handler.Create)
-	r.Put("/:id", middleware.Require("specific_price.manage"), handler.Update)
-	r.Delete("/:id", middleware.Require("specific_price.manage"), handler.Delete)
-	r.Get("/", middleware.Require("specific_price.manage"), handler.List)
-	r.Get("/:id", middleware.Require("specific_price.manage"), handler.GetByID)
-	r.Patch("/:id/activate", middleware.Require("specific_price.manage"), handler.Activate)
-	r.Patch("/:id/deactivate", middleware.Require("specific_price.manage"), handler.Deactivate)
+	r.Post("/", middleware.Require(perms.SpecificPriceManage), handler.Create)
+	r.Put("/:id", middleware.Require(perms.SpecificPriceManage), handler.Update)
+	r.Delete("/:id", middleware.Require(perms.SpecificPriceManage), handler.Delete)
+	r.Get("/", middleware.Require(perms.SpecificPriceManage), handler.List)
+	r.Get("/:id", middleware.Require(perms.SpecificPriceManage), handler.GetByID)
+	r.Patch("/:id/activate", middleware.Require(perms.SpecificPriceManage), handler.Activate)
+	r.Patch("/:id/deactivate", middleware.Require(perms.SpecificPriceManage), handler.Deactivate)
 
 	return r
 }

app/delivery/web/api/restricted/storage.go

@@ -4,7 +4,8 @@ import (
 	"strconv"
 
 	"git.ma-al.com/goc_daniel/b2b/app/config"
-	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
 	"git.ma-al.com/goc_daniel/b2b/app/service/storageService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
@@ -34,7 +35,7 @@ func StorageHandlerRoutes(r fiber.Router) fiber.Router {
 	r.Get("/download-file/*", handler.DownloadFile)
 
 	// for admins only
-	r.Get("/create-new-webdav-token", handler.CreateNewWebdavToken)
+	r.Get("/create-new-webdav-token", middleware.Require(perms.WebdavCreateToken), handler.CreateNewWebdavToken)
 
 	return r
 }
@@ -84,12 +85,6 @@ func (h *StorageHandler) CreateNewWebdavToken(c fiber.Ctx) error {
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
 	}
 
-	userRole, ok := localeExtractor.GetOriginalUserRole(c)
-	if !ok || model.CustomerRole(userRole.Name) != model.RoleAdmin {
-		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrAdminAccessRequired)).
-			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrAdminAccessRequired)))
-	}
-
 	new_token, err := h.storageService.NewWebdavToken(userID)
 	if err != nil {
 		return c.Status(responseErrors.GetErrorStatus(err)).