Merge branch 'main' of ssh://git.ma-al.com:8822/goc_daniel/b2b into routing-per-role

2026-04-14 13:15:51 +02:00
parent ab783b599d e5988a85f3
commit b33da9d072
24 changed files with 357 additions and 338 deletions
--- a/app/delivery/middleware/auth.go
+++ b/app/delivery/middleware/auth.go
@@ -114,26 +114,6 @@ func Authorize() fiber.Handler {
 	}
 }

-// RequireAdmin creates admin-only middleware
-func RequireAdmin() fiber.Handler {
-	return func(c fiber.Ctx) error {
-		originalUserRole, ok := localeExtractor.GetOriginalUserRole(c)
-		if !ok {
-			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
-				"error": "not authenticated",
-			})
-		}
-
-		if model.CustomerRole(originalUserRole.Name) != model.RoleAdmin {
-			return c.Status(fiber.StatusForbidden).JSON(fiber.Map{
-				"error": "admin access required",
-			})
-		}
-
-		return c.Next()
-	}
-}
-
 // Webdav
 func Webdav() fiber.Handler {
 	authService := authService.NewAuthService()
--- a/app/delivery/middleware/perms/permissions.go
+++ b/app/delivery/middleware/perms/permissions.go
@@ -3,9 +3,13 @@ package perms
 type Permission string

 const (
-	UserReadAny         Permission = "user.read.any"
-	UserWriteAny        Permission = "user.write.any"
-	UserDeleteAny       Permission = "user.delete.any"
-	CurrencyWrite       Permission = "currency.write"
-	SpecificPriceManage Permission = "specific_price.manage"
+	UserReadAny                 Permission = "user.read.any"
+	UserWriteAny                Permission = "user.write.any"
+	UserDeleteAny               Permission = "user.delete.any"
+	CurrencyWrite               Permission = "currency.write"
+	SpecificPriceManage         Permission = "specific_price.manage"
+	WebdavCreateToken           Permission = "webdav.create_token"
+	ProductTranslationSave      Permission = "product_translation.save"
+	ProductTranslationTranslate Permission = "product_translation.translate"
+	SearchCreateIndex           Permission = "search.create_index"
 )