Merge pull request 'order-actions' (#79) from order-actions into main

Reviewed-on: #79
Reviewed-by: goc_daniel <goc_daniel@ma-al.com>

.env

@@ -63,4 +63,7 @@ FILE_MAAL_PL_PASSWORD=1FnwqcEgIUjQHjt1
 IMAGE_PREFIX=https://www.naluconcept.com # remove prefix to serv them from same host as presta
 CORS_ORGIN=https://www.naluconcept.com
 
-DSN=root:Maal12345678@tcp(localhost:3306)/nalu
+DSN=root:Maal12345678@tcp(localhost:3306)/nalu
+
+LOG_LEVEL=warn
+LOG_COLORIZE=true

app/actions/orderStatusActions/examples.go

@@ -0,0 +1,116 @@
+package orderStatusActions
+
+// func init() {
+// 	GlobalRegistry.Register(enums.OrderStatusConfirmed, ActionChain{
+// 		SendOrderConfirmationEmail,
+// 		NotifyInventorySystem,
+// 	})
+
+// 	GlobalRegistry.Register(enums.OrderStatusProcessing, ActionChain{
+// 		NotifyWarehouse,
+// 		ReserveInventory,
+// 	})
+
+// 	GlobalRegistry.Register(enums.OrderStatusShipped, ActionChain{
+// 		NotifyWarehouseShipped,
+// 		GenerateTrackingNumber,
+// 		SendShippingNotificationEmail,
+// 	})
+
+// 	GlobalRegistry.Register(enums.OrderStatusDelivered, ActionChain{
+// 		SendDeliveryConfirmationEmail,
+// 		NotifyFulfillmentComplete,
+// 	})
+
+// 	GlobalRegistry.Register(enums.OrderStatusCancelled, ActionChain{
+// 		SendCancellationEmail,
+// 		ReleaseInventory,
+// 		ProcessRefund,
+// 	})
+
+// 	GlobalRegistry.Register(enums.OrderStatusReturned, ActionChain{
+// 		SendReturnConfirmationEmail,
+// 		NotifyReturnsDepartment,
+// 	})
+
+// 	GlobalRegistry.Register(enums.OrderStatusRefunded, ActionChain{
+// 		NotifyRefundProcessed,
+// 	})
+
+// 	GlobalRegistry.Register(enums.OrderStatusPending, ActionChain{})
+// }
+
+// var SendOrderConfirmationEmail = WithID("send_order_confirmation_email", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Sending order confirmation email for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var NotifyInventorySystem = WithID("notify_inventory_system", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Notifying inventory system for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var NotifyWarehouse = WithID("notify_warehouse", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Notifying warehouse for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var ReserveInventory = WithID("reserve_inventory", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Reserving inventory for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var NotifyWarehouseShipped = WithID("notify_warehouse_shipped", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Notifying warehouse of shipment for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var GenerateTrackingNumber = WithID("generate_tracking_number", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Generating tracking number for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var SendShippingNotificationEmail = WithID("send_shipping_notification_email", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Sending shipping notification email for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var SendDeliveryConfirmationEmail = WithID("send_delivery_confirmation_email", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Sending delivery confirmation email for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var NotifyFulfillmentComplete = WithID("notify_fulfillment_complete", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Notifying fulfillment complete for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var SendCancellationEmail = WithID("send_cancellation_email", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Sending cancellation email for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var ReleaseInventory = WithID("release_inventory", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Releasing inventory for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var ProcessRefund = WithID("process_refund", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Processing refund for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var SendReturnConfirmationEmail = WithID("send_return_confirmation_email", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Sending return confirmation email for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var NotifyReturnsDepartment = WithID("notify_returns_department", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Notifying returns department for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })
+
+// var NotifyRefundProcessed = WithID("notify_refund_processed", func(actionCtx ActionContext) ActionResult {
+// 	log.Printf("Notifying refund processed for order %d", actionCtx.OrderId)
+// 	return ActionResult{Err: nil}
+// })

app/actions/orderStatusActions/pending.go

@@ -0,0 +1,21 @@
+package orderStatusActions
+
+import (
+	"fmt"
+
+	"git.ma-al.com/goc_daniel/b2b/app/model/enums"
+)
+
+func init() {
+	var sendNewOrderEmail = WithID("send_new_order_email", func(actionCtx ActionContext) ActionResult {
+
+		if actionCtx.EmailService == nil {
+			return ActionResult{Err: fmt.Errorf("emailService not provided")}
+		}
+		return ActionResult{Err: actionCtx.EmailService.SendNewOrderPlacedNotification(*actionCtx.UserId)}
+	})
+
+	GlobalRegistry.Register(enums.OrderStatusPending, ActionChain{
+		sendNewOrderEmail,
+	})
+}

app/actions/orderStatusActions/registry.go

@@ -0,0 +1,88 @@
+package orderStatusActions
+
+import (
+	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/model/enums"
+	"git.ma-al.com/goc_daniel/b2b/app/service/emailService"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
+)
+
+var GlobalRegistry = make(ActionRegistry)
+
+type ActionID string
+
+type ActionContext struct {
+	Order        *model.CustomerOrder
+	UserId       *uint
+	EmailService *emailService.EmailService
+}
+
+type ActionResult struct {
+	Err      error
+	Metadata map[string]any
+}
+
+type OrderAction interface {
+	ID() ActionID
+	Execute(actionCtx ActionContext) ActionResult
+}
+
+type ActionChain []OrderAction
+
+func (c ActionChain) Execute(actionCtx ActionContext) []ActionResult {
+	results := make([]ActionResult, 0, len(c))
+	for _, action := range c {
+		result := action.Execute(actionCtx)
+		results = append(results, result)
+		if result.Err != nil {
+			logger.Debug("action failed",
+				"action_id", action.ID(),
+				"order", actionCtx.Order,
+				"user_id", actionCtx.UserId,
+				"error", result.Err,
+			)
+		}
+	}
+	return results
+}
+
+type ActionRegistry map[enums.OrderStatus]ActionChain
+
+func (r ActionRegistry) Register(status enums.OrderStatus, chain ActionChain) {
+	r[status] = chain
+}
+
+func (r ActionRegistry) ExecuteForStatus(status enums.OrderStatus, actionCtx ActionContext) []ActionResult {
+	chain, exists := r[status]
+	if !exists {
+		return nil
+	}
+	return chain.Execute(actionCtx)
+}
+
+type ActionFunc func(actionCtx ActionContext) ActionResult
+
+func (f ActionFunc) ID() ActionID {
+	return "anonymous"
+}
+
+func (f ActionFunc) Execute(actionCtx ActionContext) ActionResult {
+	return f(actionCtx)
+}
+
+type actionAdapter struct {
+	id ActionID
+	fn ActionFunc
+}
+
+func (a *actionAdapter) ID() ActionID {
+	return a.id
+}
+
+func (a *actionAdapter) Execute(actionCtx ActionContext) ActionResult {
+	return a.fn(actionCtx)
+}
+
+func WithID(id ActionID, fn ActionFunc) OrderAction {
+	return &actionAdapter{id: id, fn: fn}
+}

app/cmd/cmds/startServer.go

@@ -4,8 +4,11 @@ import (
 	"log"
 	"os"
 
+	"git.ma-al.com/goc_daniel/b2b/app/config"
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/web"
+
 	"git.ma-al.com/goc_daniel/b2b/app/service/langsService"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/version"
 	"github.com/spf13/cobra"
 )
@@ -21,6 +24,8 @@ var (
 				return
 			}
 
+			logger.Init("b2b", nil, config.Get().Log.LogLevel, config.Get().Log.LogColorize)
+
 			// Create and setup the server
 			server := web.New()
 

app/config/config.go

@@ -28,6 +28,7 @@ type Config struct {
 	Cors            CorsConfig
 	MeiliSearch     MeiliSearchConfig
 	Storage         StorageConfig
+	Log             LogConfig
 }
 
 type I18n struct {
@@ -87,6 +88,11 @@ type AppConfig struct {
 	BaseURL     string `env:"APP_BASE_URL,http://localhost:5173"`
 }
 
+type LogConfig struct {
+	LogLevel    string `env:"LOG_LEVEL,warn"`
+	LogColorize bool   `env:"LOG_COLORIZE,true"`
+}
+
 type EmailConfig struct {
 	SMTPHost     string `env:"EMAIL_SMTP_HOST,localhost"`
 	SMTPPort     int    `env:"EMAIL_SMTP_PORT,587"`
@@ -209,6 +215,11 @@ func load() *Config {
 	if err != nil {
 		slog.Error("not possible to load env variables for storage : ", err.Error(), "")
 	}
+
+	err = loadEnv(&cfg.Log)
+	if err != nil {
+		slog.Error("not possible to load env variables for logger : ", err.Error(), "")
+	}
 	cfg.Storage.RootFolder = ResolveRelativePath(cfg.Storage.RootFolder)
 
 	return cfg

app/delivery/middleware/auth.go

@@ -7,17 +7,18 @@ import (
 	"time"
 
 	"git.ma-al.com/goc_daniel/b2b/app/config"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
 	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/authService"
 	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 
 	"github.com/gofiber/fiber/v3"
 )
 
 // AuthMiddleware creates authentication middleware
-func AuthMiddleware() fiber.Handler {
+func Authenticate() fiber.Handler {
 	authService := authService.NewAuthService()
-
 	return func(c fiber.Ctx) error {
 		// Get token from Authorization header
 		authHeader := c.Get("Authorization")
@@ -25,17 +26,13 @@ func AuthMiddleware() fiber.Handler {
 			// Try to get from cookie
 			authHeader = c.Cookies("access_token")
 			if authHeader == "" {
-				return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+				return c.Next()
-					"error": "authorization token required",
-				})
 			}
 		} else {
 			// Extract token from "Bearer <token>"
 			parts := strings.Split(authHeader, " ")
 			if len(parts) != 2 || parts[0] != "Bearer" {
-				return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+				return c.Next()
-					"error": "invalid authorization header format",
-				})
 			}
 			authHeader = parts[1]
 		}
@@ -43,24 +40,18 @@ func AuthMiddleware() fiber.Handler {
 		// Validate token
 		claims, err := authService.ValidateToken(authHeader)
 		if err != nil {
-			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+			return c.Next()
-				"error": "invalid or expired token",
-			})
 		}
 
 		// Get user from database
 		user, err := authService.GetUserByID(claims.UserID)
 		if err != nil {
-			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+			return c.Next()
-				"error": "user not found",
-			})
 		}
 
 		// Check if user is active
 		if !user.IsActive {
-			return c.Status(fiber.StatusForbidden).JSON(fiber.Map{
+			return c.Next()
-				"error": "user account is inactive",
-			})
 		}
 
 		// Create locale. LangID is overwritten by auth Token
@@ -78,10 +69,8 @@ func AuthMiddleware() fiber.Handler {
 		}
 
 		// We now populate the target user
-		if model.CustomerRole(user.Role.Name) != model.RoleAdmin {
+		if !userLocale.OriginalUser.HasPermission(perms.Teleport) {
-			return c.Status(fiber.StatusForbidden).JSON(fiber.Map{
+			return c.Next()
-				"error": "admin access required",
-			})
 		}
 
 		targetUserID, err := strconv.Atoi(targetUserIDAttribute)
@@ -114,6 +103,18 @@ func AuthMiddleware() fiber.Handler {
 	}
 }
 
+func Authorize() fiber.Handler {
+	return func(c fiber.Ctx) error {
+		_, ok := localeExtractor.GetUserID(c)
+		if !ok {
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+				"error": "not authenticated",
+			})
+		}
+		return c.Next()
+	}
+}
+
 // Webdav
 func Webdav() fiber.Handler {
 	authService := authService.NewAuthService()

app/delivery/middleware/perms/permissions.go

@@ -14,4 +14,5 @@ const (
 	SearchCreateIndex           Permission = "search.create_index"
 	OrdersViewAll               Permission = "orders.view_all"
 	OrdersModifyAll             Permission = "orders.modify_all"
+	Teleport                    Permission = "teleport"
 )

app/delivery/web/api/public/auth.go

@@ -1,7 +1,6 @@
 package public
 
 import (
-	"log"
 	"strconv"
 	"time"
 
@@ -11,6 +10,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/service/authService"
 	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -49,7 +49,7 @@ func AuthHandlerRoutes(r fiber.Router) fiber.Router {
 	r.Get("/google", handler.GoogleLogin)
 	r.Get("/google/callback", handler.GoogleCallback)
 
-	authProtected := r.Group("", middleware.AuthMiddleware())
+	authProtected := r.Group("", middleware.Authorize())
 	authProtected.Get("/me", handler.Me)
 	authProtected.Post("/update-choice", handler.UpdateJWTToken)
 
@@ -178,7 +178,13 @@ func (h *AuthHandler) ForgotPassword(c fiber.Ctx) error {
 	// Request password reset - always return success to prevent email enumeration
 	err := h.authService.RequestPasswordReset(req.Email)
 	if err != nil {
-		log.Printf("Password reset request error: %v", err)
+
+		logger.Warn("password reset request failed",
+			"handler", "AuthHandler.ForgotPassword",
+
+			"email", req.Email,
+			"error", err.Error(),
+		)
 	}
 
 	return c.JSON(fiber.Map{
@@ -307,7 +313,6 @@ func (h *AuthHandler) Register(c fiber.Ctx) error {
 	// Attempt registration
 	err := h.authService.Register(&req)
 	if err != nil {
-		log.Printf("Register error: %v", err)
 		return c.Status(responseErrors.GetErrorStatus(err)).JSON(fiber.Map{
 			"error": responseErrors.GetErrorCode(c, err),
 		})
@@ -447,7 +452,6 @@ func (h *AuthHandler) GoogleCallback(c fiber.Ctx) error {
 
 	response, rawRefreshToken, err := h.authService.HandleGoogleCallback(code)
 	if err != nil {
-		log.Printf("Google OAuth callback error: %v", err)
 		return c.Status(responseErrors.GetErrorStatus(err)).JSON(fiber.Map{
 			"error": responseErrors.GetErrorCode(c, err),
 		})

app/delivery/web/api/public/routing.go

@@ -2,6 +2,7 @@ package public
 
 import (
 	"git.ma-al.com/goc_daniel/b2b/app/service/menuService"
+	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
@@ -31,12 +32,21 @@ func RoutingHandlerRoutes(r fiber.Router) fiber.Router {
 }
 
 func (h *RoutingHandler) GetRouting(c fiber.Ctx) error {
-	lang_id, ok := localeExtractor.GetLangID(c)
+	langId, ok := localeExtractor.GetLangID(c)
 	if !ok {
-		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
-			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
 	}
-	menu, err := h.menuService.GetRoutes(lang_id)
+
+	var roleId uint
+	customer, ok := localeExtractor.GetCustomer(c)
+	if !ok {
+		roleId = constdata.UNLOGGED_USER_ROLE_ID
+	} else {
+		roleId = customer.RoleID
+	}
+
+	menu, err := h.menuService.GetRoutes(langId, roleId)
 	if err != nil {
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))

app/delivery/web/api/restricted/addresses.go

@@ -6,6 +6,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/service/addressesService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -45,6 +46,13 @@ func (h *AddressesHandler) GetTemplate(c fiber.Ctx) error {
 
 	template, err := h.addressesService.GetTemplate(uint(country_id))
 	if err != nil {
+
+		logger.Error("failed to get address template",
+			"handler", "AddressesHandler.GetTemplate",
+
+			"country_id", country_id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -74,6 +82,13 @@ func (h *AddressesHandler) AddNewAddress(c fiber.Ctx) error {
 
 	err = h.addressesService.AddNewAddress(userID, address_info, uint(country_id))
 	if err != nil {
+
+		logger.Error("failed to add new address",
+			"handler", "AddressesHandler.AddNewAddress",
+
+			"user_id", userID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -110,6 +125,14 @@ func (h *AddressesHandler) ModifyAddress(c fiber.Ctx) error {
 
 	err = h.addressesService.ModifyAddress(userID, uint(address_id), address_info, uint(country_id))
 	if err != nil {
+
+		logger.Error("failed to modify address",
+			"handler", "AddressesHandler.ModifyAddress",
+
+			"user_id", userID,
+			"address_id", address_id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -126,6 +149,13 @@ func (h *AddressesHandler) RetrieveAddressesInfo(c fiber.Ctx) error {
 
 	addresses, err := h.addressesService.RetrieveAddresses(userID)
 	if err != nil {
+
+		logger.Error("failed to retrieve addresses",
+			"handler", "AddressesHandler.RetrieveAddressesInfo",
+
+			"user_id", userID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -149,6 +179,14 @@ func (h *AddressesHandler) DeleteAddress(c fiber.Ctx) error {
 
 	err = h.addressesService.DeleteAddress(userID, uint(address_id))
 	if err != nil {
+
+		logger.Error("failed to delete address",
+			"handler", "AddressesHandler.DeleteAddress",
+
+			"user_id", userID,
+			"address_id", address_id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}

app/delivery/web/api/restricted/carts.go

@@ -6,6 +6,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/service/cartsService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -28,11 +29,13 @@ func NewCartsHandler() *CartsHandler {
 func CartsHandlerRoutes(r fiber.Router) fiber.Router {
 	handler := NewCartsHandler()
 
-	r.Get("/add-new-cart", handler.AddNewCart)
+	r.Post("/add-new-cart", handler.AddNewCart)
-	r.Get("/change-cart-name", handler.ChangeCartName)
+	r.Delete("/remove-cart", handler.RemoveCart)
+	r.Patch("/change-cart-name", handler.ChangeCartName)
 	r.Get("/retrieve-carts-info", handler.RetrieveCartsInfo)
 	r.Get("/retrieve-cart", handler.RetrieveCart)
-	r.Get("/add-product-to-cart", handler.AddProduct)
+	r.Post("/add-product-to-cart", handler.AddProduct)
+	r.Delete("/remove-product-from-cart", handler.RemoveProduct)
 
 	return r
 }
@@ -44,8 +47,16 @@ func (h *CartsHandler) AddNewCart(c fiber.Ctx) error {
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
 	}
 
-	new_cart, err := h.cartsService.CreateNewCart(userID)
+	name := c.Query("name")
+	new_cart, err := h.cartsService.CreateNewCart(userID, name)
 	if err != nil {
+
+		logger.Error("failed to create cart",
+			"handler", "CartsHandler.AddNewCart",
+
+			"user_id", userID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -53,6 +64,37 @@ func (h *CartsHandler) AddNewCart(c fiber.Ctx) error {
 	return c.JSON(response.Make(&new_cart, 0, i18n.T_(c, response.Message_OK)))
 }
 
+func (h *CartsHandler) RemoveCart(c fiber.Ctx) error {
+	userID, ok := localeExtractor.GetUserID(c)
+	if !ok {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
+	}
+
+	cart_id_attribute := c.Query("cart_id")
+	cart_id, err := strconv.Atoi(cart_id_attribute)
+	if err != nil {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
+	}
+
+	err = h.cartsService.RemoveCart(userID, uint(cart_id))
+	if err != nil {
+
+		logger.Error("failed to remove cart",
+			"handler", "CartsHandler.RemoveCart",
+
+			"user_id", userID,
+			"cart_id", cart_id,
+			"error", err.Error(),
+		)
+		return c.Status(responseErrors.GetErrorStatus(err)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
+	}
+
+	return c.JSON(response.Make(nullable.GetNil(""), 0, i18n.T_(c, response.Message_OK)))
+}
+
 func (h *CartsHandler) ChangeCartName(c fiber.Ctx) error {
 	userID, ok := localeExtractor.GetUserID(c)
 	if !ok {
@@ -71,6 +113,14 @@ func (h *CartsHandler) ChangeCartName(c fiber.Ctx) error {
 
 	err = h.cartsService.UpdateCartName(userID, uint(cart_id), new_name)
 	if err != nil {
+
+		logger.Error("failed to update cart name",
+			"handler", "CartsHandler.ChangeCartName",
+
+			"user_id", userID,
+			"cart_id", cart_id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -87,6 +137,13 @@ func (h *CartsHandler) RetrieveCartsInfo(c fiber.Ctx) error {
 
 	carts_info, err := h.cartsService.RetrieveCartsInfo(userID)
 	if err != nil {
+
+		logger.Error("failed to retrieve carts info",
+			"handler", "CartsHandler.RetrieveCartsInfo",
+
+			"user_id", userID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -110,6 +167,14 @@ func (h *CartsHandler) RetrieveCart(c fiber.Ctx) error {
 
 	cart, err := h.cartsService.RetrieveCart(userID, uint(cart_id))
 	if err != nil {
+
+		logger.Error("failed to retrieve cart",
+			"handler", "CartsHandler.RetrieveCart",
+
+			"user_id", userID,
+			"cart_id", cart_id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -117,6 +182,7 @@ func (h *CartsHandler) RetrieveCart(c fiber.Ctx) error {
 	return c.JSON(response.Make(cart, 0, i18n.T_(c, response.Message_OK)))
 }
 
+// adds or sets given amount of products to the cart
 func (h *CartsHandler) AddProduct(c fiber.Ctx) error {
 	userID, ok := localeExtractor.GetUserID(c)
 	if !ok {
@@ -159,8 +225,78 @@ func (h *CartsHandler) AddProduct(c fiber.Ctx) error {
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
 	}
 
-	err = h.cartsService.AddProduct(userID, uint(cart_id), uint(product_id), product_attribute_id, uint(amount))
+	set_amount_attribute := c.Query("set_amount")
+	set_amount, err := strconv.ParseBool(set_amount_attribute)
 	if err != nil {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
+	}
+
+	err = h.cartsService.AddProduct(userID, uint(cart_id), uint(product_id), product_attribute_id, amount, set_amount)
+	if err != nil {
+
+		logger.Error("failed to add product to cart",
+			"handler", "CartsHandler.AddProduct",
+
+			"user_id", userID,
+			"cart_id", cart_id,
+			"product_id", product_id,
+			"error", err.Error(),
+		)
+		return c.Status(responseErrors.GetErrorStatus(err)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
+	}
+
+	return c.JSON(response.Make(nullable.GetNil(""), 0, i18n.T_(c, response.Message_OK)))
+}
+
+// removes product from the cart.
+func (h *CartsHandler) RemoveProduct(c fiber.Ctx) error {
+	userID, ok := localeExtractor.GetUserID(c)
+	if !ok {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
+	}
+
+	cart_id_attribute := c.Query("cart_id")
+	cart_id, err := strconv.Atoi(cart_id_attribute)
+	if err != nil {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
+	}
+
+	product_id_attribute := c.Query("product_id")
+	product_id, err := strconv.Atoi(product_id_attribute)
+	if err != nil {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
+	}
+
+	product_attribute_id_attribute := c.Query("product_attribute_id")
+	var product_attribute_id *uint
+	if product_attribute_id_attribute == "" {
+		product_attribute_id = nil
+	} else {
+		val, err := strconv.Atoi(product_attribute_id_attribute)
+		if err != nil {
+			return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
+		}
+		uval := uint(val)
+		product_attribute_id = &uval
+	}
+
+	err = h.cartsService.RemoveProduct(userID, uint(cart_id), uint(product_id), product_attribute_id)
+	if err != nil {
+
+		logger.Error("failed to remove product from cart",
+			"handler", "CartsHandler.RemoveProduct",
+
+			"user_id", userID,
+			"cart_id", cart_id,
+			"product_id", product_id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}

app/delivery/web/api/restricted/currency.go

@@ -9,6 +9,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/currencyService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -46,6 +47,12 @@ func (h *CurrencyHandler) PostCurrencyRate(c fiber.Ctx) error {
 
 	err := h.CurrencyService.CreateCurrencyRate(&currencyRate)
 	if err != nil {
+
+		logger.Error("failed to create currency rate",
+			"handler", "CurrencyHandler.PostCurrencyRate",
+
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -63,6 +70,13 @@ func (h *CurrencyHandler) GetCurrencyRate(c fiber.Ctx) error {
 
 	currency, err := h.CurrencyService.GetCurrency(uint(id))
 	if err != nil {
+
+		logger.Error("failed to get currency",
+			"handler", "CurrencyHandler.GetCurrencyRate",
+
+			"currency_id", id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
 

app/delivery/web/api/restricted/customer.go

@@ -3,11 +3,13 @@ package restricted
 import (
 	"strconv"
 
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware"
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
 	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/customerService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/query/query_params"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
@@ -30,7 +32,8 @@ func CustomerHandlerRoutes(r fiber.Router) fiber.Router {
 	handler := NewCustomerHandler()
 
 	r.Get("", handler.customerData)
-	r.Get("/list", handler.listCustomers)
+	r.Get("/list", middleware.Require(perms.UserReadAny), handler.listCustomers)
+	r.Patch("/no-vat", middleware.Require(perms.UserWriteAny), handler.setCustomerNoVatStatus)
 	return r
 }
 
@@ -62,6 +65,13 @@ func (h *customerHandler) customerData(fc fiber.Ctx) error {
 
 	customer, err := h.service.GetById(customerId)
 	if err != nil {
+
+		logger.Error("failed to get customer",
+			"handler", "customerHandler.customerData",
+
+			"customer_id", customerId,
+			"error", err.Error(),
+		)
 		return fc.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, err)))
 	}
@@ -75,10 +85,6 @@ func (h *customerHandler) listCustomers(fc fiber.Ctx) error {
 		return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
 	}
-	if !user.HasPermission(perms.UserReadAny) {
-		return fc.Status(fiber.StatusForbidden).
-			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrForbidden)))
-	}
 
 	p, filt, err := query_params.ParseFilters[model.Customer](fc, columnMappingListUsers)
 	if err != nil {
@@ -87,15 +93,15 @@ func (h *customerHandler) listCustomers(fc fiber.Ctx) error {
 	}
 
 	search := fc.Query("search")
-	if search != "" {
-		if !user.HasPermission(perms.UserReadAny) {
-			return fc.Status(fiber.StatusForbidden).
-				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrForbidden)))
-		}
-	}
 
 	customer, err := h.service.Find(user.LangID, p, filt, search)
 	if err != nil {
+
+		logger.Error("failed to list customers",
+			"handler", "customerHandler.listCustomers",
+
+			"error", err.Error(),
+		)
 		return fc.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, err)))
 	}
@@ -109,3 +115,35 @@ var columnMappingListUsers map[string]string = map[string]string{
 	"first_name": "users.first_name",
 	"last_name":  "users.last_name",
 }
+
+func (h *customerHandler) setCustomerNoVatStatus(fc fiber.Ctx) error {
+	user, ok := localeExtractor.GetCustomer(fc)
+	if !ok || user == nil {
+		return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrInvalidBody)))
+	}
+
+	var req struct {
+		CustomerID uint `json:"customer_id"`
+		IsNoVat    bool `json:"is_no_vat"`
+	}
+
+	if err := fc.Bind().Body(&req); err != nil {
+		return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrJSONBody)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrJSONBody)))
+	}
+
+	if err := h.service.SetCustomerNoVatStatus(req.CustomerID, req.IsNoVat); err != nil {
+
+		logger.Error("failed to set customer no vat status",
+			"handler", "customerHandler.setCustomerNoVatStatus",
+
+			"customer_id", req.CustomerID,
+			"error", err.Error(),
+		)
+		return fc.Status(responseErrors.GetErrorStatus(err)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, err)))
+	}
+
+	return fc.JSON(response.Make(nullable.GetNil(""), 0, i18n.T_(fc, response.Message_OK)))
+}

app/delivery/web/api/restricted/localeSelector.go

@@ -3,6 +3,7 @@ package restricted
 import (
 	"git.ma-al.com/goc_daniel/b2b/app/service/localeSelectorService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -34,6 +35,12 @@ func LocaleSelectorHandlerRoutes(r fiber.Router) fiber.Router {
 func (h *LocaleSelectorHandler) GetLanguages(c fiber.Ctx) error {
 	languages, err := h.localeSelectorService.GetLanguages()
 	if err != nil {
+
+		logger.Error("failed to get languages",
+			"handler", "LocaleSelectorHandler.GetLanguages",
+
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -44,6 +51,12 @@ func (h *LocaleSelectorHandler) GetLanguages(c fiber.Ctx) error {
 func (h *LocaleSelectorHandler) GetCountries(c fiber.Ctx) error {
 	countries, err := h.localeSelectorService.GetCountriesAndCurrencies()
 	if err != nil {
+
+		logger.Error("failed to get countries",
+			"handler", "LocaleSelectorHandler.GetCountries",
+
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}

app/delivery/web/api/restricted/menu.go

@@ -3,9 +3,12 @@ package restricted
 import (
 	"strconv"
 
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
 	"git.ma-al.com/goc_daniel/b2b/app/service/menuService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -29,6 +32,7 @@ func MenuHandlerRoutes(r fiber.Router) fiber.Router {
 	r.Get("/get-category-tree", handler.GetCategoryTree)
 	r.Get("/get-breadcrumb", handler.GetBreadcrumb)
 	r.Get("/get-top-menu", handler.GetTopMenu)
+	r.Get("/get-customer-management-menu", middleware.Require(perms.UserReadAny), handler.GetCustomerManagementMenu)
 
 	return r
 }
@@ -49,6 +53,12 @@ func (h *MenuHandler) GetCategoryTree(c fiber.Ctx) error {
 
 	category_tree, err := h.menuService.GetCategoryTree(uint(root_category_id), lang_id)
 	if err != nil {
+
+		logger.Error("failed to get category tree",
+			"handler", "MenuHandler.GetCategoryTree",
+
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -79,6 +89,12 @@ func (h *MenuHandler) GetBreadcrumb(c fiber.Ctx) error {
 
 	breadcrumb, err := h.menuService.GetBreadcrumb(uint(root_category_id), uint(category_id), lang_id)
 	if err != nil {
+
+		logger.Error("failed to get breadcrumb",
+			"handler", "MenuHandler.GetBreadcrumb",
+
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -93,6 +109,27 @@ func (h *MenuHandler) GetTopMenu(c fiber.Ctx) error {
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
 	}
 	menu, err := h.menuService.GetTopMenu(customer.LangID, customer.RoleID)
+	if err != nil {
+
+		logger.Error("failed to get top menu",
+			"handler", "MenuHandler.GetTopMenu",
+
+			"error", err.Error(),
+		)
+		return c.Status(responseErrors.GetErrorStatus(err)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
+	}
+
+	return c.JSON(response.Make(&menu, len(menu), i18n.T_(c, response.Message_OK)))
+}
+
+func (h *MenuHandler) GetCustomerManagementMenu(c fiber.Ctx) error {
+	langId, ok := localeExtractor.GetLangID(c)
+	if !ok {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
+	}
+	menu, err := h.menuService.GetCustomerManagementMenu(langId)
 	if err != nil {
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))

app/delivery/web/api/restricted/orders.go

@@ -2,11 +2,16 @@ package restricted
 
 import (
 	"strconv"
+	"strings"
 
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
 	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/model/enums"
 	"git.ma-al.com/goc_daniel/b2b/app/service/orderService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/query/query_params"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
@@ -31,7 +36,7 @@ func OrdersHandlerRoutes(r fiber.Router) fiber.Router {
 	r.Get("/list", handler.ListOrders)
 	r.Post("/place-new-order", handler.PlaceNewOrder)
 	r.Post("/change-order-address", handler.ChangeOrderAddress)
-	r.Get("/change-order-status", handler.ChangeOrderStatus)
+	r.Patch("/change-order-status", middleware.Require(perms.OrdersModifyAll), handler.ChangeOrderStatus)
 
 	return r
 }
@@ -53,6 +58,12 @@ func (h *OrdersHandler) ListOrders(c fiber.Ctx) error {
 
 	list, err := h.ordersService.Find(user, paging, filters)
 	if err != nil {
+
+		logger.Error("failed to list orders",
+			"handler", "OrdersHandler.ListOrders",
+
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -66,6 +77,11 @@ var columnMappingListOrders map[string]string = map[string]string{
 	"name":       "b2b_customer_orders.name",
 	"country_id": "b2b_customer_orders.country_id",
 	"status":     "b2b_customer_orders.status",
+	"base_price": "b2b_customer_orders.base_price",
+	"tax_incl":   "b2b_customer_orders.tax_incl",
+	"tax_excl":   "b2b_customer_orders.tax_excl",
+	"created_at": "b2b_customer_orders.created_at",
+	"updated_at": "b2b_customer_orders.updated_at",
 }
 
 func (h *OrdersHandler) PlaceNewOrder(c fiber.Ctx) error {
@@ -97,8 +113,21 @@ func (h *OrdersHandler) PlaceNewOrder(c fiber.Ctx) error {
 
 	name := c.Query("name")
 
-	err = h.ordersService.PlaceNewOrder(userID, uint(cart_id), name, uint(country_id), address_info)
+	originalUserId, ok := localeExtractor.GetOriginalUserID(c)
+	if !ok {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
+	}
+
+	err = h.ordersService.PlaceNewOrder(userID, uint(cart_id), name, uint(country_id), address_info, originalUserId)
 	if err != nil {
+
+		logger.Error("failed to place order",
+			"handler", "OrdersHandler.PlaceNewOrder",
+
+			"user_id", userID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -136,6 +165,13 @@ func (h *OrdersHandler) ChangeOrderAddress(c fiber.Ctx) error {
 
 	err = h.ordersService.ChangeOrderAddress(user, uint(order_id), uint(country_id), address_info)
 	if err != nil {
+
+		logger.Error("failed to change order address",
+			"handler", "OrdersHandler.ChangeOrderAddress",
+
+			"order_id", order_id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -146,23 +182,27 @@ func (h *OrdersHandler) ChangeOrderAddress(c fiber.Ctx) error {
 // we base permissions and user based on target user only.
 // TODO: well, permissions and all that.
 func (h *OrdersHandler) ChangeOrderStatus(c fiber.Ctx) error {
-	user, ok := localeExtractor.GetCustomer(c)
+	userId, ok := localeExtractor.GetUserID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
 	}
 
-	order_id_attribute := c.Query("order_id")
+	order_id, err := strconv.Atoi(c.Query("order_id"))
-	order_id, err := strconv.Atoi(order_id_attribute)
 	if err != nil {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
 	}
 
-	status := c.Query("status")
+	err = h.ordersService.ChangeOrderStatus(userId, uint(order_id), enums.OrderStatus(strings.ToUpper(c.Query("status"))))
-
-	err = h.ordersService.ChangeOrderStatus(user, uint(order_id), status)
 	if err != nil {
+
+		logger.Error("failed to change order status",
+			"handler", "OrdersHandler.ChangeOrderStatus",
+
+			"order_id", order_id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}

app/delivery/web/api/restricted/product.go

@@ -9,6 +9,7 @@ import (
 	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/query/query_params"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
@@ -74,6 +75,15 @@ func (h *ProductsHandler) GetProductJson(c fiber.Ctx) error {
 	}
 	productJson, err := h.productService.Get(uint(p_id_product), customer.LangID, customer.ID, uint(b2b_id_country), uint(p_quantity))
 	if err != nil {
+		logger.Error("failed to get product",
+			"handler", "ProductsHandler.GetProductJson",
+			"product_id", p_id_product,
+			"lang_id", customer.LangID,
+			"customer_id", customer.ID,
+			"b2b_id_country", b2b_id_country,
+			"quantity", p_quantity,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -96,6 +106,13 @@ func (h *ProductsHandler) ListProducts(c fiber.Ctx) error {
 
 	list, err := h.productService.Find(customer.LangID, customer.ID, paging, filters, customer, constdata.DEFAULT_PRODUCT_QUANTITY, constdata.SHOP_ID)
 	if err != nil {
+
+		logger.Error("failed to list products",
+			"handler", "ProductsHandler.ListProducts",
+			"lang_id", customer.LangID,
+			"customer_id", customer.ID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -112,6 +129,7 @@ var columnMappingListProducts map[string]string = map[string]string{
 	"quantity":    "bp.quantity",
 	"is_favorite": "bp.is_favorite",
 	"is_new":      "bp.is_new",
+	"is_oem":      "bp.is_oem",
 }
 
 func (h *ProductsHandler) AddToFavorites(c fiber.Ctx) error {
@@ -131,6 +149,13 @@ func (h *ProductsHandler) AddToFavorites(c fiber.Ctx) error {
 
 	err = h.productService.AddToFavorites(userID, uint(productID))
 	if err != nil {
+
+		logger.Error("failed to add to favorites",
+			"handler", "ProductsHandler.AddToFavorites",
+			"user_id", userID,
+			"product_id", productID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -155,6 +180,12 @@ func (h *ProductsHandler) RemoveFromFavorites(c fiber.Ctx) error {
 
 	err = h.productService.RemoveFromFavorites(userID, uint(productID))
 	if err != nil {
+		logger.Error("failed to remove from favorites",
+			"handler", "ProductsHandler.RemoveFromFavorites",
+			"user_id", userID,
+			"product_id", productID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -179,6 +210,15 @@ func (h *ProductsHandler) ListProductVariants(c fiber.Ctx) error {
 
 	list, err := h.productService.GetProductAttributes(customer.LangID, uint(productID), constdata.SHOP_ID, customer.ID, customer.CountryID, constdata.DEFAULT_PRODUCT_QUANTITY)
 	if err != nil {
+
+		logger.Error("failed to list product variants",
+			"handler", "ProductsHandler.ListProductVariants",
+			"product_id", productID,
+			"customer_id", customer.ID,
+			"lang_id", customer.LangID,
+			"country_id", customer.CountryID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}

app/delivery/web/api/restricted/productTranslation.go

@@ -9,6 +9,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/service/productTranslationService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -66,6 +67,13 @@ func (h *ProductTranslationHandler) GetProductDescription(c fiber.Ctx) error {
 
 	description, err := h.productTranslationService.GetProductDescription(userID, uint(productID), uint(productLangID))
 	if err != nil {
+
+		logger.Error("failed to get product description",
+			"handler", "ProductTranslationHandler.GetProductDescription",
+
+			"product_id", productID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -103,6 +111,13 @@ func (h *ProductTranslationHandler) SaveProductDescription(c fiber.Ctx) error {
 
 	err = h.productTranslationService.SaveProductDescription(userID, uint(productID), uint(productLangID), updates)
 	if err != nil {
+
+		logger.Error("failed to save product description",
+			"handler", "ProductTranslationHandler.SaveProductDescription",
+
+			"product_id", productID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -147,6 +162,13 @@ func (h *ProductTranslationHandler) TranslateProductDescription(c fiber.Ctx) err
 
 	description, err := h.productTranslationService.TranslateProductDescription(userID, uint(productID), uint(productFromLangID), uint(productToLangID), aiModel)
 	if err != nil {
+
+		logger.Error("failed to translate product description",
+			"handler", "ProductTranslationHandler.TranslateProductDescription",
+
+			"product_id", productID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}

app/delivery/web/api/restricted/search.go

@@ -2,7 +2,6 @@ package restricted
 
 import (
 	"encoding/json"
-	"fmt"
 
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware"
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
@@ -10,6 +9,7 @@ import (
 	searchservice "git.ma-al.com/goc_daniel/b2b/app/service/searchService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -47,7 +47,13 @@ func (h *MeiliSearchHandler) CreateIndex(c fiber.Ctx) error {
 
 	err := h.meiliService.CreateIndex(id_lang)
 	if err != nil {
-		fmt.Printf("CreateIndex error: %v\n", err)
+
+		logger.Error("failed to create search index",
+			"handler", "MeiliSearchHandler.CreateIndex",
+
+			"lang_id", id_lang,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -72,6 +78,13 @@ func (h *MeiliSearchHandler) Search(c fiber.Ctx) error {
 
 	result, err := h.searchService.Search(index, c.Body(), id_lang)
 	if err != nil {
+
+		logger.Error("failed to search",
+			"handler", "MeiliSearchHandler.Search",
+
+			"index", index,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -80,6 +93,13 @@ func (h *MeiliSearchHandler) Search(c fiber.Ctx) error {
 		if createErr := h.meiliService.CreateIndex(id_lang); createErr == nil {
 			result, err = h.searchService.Search(index, c.Body(), id_lang)
 			if err != nil {
+
+				logger.Error("failed to search after index creation",
+					"handler", "MeiliSearchHandler.Search",
+
+					"index", index,
+					"error", err.Error(),
+				)
 				return c.Status(responseErrors.GetErrorStatus(err)).
 					JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 			}
@@ -100,6 +120,13 @@ func (h *MeiliSearchHandler) GetSettings(c fiber.Ctx) error {
 
 	result, err := h.searchService.GetIndexSettings(index)
 	if err != nil {
+
+		logger.Error("failed to get index settings",
+			"handler", "MeiliSearchHandler.GetSettings",
+
+			"index", index,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}

app/delivery/web/api/restricted/specificPrice.go

@@ -9,6 +9,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/specificPriceService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -51,6 +52,12 @@ func (h *SpecificPriceHandler) Create(c fiber.Ctx) error {
 
 	result, err := h.SpecificPriceService.Create(c.Context(), &pr)
 	if err != nil {
+
+		logger.Error("failed to create specific price",
+			"handler", "SpecificPriceHandler.Create",
+
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -74,6 +81,13 @@ func (h *SpecificPriceHandler) Update(c fiber.Ctx) error {
 
 	result, err := h.SpecificPriceService.Update(c.Context(), id, &pr)
 	if err != nil {
+
+		logger.Error("failed to update specific price",
+			"handler", "SpecificPriceHandler.Update",
+
+			"specific_price_id", id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -84,6 +98,12 @@ func (h *SpecificPriceHandler) Update(c fiber.Ctx) error {
 func (h *SpecificPriceHandler) List(c fiber.Ctx) error {
 	result, err := h.SpecificPriceService.List(c.Context())
 	if err != nil {
+
+		logger.Error("failed to list specific prices",
+			"handler", "SpecificPriceHandler.List",
+
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -101,6 +121,13 @@ func (h *SpecificPriceHandler) GetByID(c fiber.Ctx) error {
 
 	result, err := h.SpecificPriceService.GetByID(c.Context(), id)
 	if err != nil {
+
+		logger.Error("failed to get specific price",
+			"handler", "SpecificPriceHandler.GetByID",
+
+			"specific_price_id", id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -118,6 +145,13 @@ func (h *SpecificPriceHandler) Activate(c fiber.Ctx) error {
 
 	err = h.SpecificPriceService.SetActive(c.Context(), id, true)
 	if err != nil {
+
+		logger.Error("failed to activate specific price",
+			"handler", "SpecificPriceHandler.Activate",
+
+			"specific_price_id", id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -135,6 +169,13 @@ func (h *SpecificPriceHandler) Deactivate(c fiber.Ctx) error {
 
 	err = h.SpecificPriceService.SetActive(c.Context(), id, false)
 	if err != nil {
+
+		logger.Error("failed to deactivate specific price",
+			"handler", "SpecificPriceHandler.Deactivate",
+
+			"specific_price_id", id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -152,6 +193,13 @@ func (h *SpecificPriceHandler) Delete(c fiber.Ctx) error {
 
 	err = h.SpecificPriceService.Delete(c.Context(), id)
 	if err != nil {
+
+		logger.Error("failed to delete specific price",
+			"handler", "SpecificPriceHandler.Delete",
+
+			"specific_price_id", id,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}

app/delivery/web/api/restricted/storage.go

@@ -9,6 +9,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/service/storageService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -52,6 +53,12 @@ func (h *StorageHandler) ListContent(c fiber.Ctx) error {
 	entries_in_list, err := h.storageService.ListContent(abs_path)
 
 	if err != nil {
+
+		logger.Error("failed to list storage content",
+			"handler", "StorageHandler.ListContent",
+			"path", abs_path,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -68,6 +75,12 @@ func (h *StorageHandler) DownloadFile(c fiber.Ctx) error {
 
 	f, filename, filesize, err := h.storageService.DownloadFilePrep(abs_path)
 	if err != nil {
+
+		logger.Error("failed to prepare file download",
+			"handler", "StorageHandler.DownloadFile",
+			"path", abs_path,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
@@ -87,6 +100,12 @@ func (h *StorageHandler) CreateNewWebdavToken(c fiber.Ctx) error {
 
 	new_token, err := h.storageService.NewWebdavToken(userID)
 	if err != nil {
+
+		logger.Error("failed to create webdav token",
+			"handler", "StorageHandler.CreateNewWebdavToken",
+			"user_id", userID,
+			"error", err.Error(),
+		)
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}

app/delivery/web/init.go

@@ -86,9 +86,10 @@ func (s *Server) Setup() error {
 
 	// API routes
 	s.api = s.app.Group("/api/v1")
+	s.api.Use(middleware.Authenticate())
 	s.public = s.api.Group("/public")
 	s.restricted = s.api.Group("/restricted")
-	s.restricted.Use(middleware.AuthMiddleware())
+	s.restricted.Use(middleware.Authorize())
 	s.webdav = s.api.Group("/webdav")
 	s.webdav.Use(middleware.Webdav())
 

app/model/customer.go

@@ -35,6 +35,7 @@ type Customer struct {
 	CreatedAt                time.Time      `json:"created_at"`
 	UpdatedAt                time.Time      `json:"updated_at"`
 	DeletedAt                gorm.DeletedAt `gorm:"index" json:"-"`
+	IsNoVat                  bool           `gorm:"default:false" json:"is_no_vat"`
 }
 
 func (u *Customer) HasPermission(permission perms.Permission) bool {

app/model/enums/orderStatus.go

@@ -0,0 +1,16 @@
+package enums
+
+type OrderStatus string
+
+const (
+	OrderStatusPending        OrderStatus = "PENDING"
+	OrderStatusConfirmed      OrderStatus = "CONFIRMED"
+	OrderStatusProcessing     OrderStatus = "PROCESSING"
+	OrderStatusShipped        OrderStatus = "SHIPPED"
+	OrderStatusOutForDelivery OrderStatus = "OUT_FOR_DELIVERY"
+	OrderStatusDelivered      OrderStatus = "DELIVERED"
+	OrderStatusCancelled      OrderStatus = "CANCELLED"
+	OrderStatusReturned       OrderStatus = "RETURNED"
+	OrderStatusRefunded       OrderStatus = "REFUNDED"
+	OrderStatusFailed         OrderStatus = "FAILED"
+)

app/model/menu.go

@@ -2,7 +2,7 @@ package model
 
 import "encoding/json"
 
-type B2BTopMenu struct {
+type B2BMenu struct {
 	MenuID   int             `gorm:"column:menu_id;primaryKey;autoIncrement" json:"menu_id"`
 	Label    json.RawMessage `gorm:"column:label;type:longtext;not null;default:'{}'" json:"label"`
 	ParentID *int            `gorm:"column:parent_id;index:FK_b2b_top_menu_parent_id" json:"parent_id,omitempty"`
@@ -10,10 +10,22 @@ type B2BTopMenu struct {
 	Active   int8            `gorm:"column:active;type:tinyint;not null;default:1" json:"active"`
 	Position int             `gorm:"column:position;not null;default:1" json:"position"`
 
-	Parent   *B2BTopMenu   `gorm:"foreignKey:ParentID;references:MenuID;constraint:OnDelete:RESTRICT,OnUpdate:RESTRICT" json:"parent,omitempty"`
+	Parent   *B2BMenu   `gorm:"foreignKey:ParentID;references:MenuID;constraint:OnDelete:RESTRICT,OnUpdate:RESTRICT" json:"parent,omitempty"`
-	Children []*B2BTopMenu `gorm:"foreignKey:ParentID" json:"children,omitempty"`
+	Children []*B2BMenu `gorm:"foreignKey:ParentID" json:"children,omitempty"`
+}
+
+type B2BTopMenu struct {
+	B2BMenu
 }
 
 func (B2BTopMenu) TableName() string {
 	return "b2b_top_menu"
 }
+
+type B2BCustomerManagementMenu struct {
+	B2BMenu
+}
+
+func (B2BCustomerManagementMenu) TableName() string {
+	return "b2b_customer_management_menu"
+}

app/model/order.go

@@ -1,14 +1,25 @@
 package model
 
+import (
+	"time"
+
+	"git.ma-al.com/goc_daniel/b2b/app/model/enums"
+)
+
 type CustomerOrder struct {
-	OrderID         uint             `gorm:"column:order_id;primaryKey;autoIncrement" json:"order_id"`
+	OrderID         uint              `gorm:"column:order_id;primaryKey;autoIncrement" json:"order_id"`
-	UserID          uint             `gorm:"column:user_id;not null;index" json:"user_id"`
+	UserID          uint              `gorm:"column:user_id;not null;index" json:"user_id"`
-	Name            string           `gorm:"column:name;not null" json:"name"`
+	Name            string            `gorm:"column:name;not null" json:"name"`
-	CountryID       uint             `gorm:"column:country_id;not null" json:"country_id"`
+	CountryID       uint              `gorm:"column:country_id;not null" json:"country_id"`
-	AddressString   string           `gorm:"column:address_string;not null" json:"address_string"`
+	AddressString   string            `gorm:"column:address_string;not null" json:"address_string"`
-	AddressUnparsed *AddressUnparsed `gorm:"-" json:"address_unparsed"`
+	AddressUnparsed *AddressUnparsed  `gorm:"-" json:"address_unparsed"`
-	Status          string           `gorm:"column:status;size:50;not null" json:"status"`
+	Status          enums.OrderStatus `gorm:"column:status;size:50;not null" json:"status"`
-	Products        []OrderProduct   `gorm:"foreignKey:OrderID;references:OrderID" json:"products"`
+	BasePrice       float64           `gorm:"column:base_price;type:decimal(10,2);not null" json:"base_price"`
+	TaxIncl         float64           `gorm:"column:tax_incl;type:decimal(10,2);not null" json:"tax_incl"`
+	TaxExcl         float64           `gorm:"column:tax_excl;type:decimal(10,2);not null" json:"tax_excl"`
+	CreatedAt       time.Time         `gorm:"column:created_at;not null" json:"created_at"`
+	UpdatedAt       time.Time         `gorm:"column:updated_at;not null" json:"updated_at"`
+	Products        []OrderProduct    `gorm:"foreignKey:OrderID;references:OrderID" json:"products"`
 }
 
 func (CustomerOrder) TableName() string {

app/model/orderStatusHistory.go

@@ -0,0 +1,20 @@
+package model
+
+import (
+	"time"
+
+	"git.ma-al.com/goc_daniel/b2b/app/model/enums"
+)
+
+type OrderStatusHistory struct {
+	Id        uint               `gorm:"column:id;primaryKey;autoIncrement"`
+	OrderId   uint               `gorm:"column:order_id;not null;index:idx_order_status_history_order"`
+	OldStatus *enums.OrderStatus `gorm:"column:old_status;type:varchar(50)"`
+	NewStatus enums.OrderStatus  `gorm:"column:new_status;type:varchar(50);not null"`
+	CreatedAt time.Time          `gorm:"column:created_at;not null;autoCreateTime"`
+	UserId    uint               `gorm:"column:user_id;index:idx_order_status_history_user;not null"`
+}
+
+func (OrderStatusHistory) TableName() string {
+	return "b2b_order_status_history"
+}

app/model/product.go

@@ -12,7 +12,8 @@ type ProductInList struct {
 	PriceTaxExcl   float64 `gorm:"column:price_tax_excl" json:"price_tax_excl"`
 	PriceTaxIncl   float64 `gorm:"column:price_tax_incl" json:"price_tax_incl"`
 	IsFavorite     bool    `gorm:"column:is_favorite" json:"is_favorite"`
-	IsNew          uint    `gorm:"column:is_new" json:"is_new"`
+	IsNew          bool    `gorm:"column:is_new" json:"is_new"`
+	IsOEM          bool    `gorm:"column:is_oem" json:"is_oem"`
 }
 
 type ProductFilters struct {

app/model/routing.go

@@ -7,7 +7,6 @@ type Route struct {
 	Component string  `gorm:"type:varchar(255);not null;comment:path to component file" json:"component"`
 	Meta      *string `gorm:"type:longtext;default:'{}'" json:"meta,omitempty"`
 	Active    *bool   `gorm:"type:tinyint;default:1" json:"active,omitempty"`
-	SortOrder *int    `gorm:"type:int;default:0" json:"sort_order,omitempty"`
 }
 
 func (Route) TableName() string {

app/repos/cartsRepo/cartsRepo.go

@@ -1,21 +1,26 @@
 package cartsRepo
 
 import (
+	"errors"
+
 	"git.ma-al.com/goc_daniel/b2b/app/db"
 	"git.ma-al.com/goc_daniel/b2b/app/model"
 	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
+	"gorm.io/gorm"
 )
 
 type UICartsRepo interface {
 	CartsAmount(user_id uint) (uint, error)
-	CreateNewCart(user_id uint) (model.CustomerCart, error)
+	CreateNewCart(user_id uint, name string) (model.CustomerCart, error)
 	RemoveCart(user_id uint, cart_id uint) error
 	UserHasCart(user_id uint, cart_id uint) (bool, error)
 	UpdateCartName(user_id uint, cart_id uint, new_name string) error
 	RetrieveCartsInfo(user_id uint) ([]model.CustomerCart, error)
 	RetrieveCart(user_id uint, cart_id uint) (*model.CustomerCart, error)
 	CheckProductExists(product_id uint, product_attribute_id *uint) (bool, error)
-	AddProduct(user_id uint, cart_id uint, product_id uint, product_attribute_id *uint, amount uint) error
+	AddProduct(cart_id uint, product_id uint, product_attribute_id *uint, amount uint, set_amount bool) error
+	RemoveProduct(cart_id uint, product_id uint, product_attribute_id *uint) error
 }
 
 type CartsRepo struct{}
@@ -37,10 +42,7 @@ func (repo *CartsRepo) CartsAmount(user_id uint) (uint, error) {
 	return amt, err
 }
 
-func (repo *CartsRepo) CreateNewCart(user_id uint) (model.CustomerCart, error) {
+func (repo *CartsRepo) CreateNewCart(user_id uint, name string) (model.CustomerCart, error) {
-	var name string
-	name = constdata.DEFAULT_NEW_CART_NAME
-
 	cart := model.CustomerCart{
 		UserID: user_id,
 		Name:   &name,
@@ -129,14 +131,61 @@ func (repo *CartsRepo) CheckProductExists(product_id uint, product_attribute_id
 	}
 }
 
-func (repo *CartsRepo) AddProduct(user_id uint, cart_id uint, product_id uint, product_attribute_id *uint, amount uint) error {
+func (repo *CartsRepo) AddProduct(cart_id uint, product_id uint, product_attribute_id *uint, amount uint, set_amount bool) error {
-	product := model.CartProduct{
+	var product model.CartProduct
-		CartID:             cart_id,
-		ProductID:          product_id,
-		ProductAttributeID: product_attribute_id,
-		Amount:             amount,
-	}
-	err := db.DB.Create(&product).Error
 
-	return err
+	err := db.DB.
+		Where(&model.CartProduct{
+			CartID:             cart_id,
+			ProductID:          product_id,
+			ProductAttributeID: product_attribute_id,
+		}).
+		First(&product).Error
+
+	if err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			if amount < 1 {
+				return responseErrors.ErrAmountMustBePositive
+			} else if amount > constdata.MAX_AMOUNT_OF_PRODUCT_IN_CART {
+				return responseErrors.ErrAmountMustBeReasonable
+			}
+
+			product = model.CartProduct{
+				CartID:             cart_id,
+				ProductID:          product_id,
+				ProductAttributeID: product_attribute_id,
+				Amount:             amount,
+			}
+
+			return db.DB.Create(&product).Error
+		}
+
+		// Some other DB error
+		return err
+	}
+
+	// Product already exists in cart
+	if set_amount {
+		product.Amount = amount
+	} else {
+		product.Amount = product.Amount + amount
+	}
+
+	if product.Amount < 1 {
+		return responseErrors.ErrAmountMustBePositive
+	} else if product.Amount > constdata.MAX_AMOUNT_OF_PRODUCT_IN_CART {
+		return responseErrors.ErrAmountMustBeReasonable
+	}
+
+	return db.DB.Save(&product).Error
+}
+
+func (repo *CartsRepo) RemoveProduct(cart_id uint, product_id uint, product_attribute_id *uint) error {
+	return db.DB.
+		Where(&model.CartProduct{
+			CartID:             cart_id,
+			ProductID:          product_id,
+			ProductAttributeID: product_attribute_id,
+		}).
+		Delete(&model.CartProduct{}).Error
 }

app/repos/customerRepo/customerRepo.go

@@ -1,6 +1,7 @@
 package customerRepo
 
 import (
+	"fmt"
 	"strings"
 
 	"git.ma-al.com/goc_daniel/b2b/app/db"
@@ -16,6 +17,7 @@ type UICustomerRepo interface {
 	Find(langId uint, p find.Paging, filt *filters.FiltersList, search string) (*find.Found[model.UserInList], error)
 	Save(customer *model.Customer) error
 	Create(customer *model.Customer) error
+	SetCustomerNoVatStatus(customerID uint, isNoVat bool) error
 }
 
 type CustomerRepo struct{}
@@ -80,13 +82,16 @@ func (repo *CustomerRepo) Find(langId uint, p find.Paging, filt *filters.Filters
 		for _, word := range words {
 
 			conditions = append(conditions, `
-			(LOWER(first_name) LIKE ? OR
+			(
+			 id = ? OR
+			 LOWER(first_name) LIKE ? OR
 			 LOWER(last_name) LIKE ? OR
 			 LOWER(email) LIKE ?)
 		`)
 
+			args = append(args, strings.ToLower(word))
 			for range 3 {
-				args = append(args, "%"+strings.ToLower(word)+"%")
+				args = append(args, fmt.Sprintf("%%%s%%", strings.ToLower(word)))
 			}
 		}
 
@@ -111,87 +116,6 @@ func (repo *CustomerRepo) Create(customer *model.Customer) error {
 	return db.DB.Create(customer).Error
 }
 
-// func (repo *CustomerRepo) Search(
+func (repo *CustomerRepo) SetCustomerNoVatStatus(customerID uint, isNoVat bool) error {
-// 	customerId uint,
+	return db.DB.Model(&model.Customer{}).Where("id = ?", customerID).Update("is_no_vat", isNoVat).Error
-// 	partnerCode string,
+}
-// 	p find.Paging,
-// 	filt *filters.FiltersList,
-// 	search string,
-// ) (found find.Found[model.UserInList], err error) {
-// 	words := strings.Fields(search)
-// 	if len(words) > 5 {
-// 		words = words[:5]
-// 	}
-
-// 	query := ctx.DB().
-// 		Model(&model.Customer{}).
-// 		Select("customer.id AS id, customer.first_name as first_name, customer.last_name as last_name, customer.phone_number AS phone_number, customer.email AS email, count(distinct investment_plan_contract.id) as iiplan_purchases, count(distinct `order`.id) as single_purchases, entity.name as entity_name").
-// 		Where("customer.id <> ?", customerId).
-// 		Where("(customer.id IN (SELECT id FROM customer WHERE partner_code IN (WITH RECURSIVE partners AS (SELECT code AS dst FROM partner WHERE code = ? UNION SELECT code FROM partner JOIN partners ON partners.dst = partner.superior_code) SELECT dst FROM partners)) OR customer.recommender_code = ?)", partnerCode, partnerCode).
-// 		Scopes(view.CustomerListQuery())
-
-// 	var conditions []string
-// 	var args []interface{}
-// 	for _, word := range words {
-
-// 		conditions = append(conditions, `
-// 			(LOWER(first_name) LIKE ? OR
-// 			 LOWER(last_name) LIKE ? OR
-// 			 phone_number LIKE ? OR
-// 			 LOWER(email) LIKE ?)
-// 		`)
-
-// 		for i := 0; i < 4; i++ {
-// 			args = append(args, "%"+strings.ToLower(word)+"%")
-// 		}
-// 	}
-
-// 	finalQuery := strings.Join(conditions, " AND ")
-
-// 	query = query.Where(finalQuery, args...).
-// 		Scopes(filt.All()...)
-
-// 	found, err = find.Paginate[V](ctx, p, query)
-
-// 	return found, errs.Recorded(span, err)
-// }
-
-// func (repo *ListRepo) ListUsers(id_lang uint, p find.Paging, filt *filters.FiltersList) (find.Found[model.UserInList], error) {
-// 	var list []model.UserInList
-// 	var total int64
-
-// 	query := db.Get().
-// 		Table("b2b_customers AS users").
-// 		Select(`
-// 			users.id AS id,
-// 			users.email AS email,
-// 			users.first_name AS first_name,
-// 			users.last_name AS last_name,
-// 			users.role AS role
-// 		`)
-
-// 	// Apply all filters
-// 	if filt != nil {
-// 		filt.ApplyAll(query)
-// 	}
-
-// 	//  run counter first as query is without limit and offset
-// 	err := query.Count(&total).Error
-// 	if err != nil {
-// 		return find.Found[model.UserInList]{}, err
-// 	}
-
-// 	err = query.
-// 		Order("users.id DESC").
-// 		Limit(p.Limit()).
-// 		Offset(p.Offset()).
-// 		Find(&list).Error
-// 	if err != nil {
-// 		return find.Found[model.UserInList]{}, err
-// 	}
-
-// 	return find.Found[model.UserInList]{
-// 		Items: list,
-// 		Count: uint(total),
-// 	}, nil
-// }

app/repos/localeSelectorRepo/localeSelectorRepo.go

@@ -3,6 +3,7 @@ package localeSelectorRepo
 import (
 	"git.ma-al.com/goc_daniel/b2b/app/db"
 	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/model/dbmodel"
 )
 
 type UILocaleSelectorRepo interface {
@@ -25,7 +26,9 @@ func (r *LocaleSelectorRepo) GetLanguages() ([]model.Language, error) {
 func (r *LocaleSelectorRepo) GetCountriesAndCurrencies() ([]model.Country, error) {
 	var countries []model.Country
 	err := db.Get().
-		Preload("PSCurrency").
+		Select("*").
+		Preload("Currency").
+		Joins("LEFT JOIN " + dbmodel.TableNamePsCountryLang + " AS cl ON cl." + dbmodel.PsCountryLangCols.IDCountry.Col() + " = b2b_countries.ps_id_country AND cl." + dbmodel.PsCountryLangCols.IDLang.Col() + " = 2").
 		Find(&countries).Error
 	return countries, err
 }

app/repos/ordersRepo/ordersRepo.go

@@ -1,19 +1,23 @@
 package ordersRepo
 
 import (
+	"time"
+
 	"git.ma-al.com/goc_daniel/b2b/app/db"
 	"git.ma-al.com/goc_daniel/b2b/app/model"
-	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
+	"git.ma-al.com/goc_daniel/b2b/app/model/enums"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/query/filters"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/query/find"
 )
 
 type UIOrdersRepo interface {
 	UserHasOrder(user_id uint, order_id uint) (bool, error)
+	Get(orderId uint) (*model.CustomerOrder, error)
 	Find(user_id uint, p find.Paging, filt *filters.FiltersList) (*find.Found[model.CustomerOrder], error)
-	PlaceNewOrder(cart *model.CustomerCart, name string, country_id uint, address_info string) error
+	PlaceNewOrder(cart *model.CustomerCart, name string, country_id uint, address_info string, originalUserId uint, base_price float64, tax_incl float64, tax_excl float64) (*model.CustomerOrder, error)
 	ChangeOrderAddress(order_id uint, country_id uint, address_info string) error
-	ChangeOrderStatus(order_id uint, status string) error
+	ChangeOrderStatus(orderId uint, newStatus enums.OrderStatus, userId uint) error
+	GetOrderStatus(orderID uint) (enums.OrderStatus, error)
 }
 
 type OrdersRepo struct{}
@@ -35,6 +39,18 @@ func (repo *OrdersRepo) UserHasOrder(user_id uint, order_id uint) (bool, error)
 	return amt >= 1, err
 }
 
+func (repo *OrdersRepo) Get(orderId uint) (*model.CustomerOrder, error) {
+	var order model.CustomerOrder
+
+	err := db.Get().
+		Model(&model.CustomerOrder{}).
+		Preload("Products").
+		Where("order_id = ?", orderId).
+		First(&order).Error
+
+	return &order, err
+}
+
 func (repo *OrdersRepo) Find(user_id uint, p find.Paging, filt *filters.FiltersList) (*find.Found[model.CustomerOrder], error) {
 	var list []model.CustomerOrder
 	var total int64
@@ -69,13 +85,13 @@ func (repo *OrdersRepo) Find(user_id uint, p find.Paging, filt *filters.FiltersL
 	}, nil
 }
 
-func (repo *OrdersRepo) PlaceNewOrder(cart *model.CustomerCart, name string, country_id uint, address_info string) error {
+func (repo *OrdersRepo) PlaceNewOrder(cart *model.CustomerCart, name string, country_id uint, address_info string, originalUserId uint, base_price float64, tax_incl float64, tax_excl float64) (*model.CustomerOrder, error) {
 	order := model.CustomerOrder{
 		UserID:        cart.UserID,
 		Name:          name,
 		CountryID:     country_id,
 		AddressString: address_info,
-		Status:        constdata.NEW_ORDER_STATUS,
+		Status:        enums.OrderStatusPending,
 		Products:      make([]model.OrderProduct, 0, len(cart.Products)),
 	}
 
@@ -86,8 +102,35 @@ func (repo *OrdersRepo) PlaceNewOrder(cart *model.CustomerCart, name string, cou
 			Amount:             product.Amount,
 		})
 	}
+	order.CreatedAt = time.Now()
+	order.UpdatedAt = time.Now()
+	order.BasePrice = base_price
+	order.TaxIncl = tax_incl
+	order.TaxExcl = tax_excl
+	tx := db.Get().Begin()
+	err := tx.Create(&order).Error
+	if err != nil {
+		tx.Rollback()
+		return nil, err
+	}
+	history := model.OrderStatusHistory{
+		OrderId:   order.OrderID,
+		OldStatus: nil,
+		NewStatus: enums.OrderStatusPending,
+		UserId:    originalUserId,
+	}
 
-	return db.DB.Create(&order).Error
+	err = tx.Create(&history).Error
+	if err != nil {
+		tx.Rollback()
+		return nil, err
+	}
+	err = tx.Commit().Error
+	if err != nil {
+		return nil, err
+	}
+
+	return &order, nil
 }
 
 func (repo *OrdersRepo) ChangeOrderAddress(order_id uint, country_id uint, address_info string) error {
@@ -97,14 +140,53 @@ func (repo *OrdersRepo) ChangeOrderAddress(order_id uint, country_id uint, addre
 		Updates(map[string]interface{}{
 			"country_id":     country_id,
 			"address_string": address_info,
+			"updated_at":     time.Now(),
 		}).
 		Error
 }
 
-func (repo *OrdersRepo) ChangeOrderStatus(order_id uint, status string) error {
+func (repo *OrdersRepo) ChangeOrderStatus(orderID uint, newStatus enums.OrderStatus, userId uint) error {
-	return db.DB.
+	tx := db.Get().Begin()
-		Table("b2b_customer_orders").
+
-		Where("order_id = ?", order_id).
+	var currentStatus enums.OrderStatus
-		Update("status", status).
+	err := tx.Table("b2b_customer_orders").
-		Error
+		Select("status").
+		Where("order_id = ?", orderID).
+		Scan(&currentStatus).Error
+	if err != nil {
+		tx.Rollback()
+		return err
+	}
+
+	err = tx.Table("b2b_customer_orders").
+		Where("order_id = ?", orderID).
+		Update("status", string(newStatus)).Error
+	if err != nil {
+		tx.Rollback()
+		return err
+	}
+
+	history := model.OrderStatusHistory{
+		OrderId:   orderID,
+		OldStatus: &currentStatus,
+		NewStatus: newStatus,
+		UserId:    userId,
+	}
+
+	err = tx.Create(&history).Error
+	if err != nil {
+		tx.Rollback()
+		return err
+	}
+
+	return tx.Commit().Error
+}
+
+func (repo *OrdersRepo) GetOrderStatus(orderID uint) (enums.OrderStatus, error) {
+	var status enums.OrderStatus
+	err := db.DB.Table("b2b_customer_orders").
+		Select("status").
+		Where("order_id = ?", orderID).
+		Scan(&status).Error
+	return status, err
 }

app/repos/productsRepo/productsRepo.go

@@ -18,7 +18,7 @@ type UIProductsRepo interface {
 	// GetJSON(p_id_product, p_id_shop, p_id_lang, p_id_customer, b2b_id_country, p_quantity int) (*json.RawMessage, error)
 	Find(id_lang uint, userID uint, p find.Paging, filt *filters.FiltersList) (*find.Found[model.ProductInList], error)
 	GetProductVariants(langID uint, productID uint, shopID uint, customerID uint, countryID uint, quantity uint) ([]view.ProductAttribute, error)
-	GetBase(p_id_product, p_id_shop, p_id_lang uint) (view.Product, error)
+	GetBase(p_id_product, p_id_shop, p_id_lang, p_id_customer uint) (view.Product, error)
 	GetPrice(p_id_product uint, productAttributeID *uint, p_id_shop uint, p_id_customer uint, p_id_country uint, p_quantity uint) (view.Price, error)
 	GetVariants(p_id_product, p_id_shop, p_id_lang, p_id_customer, p_id_country, p_quantity uint) ([]view.ProductAttribute, error)
 	AddToFavorites(userID uint, productID uint) error
@@ -33,11 +33,11 @@ func New() UIProductsRepo {
 	return &ProductsRepo{}
 }
 
-func (repo *ProductsRepo) GetBase(p_id_product, p_id_shop, p_id_lang uint) (view.Product, error) {
+func (repo *ProductsRepo) GetBase(p_id_product, p_id_shop, p_id_lang, p_id_customer uint) (view.Product, error) {
 	var result view.Product
 
-	err := db.DB.Raw(`CALL get_product_base(?,?,?)`,
+	err := db.DB.Raw(`CALL get_product_base(?,?,?,?)`,
-		p_id_product, p_id_shop, p_id_lang).
+		p_id_product, p_id_shop, p_id_lang, p_id_customer).
 		Scan(&result).Error
 
 	return result, err
@@ -122,6 +122,19 @@ func (repo *ProductsRepo) Find(langID uint, userID uint, p find.Paging, filt *fi
 							Group("product_id"),
 					},
 				},
+				{
+					Name: "oems",
+					Subquery: exclause.Subquery{
+						DB: db.DB.
+							Table("b2b_oems").
+							Select(`
+								product_id AS product_id,
+								COUNT(*) > 0 AS is_customers_oem
+							`).
+							Where("user_id = ?", userID).
+							Group("product_id"),
+					},
+				},
 				{
 					Name: "new_product_days",
 					Subquery: exclause.Subquery{
@@ -150,6 +163,7 @@ func (repo *ProductsRepo) Find(langID uint, userID uint, p find.Paging, filt *fi
 								pl.name AS name,
 								ps.id_category_default AS category_id,
 								p.reference AS reference,
+								p.is_oem AS is_oem,
 								sa.quantity AS quantity,
 								COALESCE(f.is_favorite, 0) AS is_favorite,
 								CASE
@@ -166,7 +180,9 @@ func (repo *ProductsRepo) Find(langID uint, userID uint, p find.Paging, filt *fi
 							Joins("LEFT JOIN favorites f ON f.product_id = ps.id_product").
 							Joins("LEFT JOIN ps_stock_available sa ON sa.id_product = ps.id_product AND sa.id_product_attribute = 0").
 							Joins("LEFT JOIN new_product_days npd ON 1 = 1").
+							Joins("LEFT JOIN oems ON oems.product_id = ps.id_product").
 							Where("ps.active = ?", 1).
+							Where("(p.is_oem = 0 OR oems.is_customers_oem > 0)").
 							Group("ps.id_product"),
 					},
 				},
@@ -182,7 +198,8 @@ func (repo *ProductsRepo) Find(langID uint, userID uint, p find.Paging, filt *fi
 			COALESCE(v.variants_number, 0) AS variants_number,
 			bp.quantity AS quantity,
 			bp.is_favorite AS is_favorite,
-			bp.is_new AS is_new
+			bp.is_new AS is_new,
+			bp.is_oem AS is_oem
 		`, config.Get().Image.ImagePrefix).
 		Joins("JOIN ps_product_lang pl ON pl.id_product = bp.product_id AND pl.id_lang = ?", langID).
 		Joins("JOIN ps_image_shop ims ON ims.id_product = bp.product_id AND ims.cover = 1").

app/repos/routesRepo/routesRepo.go

@@ -7,8 +7,9 @@ import (
 )
 
 type UIRoutesRepo interface {
-	GetRoutes(langId uint) ([]model.Route, error)
+	GetRoutes(langId uint, roleId uint) ([]model.Route, error)
 	GetTopMenu(id uint, roleId uint) ([]model.B2BTopMenu, error)
+	GetCustomerManagementMenu(langId uint) ([]model.B2BCustomerManagementMenu, error)
 }
 
 type RoutesRepo struct{}
@@ -17,13 +18,18 @@ func New() UIRoutesRepo {
 	return &RoutesRepo{}
 }
 
-func (p *RoutesRepo) GetRoutes(langId uint) ([]model.Route, error) {
+func (p *RoutesRepo) GetRoutes(langId uint, roleId uint) ([]model.Route, error) {
 	routes := []model.Route{}
-	err := db.DB.Find(&routes, model.Route{Active: nullable.GetNil(true)}).Error
+
-	if err != nil {
+	err := db.
-		return nil, err
+		Get().
-	}
+		Model(model.Route{}).
-	return routes, nil
+		Joins("JOIN b2b_route_roles rr ON rr.route_id = b2b_routes.id").
+		Where(model.Route{Active: nullable.GetNil(true)}).
+		Where("rr.role_id = ?", roleId).
+		Find(&routes).Error
+
+	return routes, err
 }
 
 func (p *RoutesRepo) GetTopMenu(langId uint, roleId uint) ([]model.B2BTopMenu, error) {
@@ -33,10 +39,23 @@ func (p *RoutesRepo) GetTopMenu(langId uint, roleId uint) ([]model.B2BTopMenu, e
 		Get().
 		Model(model.B2BTopMenu{}).
 		Joins("JOIN b2b_top_menu_roles tmr ON tmr.top_menu_id = b2b_top_menu.menu_id").
-		Where(model.B2BTopMenu{Active: 1}).
+		Where(model.B2BTopMenu{B2BMenu: model.B2BMenu{Active: 1}}).
 		Where("tmr.role_id = ?", roleId).
 		Order("b2b_top_menu.parent_id ASC, b2b_top_menu.position ASC").
 		Find(&menus).Error
 
 	return menus, err
 }
+
+func (p *RoutesRepo) GetCustomerManagementMenu(langId uint) ([]model.B2BCustomerManagementMenu, error) {
+	var menus []model.B2BCustomerManagementMenu
+
+	err := db.
+		Get().
+		Model(model.B2BCustomerManagementMenu{}).
+		Where(model.B2BCustomerManagementMenu{B2BMenu: model.B2BMenu{Active: 1}}).
+		Order("b2b_customer_management_menu.parent_id ASC, b2b_customer_management_menu.position ASC").
+		Find(&menus).Error
+
+	return menus, err
+}

app/service/authService/auth.go

@@ -15,6 +15,7 @@ import (
 	roleRepo "git.ma-al.com/goc_daniel/b2b/app/repos/rolesRepo"
 	"git.ma-al.com/goc_daniel/b2b/app/service/emailService"
 	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
 
 	"github.com/dlclark/regexp2"
@@ -68,22 +69,47 @@ func (s *AuthService) Login(req *model.LoginRequest) (*model.AuthResponse, strin
 	// Find user by email
 	if err := s.db.Preload("Role.Permissions").Where("email = ?", req.Email).First(&user).Error; err != nil {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
+			logger.Info("login failed - invalid credentials",
+				"service", "AuthService.Login",
+				"email", req.Email,
+				"reason", "user not found",
+			)
 			return nil, "", responseErrors.ErrInvalidCredentials
 		}
+		logger.Error("login failed - database error",
+			"service", "AuthService.Login",
+			"email", req.Email,
+			"error", err.Error(),
+		)
 		return nil, "", fmt.Errorf("database error: %w", err)
 	}
 	// Check if user is active
 	if !user.IsActive {
+		logger.Info("login failed - user inactive",
+			"service", "AuthService.Login",
+			"email", req.Email,
+			"reason", "user account is inactive",
+		)
 		return nil, "", responseErrors.ErrUserInactive
 	}
 
 	// Check if email is verified
 	if !user.EmailVerified {
+		logger.Info("login failed - email not verified",
+			"service", "AuthService.Login",
+			"email", req.Email,
+			"reason", "email not verified",
+		)
 		return nil, "", responseErrors.ErrEmailNotVerified
 	}
 
 	// Verify password
 	if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(req.Password)); err != nil {
+		logger.Info("login failed - invalid credentials",
+			"service", "AuthService.Login",
+			"email", req.Email,
+			"reason", "wrong password",
+		)
 		return nil, "", responseErrors.ErrInvalidCredentials
 	}
 
@@ -94,22 +120,38 @@ func (s *AuthService) Login(req *model.LoginRequest) (*model.AuthResponse, strin
 	if req.LangID != nil {
 		_, err := s.GetLangISOCode(*req.LangID)
 		if err != nil {
+			logger.Warn("login failed - invalid language ID",
+				"service", "AuthService.Login",
+				"email", req.Email,
+				"reason", "invalid language ID",
+			)
 			return nil, "", responseErrors.ErrBadLangID
 		}
 		user.LangID = *req.LangID
 	}
 
+	user.Country = nil
 	s.db.Save(&user)
 
 	// Generate access token (JWT)
 	accessToken, err := s.generateAccessToken(&user)
 	if err != nil {
+		logger.Error("login failed - token generation error",
+			"service", "AuthService.Login",
+			"email", req.Email,
+			"error", err.Error(),
+		)
 		return nil, "", fmt.Errorf("failed to generate access token: %w", err)
 	}
 
 	// Generate opaque refresh token and store in DB
 	rawRefreshToken, err := s.createRefreshToken(user.ID)
 	if err != nil {
+		logger.Error("login failed - refresh token creation error",
+			"service", "AuthService.Login",
+			"email", req.Email,
+			"error", err.Error(),
+		)
 		return nil, "", fmt.Errorf("failed to create refresh token: %w", err)
 	}
 
@@ -170,6 +212,11 @@ func (s *AuthService) Register(req *model.RegisterRequest) error {
 	}
 
 	if err := s.db.Create(&user).Error; err != nil {
+		logger.Error("registration failed - database error",
+			"service", "AuthService.Register",
+			"email", req.Email,
+			"error", err.Error(),
+		)
 		return fmt.Errorf("failed to create user: %w", err)
 	}
 
@@ -181,8 +228,11 @@ func (s *AuthService) Register(req *model.RegisterRequest) error {
 	}
 
 	if err := s.email.SendVerificationEmail(user.Email, user.EmailVerificationToken, baseURL, lang); err != nil {
-		// Log error but don't fail registration - user can request resend
+		logger.Warn("failed to send verification email",
-		_ = err
+			"service", "AuthService.Register",
+			"email", req.Email,
+			"error", err.Error(),
+		)
 	}
 
 	return nil
@@ -210,6 +260,7 @@ func (s *AuthService) CompleteRegistration(req *model.CompleteRegistrationReques
 	user.EmailVerificationToken = ""
 	user.EmailVerificationExpires = nil
 
+	user.Country = nil
 	if err := s.db.Save(&user).Error; err != nil {
 		return nil, "", fmt.Errorf("failed to update user: %w", err)
 	}
@@ -278,6 +329,7 @@ func (s *AuthService) RequestPasswordReset(emailAddr string) error {
 	user.PasswordResetToken = token
 	user.PasswordResetExpires = &expiresAt
 	user.LastPasswordResetRequest = &now
+	user.Country = nil
 	if err := s.db.Save(&user).Error; err != nil {
 		return fmt.Errorf("failed to save reset token: %w", err)
 	}
@@ -304,6 +356,10 @@ func (s *AuthService) ResetPassword(token, newPassword string) error {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return responseErrors.ErrInvalidResetToken
 		}
+		logger.Error("password reset failed - database error",
+			"service", "AuthService.ResetPassword",
+			"error", err.Error(),
+		)
 		return fmt.Errorf("database error: %w", err)
 	}
 
@@ -328,7 +384,12 @@ func (s *AuthService) ResetPassword(token, newPassword string) error {
 	user.PasswordResetToken = ""
 	user.PasswordResetExpires = nil
 
+	user.Country = nil
 	if err := s.db.Save(&user).Error; err != nil {
+		logger.Error("password reset failed - database error",
+			"service", "AuthService.ResetPassword",
+			"error", err.Error(),
+		)
 		return fmt.Errorf("failed to update password: %w", err)
 	}
 
@@ -539,6 +600,7 @@ func (s *AuthService) UpdateJWTToken(user *model.Customer) (string, error) {
 	}
 
 	// Save the updated user
+	user.Country = nil
 	if err := s.db.Save(user).Error; err != nil {
 		return "", fmt.Errorf("database error: %w", err)
 	}

app/service/authService/google_oauth.go

@@ -8,10 +8,12 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"strings"
 	"time"
 
 	"git.ma-al.com/goc_daniel/b2b/app/config"
 	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
 	"git.ma-al.com/goc_daniel/b2b/app/view"
 	"golang.org/x/oauth2"
@@ -77,12 +79,20 @@ func (s *AuthService) HandleGoogleCallback(code string) (*model.AuthResponse, st
 	// Find or create user
 	user, err := s.findOrCreateGoogleUser(userInfo)
 	if err != nil {
+		if strings.Contains(err.Error(), "database") {
+			logger.Error("google oauth callback failed - database error",
+				"service", "AuthService.HandleGoogleCallback",
+				"email", userInfo.Email,
+				"error", err.Error(),
+			)
+		}
 		return nil, "", err
 	}
 
 	// Update last login
 	now := time.Now()
 	user.LastLoginAt = &now
+	user.Country = nil
 	s.db.Save(user)
 
 	// Generate access token (JWT)

app/service/cartsService/cartsService.go

@@ -4,6 +4,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/repos/cartsRepo"
 	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
 )
 
@@ -17,7 +18,7 @@ func New() *CartsService {
 	}
 }
 
-func (s *CartsService) CreateNewCart(user_id uint) (model.CustomerCart, error) {
+func (s *CartsService) CreateNewCart(user_id uint, name string) (model.CustomerCart, error) {
 	var cart model.CustomerCart
 
 	customers_carts_amount, err := s.repo.CartsAmount(user_id)
@@ -28,8 +29,21 @@ func (s *CartsService) CreateNewCart(user_id uint) (model.CustomerCart, error) {
 		return cart, responseErrors.ErrMaxAmtOfCartsReached
 	}
 
+	if name == "" {
+		name = constdata.DEFAULT_NEW_CART_NAME
+	}
+
 	// create new cart for customer
-	cart, err = s.repo.CreateNewCart(user_id)
+	cart, err = s.repo.CreateNewCart(user_id, name)
+	if err != nil {
+		return cart, err
+	}
+
+	logger.Info("cart created",
+		"service", "cartsService",
+		"user_id", user_id,
+		"cart_id", cart.CartID,
+	)
 
 	return cart, nil
 }
@@ -74,7 +88,7 @@ func (s *CartsService) RetrieveCart(user_id uint, cart_id uint) (*model.Customer
 	return s.repo.RetrieveCart(user_id, cart_id)
 }
 
-func (s *CartsService) AddProduct(user_id uint, cart_id uint, product_id uint, product_attribute_id *uint, amount uint) error {
+func (s *CartsService) AddProduct(user_id uint, cart_id uint, product_id uint, product_attribute_id *uint, amount int, set_amount bool) error {
 	exists, err := s.repo.UserHasCart(user_id, cart_id)
 	if err != nil {
 		return err
@@ -91,5 +105,17 @@ func (s *CartsService) AddProduct(user_id uint, cart_id uint, product_id uint, p
 		return responseErrors.ErrProductOrItsVariationDoesNotExist
 	}
 
-	return s.repo.AddProduct(user_id, cart_id, product_id, product_attribute_id, amount)
+	return s.repo.AddProduct(cart_id, product_id, product_attribute_id, uint(amount), set_amount)
+}
+
+func (s *CartsService) RemoveProduct(user_id uint, cart_id uint, product_id uint, product_attribute_id *uint) error {
+	exists, err := s.repo.UserHasCart(user_id, cart_id)
+	if err != nil {
+		return err
+	}
+	if !exists {
+		return responseErrors.ErrUserHasNoSuchCart
+	}
+
+	return s.repo.RemoveProduct(cart_id, product_id, product_attribute_id)
 }

app/service/customerService/customerService.go

@@ -24,3 +24,7 @@ func (s *CustomerService) GetById(id uint) (*model.Customer, error) {
 func (s *CustomerService) Find(langId uint, p find.Paging, filt *filters.FiltersList, search string) (*find.Found[model.UserInList], error) {
 	return s.repo.Find(langId, p, filt, search)
 }
+
+func (s *CustomerService) SetCustomerNoVatStatus(customerID uint, isNoVat bool) error {
+	return s.repo.SetCustomerNoVatStatus(customerID, isNoVat)
+}

app/service/emailService/email.go

@@ -12,6 +12,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/templ/emails"
 	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/view"
 )
 
@@ -44,6 +45,11 @@ func getLangID(isoCode string) uint {
 // SendEmail sends an email to the specified recipient
 func (s *EmailService) SendEmail(to, subject, body string) error {
 	if !s.config.Enabled {
+		logger.Debug("email service is disabled",
+			"service", "EmailService.SendEmail",
+			"to", to,
+			"subject", subject,
+		)
 		return fmt.Errorf("email service is disabled")
 	}
 
@@ -69,6 +75,12 @@ func (s *EmailService) SendEmail(to, subject, body string) error {
 	// Send email
 	addr := fmt.Sprintf("%s:%d", s.config.SMTPHost, s.config.SMTPPort)
 	if err := smtp.SendMail(addr, auth, s.config.FromEmail, []string{to}, []byte(msg.String())); err != nil {
+		logger.Error("failed to send email",
+			"service", "EmailService.SendEmail",
+			"to", to,
+			"subject", subject,
+			"error", err.Error(),
+		)
 		return fmt.Errorf("failed to send email: %w", err)
 	}
 
@@ -120,9 +132,12 @@ func (s *EmailService) SendNewUserAdminNotification(userEmail, userName, baseURL
 // SendNewOrderPlacedNotification sends an email to admin when new order is placed
 func (s *EmailService) SendNewOrderPlacedNotification(userID uint) error {
 	if s.config.AdminEmail == "" {
-		return nil // No admin email configured
+		logger.Warn("no admin email setup in the config",
+			"service", "EmailService.SendNewOrderPlacedNotification",
+			"user_id", userID,
+		)
+		return nil
 	}
-
 	subject := "New Order Created"
 	body := s.newOrderPlacedTemplate(userID)
 

app/service/menuService/menuService.go

@@ -10,6 +10,7 @@ import (
 	routesRepo "git.ma-al.com/goc_daniel/b2b/app/repos/routesRepo"
 	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
 )
 
@@ -102,8 +103,8 @@ func (s *MenuService) createTree(index int, all_categories *([]model.ScannedCate
 	return node, true
 }
 
-func (s *MenuService) GetRoutes(id_lang uint) ([]model.Route, error) {
+func (s *MenuService) GetRoutes(id_lang, roleId uint) ([]model.Route, error) {
-	return s.routesRepo.GetRoutes(id_lang)
+	return s.routesRepo.GetRoutes(id_lang, roleId)
 }
 
 func (s *MenuService) scannedToNormalCategory(scanned model.ScannedCategory) model.Category {
@@ -193,18 +194,52 @@ func (s *MenuService) GetBreadcrumb(root_category_id uint, start_category_id uin
 	return breadcrumb, nil
 }
 
-func (s *MenuService) GetTopMenu(languageId uint, roleId uint) ([]*model.B2BTopMenu, error) {
+func (s *MenuService) GetTopMenu(languageId uint, roleId uint) ([]*model.B2BMenu, error) {
 	items, err := s.routesRepo.GetTopMenu(languageId, roleId)
 	if err != nil {
+		logger.Error("failed to get top menu",
+			"handler", "ManuService.GetTopMenu",
+			"language_id", languageId,
+			"role_id", roleId,
+			"error", err.Error(),
+		)
 		return nil, err
 	}
 
-	menuMap := make(map[int]*model.B2BTopMenu, len(items))
+	menus := make([]model.B2BMenu, len(items))
-	roots := make([]*model.B2BTopMenu, 0)
+	for i := range items {
+		menus[i] = items[i].B2BMenu
+	}
+
+	return buildMenu(menus), nil
+}
+
+func (s *MenuService) GetCustomerManagementMenu(languageId uint) ([]*model.B2BMenu, error) {
+	items, err := s.routesRepo.GetCustomerManagementMenu(languageId)
+	if err != nil {
+		logger.Error("failed to get customer management menu",
+			"handler", "ManuService.GetCustomerManagementMenu",
+			"language_id", languageId,
+			"error", err.Error(),
+		)
+		return nil, err
+	}
+
+	menus := make([]model.B2BMenu, len(items))
+	for i := range items {
+		menus[i] = items[i].B2BMenu
+	}
+
+	return buildMenu(menus), nil
+}
+
+func buildMenu(items []model.B2BMenu) []*model.B2BMenu {
+	menuMap := make(map[int]*model.B2BMenu, len(items))
+	roots := make([]*model.B2BMenu, 0)
 
 	for i := range items {
 		menu := &items[i]
-		menu.Children = make([]*model.B2BTopMenu, 0)
+		menu.Children = make([]*model.B2BMenu, 0)
 		menuMap[menu.MenuID] = menu
 	}
 
@@ -226,26 +261,59 @@ func (s *MenuService) GetTopMenu(languageId uint, roleId uint) ([]*model.B2BTopM
 		parent.Children = append(parent.Children, menu)
 	}
 
-	return roots, nil
+	return roots
 }
 
 func (s *MenuService) appendAdditional(all_categories *[]model.ScannedCategory, id_lang uint, iso_code string) {
 	for i := 0; i < len(*all_categories); i++ {
-		(*all_categories)[i].Filter = "category_id_in=" + strconv.Itoa(int((*all_categories)[i].CategoryID))
+		(*all_categories)[i].Filter = "category_id_eq=" + strconv.Itoa(int((*all_categories)[i].CategoryID))
 	}
 
-	var additional model.ScannedCategory
+	// the new products category
-	additional.CategoryID = 10001
+	var new_products_category model.ScannedCategory
-	additional.Name = "New Products"
+	new_products_category.CategoryID = constdata.ADDITIONAL_CATEGORIES_INDEX + 1
-	additional.Active = 1
+	new_products_category.Name = "New Products"
-	additional.Position = 10
+	new_products_category.Active = 1
-	additional.ParentID = 2
+	new_products_category.Position = 10
-	additional.IsRoot = 0
+	new_products_category.ParentID = 2
-	additional.LinkRewrite = i18n.T___(id_lang, "category.new_products")
+	new_products_category.IsRoot = 0
-	additional.IsoCode = iso_code
+	new_products_category.LinkRewrite = i18n.T___(id_lang, "category.new_products")
+	new_products_category.IsoCode = iso_code
 
-	additional.Visited = false
+	new_products_category.Visited = false
-	additional.Filter = "is_new_in=true"
+	new_products_category.Filter = "is_new_eq=true"
 
-	*all_categories = append(*all_categories, additional)
+	*all_categories = append(*all_categories, new_products_category)
+
+	// the oem products category
+	var oem_products_category model.ScannedCategory
+	oem_products_category.CategoryID = constdata.ADDITIONAL_CATEGORIES_INDEX + 2
+	oem_products_category.Name = "OEM Products"
+	oem_products_category.Active = 1
+	oem_products_category.Position = 11
+	oem_products_category.ParentID = 2
+	oem_products_category.IsRoot = 0
+	oem_products_category.LinkRewrite = i18n.T___(id_lang, "category.oem_products")
+	oem_products_category.IsoCode = iso_code
+
+	oem_products_category.Visited = false
+	oem_products_category.Filter = "is_oem_eq=true"
+
+	*all_categories = append(*all_categories, oem_products_category)
+
+	// the favorite products category
+	var favorite_products_category model.ScannedCategory
+	favorite_products_category.CategoryID = constdata.ADDITIONAL_CATEGORIES_INDEX + 3
+	favorite_products_category.Name = "Favourite Products" // British English version.
+	favorite_products_category.Active = 1
+	favorite_products_category.Position = 12
+	favorite_products_category.ParentID = 2
+	favorite_products_category.IsRoot = 0
+	favorite_products_category.LinkRewrite = i18n.T___(id_lang, "category.favorite_products")
+	favorite_products_category.IsoCode = iso_code
+
+	favorite_products_category.Visited = false
+	favorite_products_category.Filter = "is_favorite_eq=true"
+
+	*all_categories = append(*all_categories, favorite_products_category)
 }

app/service/orderService/orderService.go

@@ -1,15 +1,19 @@
 package orderService
 
 import (
-	"fmt"
 	"strconv"
 
+	"git.ma-al.com/goc_daniel/b2b/app/actions/orderStatusActions"
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
 	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/model/enums"
 	"git.ma-al.com/goc_daniel/b2b/app/repos/cartsRepo"
 	"git.ma-al.com/goc_daniel/b2b/app/repos/ordersRepo"
+	"git.ma-al.com/goc_daniel/b2b/app/repos/productsRepo"
 	"git.ma-al.com/goc_daniel/b2b/app/service/addressesService"
 	"git.ma-al.com/goc_daniel/b2b/app/service/emailService"
+	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/logger"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/query/filters"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/query/find"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -18,19 +22,36 @@ import (
 type OrderService struct {
 	ordersRepo       ordersRepo.UIOrdersRepo
 	cartsRepo        cartsRepo.UICartsRepo
+	productsRepo     productsRepo.UIProductsRepo
 	addressesService *addressesService.AddressesService
 	emailService     *emailService.EmailService
+	actionRegistry   *orderStatusActions.ActionRegistry
 }
 
 func New() *OrderService {
 	return &OrderService{
 		ordersRepo:       ordersRepo.New(),
 		cartsRepo:        cartsRepo.New(),
+		productsRepo:     productsRepo.New(),
 		addressesService: addressesService.New(),
 		emailService:     emailService.NewEmailService(),
+		actionRegistry:   &orderStatusActions.GlobalRegistry,
 	}
 }
 
+var ValidStatuses = map[enums.OrderStatus]bool{
+	enums.OrderStatusPending:        true,
+	enums.OrderStatusConfirmed:      true,
+	enums.OrderStatusProcessing:     true,
+	enums.OrderStatusShipped:        true,
+	enums.OrderStatusOutForDelivery: true,
+	enums.OrderStatusDelivered:      true,
+	enums.OrderStatusCancelled:      true,
+	enums.OrderStatusReturned:       true,
+	enums.OrderStatusRefunded:       true,
+	enums.OrderStatusFailed:         true,
+}
+
 func (s *OrderService) Find(user *model.Customer, p find.Paging, filt *filters.FiltersList) (*find.Found[model.CustomerOrder], error) {
 	if !user.HasPermission(perms.OrdersViewAll) {
 		// append filter to view only this user's orders
@@ -45,9 +66,12 @@ func (s *OrderService) Find(user *model.Customer, p find.Paging, filt *filters.F
 
 	for i := 0; i < len(list.Items); i++ {
 		address_unparsed, err := s.addressesService.ValidateAddressJson(list.Items[i].AddressString, list.Items[i].CountryID)
-		// log such errors
 		if err != nil {
-			fmt.Printf("err: %v\n", err)
+			logger.Warn("failed to validate address",
+				"service", "orderService",
+				"order_id", list.Items[i].OrderID,
+				"error", err.Error(),
+			)
 		}
 
 		list.Items[i].AddressUnparsed = &address_unparsed
@@ -56,7 +80,7 @@ func (s *OrderService) Find(user *model.Customer, p find.Paging, filt *filters.F
 	return list, nil
 }
 
-func (s *OrderService) PlaceNewOrder(user_id uint, cart_id uint, name string, country_id uint, address_info string) error {
+func (s *OrderService) PlaceNewOrder(user_id uint, cart_id uint, name string, country_id uint, address_info string, originalUserId uint) error {
 	_, err := s.addressesService.ValidateAddressJson(address_info, country_id)
 	if err != nil {
 		return err
@@ -82,8 +106,10 @@ func (s *OrderService) PlaceNewOrder(user_id uint, cart_id uint, name string, co
 		name = *cart.Name
 	}
 
+	base_price, tax_incl, tax_excl, err := s.getOrderTotalPrice(user_id, cart_id, country_id)
+
 	// all checks passed
-	err = s.ordersRepo.PlaceNewOrder(cart, name, country_id, address_info)
+	order, err := s.ordersRepo.PlaceNewOrder(cart, name, country_id, address_info, originalUserId, base_price, tax_incl, tax_excl)
 	if err != nil {
 		return err
 	}
@@ -92,20 +118,16 @@ func (s *OrderService) PlaceNewOrder(user_id uint, cart_id uint, name string, co
 	// if no error is returned, remove the cart. This should be smooth
 	err = s.cartsRepo.RemoveCart(user_id, cart_id)
 	if err != nil {
-		// Log error but don't fail placing order
+		logger.Warn("failed to remove cart after order placement",
-		_ = err
+			"service", "orderService",
+			"user_id", user_id,
+			"cart_id", cart_id,
+			"error", err.Error(),
+		)
 	}
 
-	// send email to admin
+	return s.ChangeOrderStatus(user_id, order.OrderID, enums.OrderStatusPending)
-	go func(user_id uint) {
-		err := s.emailService.SendNewOrderPlacedNotification(user_id)
-		if err != nil {
-			// Log error but don't fail placing order
-			_ = err
-		}
-	}(user_id)
 
-	return nil
 }
 
 func (s *OrderService) ChangeOrderAddress(user *model.Customer, order_id uint, country_id uint, address_info string) error {
@@ -128,18 +150,57 @@ func (s *OrderService) ChangeOrderAddress(user *model.Customer, order_id uint, c
 	return s.ordersRepo.ChangeOrderAddress(order_id, country_id, address_info)
 }
 
-// This is obiously just an initial version of this function
+func (s *OrderService) ChangeOrderStatus(userId, orderId uint, newStatus enums.OrderStatus) error {
-func (s *OrderService) ChangeOrderStatus(user *model.Customer, order_id uint, status string) error {
+	order, err := s.ordersRepo.Get(orderId)
-	if !user.HasPermission(perms.OrdersModifyAll) {
+	if err != nil {
-		exists, err := s.ordersRepo.UserHasOrder(user.ID, order_id)
+		return err
-		if err != nil {
+	}
-			return err
+	if order == nil {
-		}
+		return responseErrors.ErrOrderNotFound
-
-		if !exists {
-			return responseErrors.ErrUserHasNoSuchOrder
-		}
 	}
 
-	return s.ordersRepo.ChangeOrderStatus(order_id, status)
+	if !ValidStatuses[newStatus] {
+		return responseErrors.ErrInvalidStatus
+	}
+
+	err = s.ordersRepo.ChangeOrderStatus(order.OrderID, newStatus, userId)
+	if err != nil {
+		return err
+	}
+
+	actionCtx := orderStatusActions.ActionContext{
+		Order:        order,
+		UserId:       &userId,
+		EmailService: s.emailService,
+	}
+
+	go func() {
+		_ = s.actionRegistry.ExecuteForStatus(newStatus, actionCtx)
+	}()
+
+	return nil
+}
+
+func (s *OrderService) getOrderTotalPrice(user_id uint, cart_id uint, country_id uint) (float64, float64, float64, error) {
+	cart, err := s.cartsRepo.RetrieveCart(user_id, cart_id)
+	if err != nil {
+		return 0.0, 0.0, 0.0, err
+	}
+
+	base_price := 0.0
+	tax_incl := 0.0
+	tax_excl := 0.0
+
+	for _, product := range cart.Products {
+		prices, err := s.productsRepo.GetPrice(product.ProductID, product.ProductAttributeID, constdata.SHOP_ID, user_id, country_id, product.Amount)
+		if err != nil {
+			return 0.0, 0.0, 0.0, err
+		}
+
+		base_price += prices.Base
+		tax_incl += prices.FinalTaxIncl
+		tax_excl += prices.FinalTaxExcl
+	}
+
+	return base_price, tax_incl, tax_excl, nil
 }

app/service/productService/productService.go

@@ -27,7 +27,7 @@ func (s *ProductService) Get(
 	p_id_product, p_id_lang, p_id_customer, b2b_id_country, p_quantity uint,
 ) (*json.RawMessage, error) {
 
-	product, err := s.productsRepo.GetBase(p_id_product, constdata.SHOP_ID, p_id_lang)
+	product, err := s.productsRepo.GetBase(p_id_product, constdata.SHOP_ID, p_id_lang, p_id_customer)
 	if err != nil {
 		return nil, err
 	}

app/utils/const_data/consts.go

@@ -9,12 +9,14 @@ const ADMIN_NOTIFICATION_LANGUAGE = 2
 
 // CATEGORY_TREE_ROOT_ID corresponds to id_category in ps_category which has is_root_category=1
 const CATEGORY_TREE_ROOT_ID = 2
+const ADDITIONAL_CATEGORIES_INDEX = 10000
 
 // since arrays can not be const
 var CATEGORY_BLACKLIST = []uint{250}
 
 const MAX_AMOUNT_OF_CARTS_PER_USER = 10
 const DEFAULT_NEW_CART_NAME = "new cart"
+const MAX_AMOUNT_OF_PRODUCT_IN_CART = 1024
 
 const MAX_AMOUNT_OF_ADDRESSES_PER_USER = 10
 
@@ -32,3 +34,5 @@ const WEBDAV_TRIMMED_ROOT = "localhost:3000/api/v1/webdav/storage"
 const NON_ALNUM_REGEX = `[^a-z0-9]+`
 const MULTI_DASH_REGEX = `-+`
 const SLUG_REGEX = `^[a-z0-9]+(?:-[a-z0-9]+)*$`
+
+const UNLOGGED_USER_ROLE_ID = 4

app/utils/localeExtractor/localeExtractor.go

@@ -14,6 +14,14 @@ func GetLangID(c fiber.Ctx) (uint, bool) {
 	return user_locale.OriginalUser.LangID, true
 }
 
+func GetOriginalUserID(c fiber.Ctx) (uint, bool) {
+	user_locale, ok := c.Locals(constdata.USER_LOCALE).(*model.UserLocale)
+	if !ok || user_locale.OriginalUser == nil {
+		return 0, false
+	}
+	return user_locale.OriginalUser.ID, true
+}
+
 func GetUserID(c fiber.Ctx) (uint, bool) {
 	user_locale, ok := c.Locals(constdata.USER_LOCALE).(*model.UserLocale)
 	if !ok || user_locale.User == nil {

app/utils/logger/logger.go

@@ -0,0 +1,151 @@
+package logger
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"log/slog"
+	"os"
+	"strings"
+)
+
+var L *slog.Logger
+
+const (
+	reset  = "\033[0m"
+	red    = "\033[31m"
+	yellow = "\033[33m"
+	green  = "\033[32m"
+	blue   = "\033[36m"
+	gray   = "\033[90m"
+)
+
+type consoleHandler struct {
+	w        io.Writer
+	colorize bool
+}
+
+func (h *consoleHandler) Enabled(ctx context.Context, level slog.Level) bool {
+	return true
+}
+
+func (h *consoleHandler) Handle(ctx context.Context, r slog.Record) error {
+	level := r.Level.String()
+	color := reset
+
+	switch r.Level {
+	case slog.LevelError:
+		color = red
+	case slog.LevelWarn:
+		color = yellow
+	case slog.LevelInfo:
+		color = blue
+	case slog.LevelDebug:
+		color = gray
+	}
+
+	var msg string
+	if h.colorize {
+		msg = fmt.Sprintf("%s%s%s %s%s%s %s%s%s",
+			reset, r.Time.Format("15:04:05"), reset,
+			color, level, reset,
+			reset, r.Message, reset)
+	} else {
+		msg = fmt.Sprintf("%s %s %s", r.Time.Format("15:04:05"), level, r.Message)
+	}
+
+	var pairs []string
+	r.Attrs(func(attr slog.Attr) bool {
+		if h.colorize {
+			pairs = append(pairs, fmt.Sprintf("%s%s=%s%v%s", green, attr.Key, reset, attr.Value, reset))
+		} else {
+			pairs = append(pairs, fmt.Sprintf("%s=%v", attr.Key, attr.Value))
+		}
+		return true
+	})
+
+	if len(pairs) > 0 {
+		msg += " " + strings.Join(pairs, " ")
+	}
+
+	fmt.Fprintln(h.w, msg)
+	return nil
+}
+
+func (h *consoleHandler) WithAttrs(attrs []slog.Attr) slog.Handler {
+	return &consoleHandler{w: h.w, colorize: h.colorize}
+}
+
+func (h *consoleHandler) WithGroup(name string) slog.Handler {
+	return &consoleHandler{w: h.w, colorize: h.colorize}
+}
+
+func Init(service string, output io.Writer, level string, colorize bool) {
+	if output == nil {
+		output = os.Stderr
+	}
+
+	var lvl slog.Level
+	switch level {
+	case "debug":
+		lvl = slog.LevelDebug
+	case "warn":
+		lvl = slog.LevelWarn
+	case "error":
+		lvl = slog.LevelError
+	default:
+		lvl = slog.LevelInfo
+	}
+
+	if colorize {
+		L = slog.New(&consoleHandler{w: output, colorize: true}).With("service", service, "level", lvl.String())
+	} else {
+		L = slog.New(slog.NewJSONHandler(output, &slog.HandlerOptions{
+			Level:     lvl,
+			AddSource: false,
+			ReplaceAttr: func(groups []string, a slog.Attr) slog.Attr {
+				if a.Key == slog.TimeKey && groups == nil {
+					a.Key = "timestamp"
+				}
+				if a.Key == slog.LevelKey {
+					a.Key = "level"
+				}
+				if a.Key == slog.MessageKey {
+					a.Key = "message"
+				}
+				return a
+			},
+		})).With("service", service)
+	}
+}
+
+func Info(msg string, args ...any) {
+	if L != nil {
+		L.Info(msg, args...)
+	}
+}
+
+func Warn(msg string, args ...any) {
+	if L != nil {
+		L.Warn(msg, args...)
+	}
+}
+
+func Error(msg string, args ...any) {
+	if L != nil {
+		L.Error(msg, args...)
+	}
+}
+
+func Debug(msg string, args ...any) {
+	if L != nil {
+		L.Debug(msg, args...)
+	}
+}
+
+func With(args ...any) *slog.Logger {
+	if L == nil {
+		return nil
+	}
+	return L.With(args...)
+}

app/utils/responseErrors/responseErrors.go

@@ -65,10 +65,14 @@ var (
 	ErrMaxAmtOfCartsReached              = errors.New("maximal amount of carts reached")
 	ErrUserHasNoSuchCart                 = errors.New("user does not have cart with given id")
 	ErrProductOrItsVariationDoesNotExist = errors.New("product or its variation with given ids does not exist")
+	ErrAmountMustBePositive              = errors.New("amount must be positive")
+	ErrAmountMustBeReasonable            = errors.New("amount must be reasonable")
 
 	// Typed errors for orders handler
 	ErrEmptyCart          = errors.New("the cart is empty")
 	ErrUserHasNoSuchOrder = errors.New("user does not have order with given id")
+	ErrInvalidStatus      = errors.New("invalid order status")
+	ErrOrderNotFound      = errors.New("order not found")
 
 	// Typed errors for price reduction handler
 	ErrInvalidReductionType  = errors.New("invalid reduction type: must be 'amount' or 'percentage'")
@@ -205,6 +209,10 @@ func GetErrorCode(c fiber.Ctx, err error) string {
 		return i18n.T_(c, "error.err_user_has_no_such_cart")
 	case errors.Is(err, ErrProductOrItsVariationDoesNotExist):
 		return i18n.T_(c, "error.err_product_or_its_variation_does_not_exist")
+	case errors.Is(err, ErrAmountMustBePositive):
+		return i18n.T_(c, "error.err_amount_must_be_positive")
+	case errors.Is(err, ErrAmountMustBeReasonable):
+		return i18n.T_(c, "error.err_amount_must_be_reasonable")
 
 	case errors.Is(err, ErrEmptyCart):
 		return i18n.T_(c, "error.err_cart_is_empty")
@@ -292,6 +300,8 @@ func GetErrorStatus(err error) int {
 		errors.Is(err, ErrMaxAmtOfCartsReached),
 		errors.Is(err, ErrUserHasNoSuchCart),
 		errors.Is(err, ErrProductOrItsVariationDoesNotExist),
+		errors.Is(err, ErrAmountMustBePositive),
+		errors.Is(err, ErrAmountMustBeReasonable),
 		errors.Is(err, ErrEmptyCart),
 		errors.Is(err, ErrUserHasNoSuchOrder),
 		errors.Is(err, ErrInvalidReductionType),
@@ -306,7 +316,8 @@ func GetErrorStatus(err error) int {
 		errors.Is(err, ErrMaxAmtOfAddressesReached),
 		errors.Is(err, ErrUserHasNoSuchAddress),
 		errors.Is(err, ErrInvalidCountryID),
-		errors.Is(err, ErrInvalidAddressJSON):
+		errors.Is(err, ErrInvalidAddressJSON),
+		errors.Is(err, ErrInvalidStatus):
 		return fiber.StatusBadRequest
 	case errors.Is(err, ErrSpecificPriceNotFound):
 		return fiber.StatusNotFound

app/view/product.go

@@ -95,4 +95,6 @@ type Product struct {
 	Category     string `gorm:"column:category" json:"category"`
 
 	IsFavorite bool `gorm:"column:is_favorite" json:"is_favorite"`
+	IsOEM      bool `gorm:"column:is_oem" json:"is_oem"`
+	IsNew      bool `gorm:"column:is_new" json:"is_new"`
 }

bruno/api_v1/Delete Index - MeiliSearch.yml

@@ -1,7 +1,7 @@
 info:
   name: Delete Index - MeiliSearch
   type: http
-  seq: 7
+  seq: 8
 
 http:
   method: DELETE

bruno/api_v1/cart/Add new cart.yml

@@ -0,0 +1,19 @@
+info:
+  name: Add new cart
+  type: http
+  seq: 1
+
+http:
+  method: POST
+  url: "{{bas_url}}/restricted/carts/add-new-cart?name=TestCart"
+  params:
+    - name: name
+      value: TestCart
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/cart/Add product to cart.yml

@@ -0,0 +1,31 @@
+info:
+  name: Add product to cart
+  type: http
+  seq: 6
+
+http:
+  method: POST
+  url: "{{bas_url}}/restricted/carts/add-product-to-cart?cart_id=1&product_id=51&product_attribute_id=1115&amount=1&set_amount=true"
+  params:
+    - name: cart_id
+      value: "1"
+      type: query
+    - name: product_id
+      value: "51"
+      type: query
+    - name: product_attribute_id
+      value: "1115"
+      type: query
+    - name: amount
+      value: "1"
+      type: query
+    - name: set_amount
+      value: "true"
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/cart/Change cart name.yml

@@ -0,0 +1,22 @@
+info:
+  name: Change cart name
+  type: http
+  seq: 3
+
+http:
+  method: PATCH
+  url: "{{bas_url}}/restricted/carts/change-cart-name?cart_id=1&new_name=UpdatedCart"
+  params:
+    - name: cart_id
+      value: "1"
+      type: query
+    - name: new_name
+      value: UpdatedCart
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/cart/Remove cart.yml

@@ -0,0 +1,19 @@
+info:
+  name: Remove cart
+  type: http
+  seq: 2
+
+http:
+  method: DELETE
+  url: "{{bas_url}}/restricted/carts/remove-cart?cart_id=1"
+  params:
+    - name: cart_id
+      value: "1"
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/cart/Remove product from cart.yml

@@ -0,0 +1,25 @@
+info:
+  name: Remove product from cart
+  type: http
+  seq: 7
+
+http:
+  method: DELETE
+  url: "{{bas_url}}/restricted/carts/remove-product-from-cart?cart_id=1&product_id=51&product_attribute_id=1115"
+  params:
+    - name: cart_id
+      value: "1"
+      type: query
+    - name: product_id
+      value: "51"
+      type: query
+    - name: product_attribute_id
+      value: "1115"
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/cart/Retrieve cart.yml

@@ -0,0 +1,19 @@
+info:
+  name: Retrieve cart
+  type: http
+  seq: 5
+
+http:
+  method: GET
+  url: "{{bas_url}}/restricted/carts/retrieve-cart?cart_id=1"
+  params:
+    - name: cart_id
+      value: "1"
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/cart/Retrieve carts info.yml

@@ -0,0 +1,15 @@
+info:
+  name: Retrieve carts info
+  type: http
+  seq: 4
+
+http:
+  method: GET
+  url: "{{bas_url}}/restricted/carts/retrieve-carts-info"
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/cart/folder.yml

@@ -1,7 +1,7 @@
 info:
-  name: list
+  name: cart
   type: folder
-  seq: 3
+  seq: 7
 
 request:
   auth: inherit

bruno/api_v1/currency/folder.yml

@@ -1,7 +1,7 @@
 info:
   name: currency
   type: folder
-  seq: 9
+  seq: 10
 
 request:
   auth: inherit

bruno/api_v1/customer/Set is_no_vat.yml

@@ -0,0 +1,22 @@
+info:
+  name: Set is_no_vat
+  type: http
+  seq: 4
+
+http:
+  method: PATCH
+  url: "{{bas_url}}/restricted/customer/no-vat"
+  body:
+    type: json
+    data: |-
+      {
+        "customer_id":1,
+        "is_no_vat": false
+      }
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/customer/folder.yml

@@ -1,7 +1,7 @@
 info:
   name: customer
   type: folder
-  seq: 10
+  seq: 11
 
 request:
   auth: inherit

bruno/api_v1/menu/Breadcrumb.yml

@@ -0,0 +1,22 @@
+info:
+  name: Breadcrumb
+  type: http
+  seq: 1
+
+http:
+  method: GET
+  url: http://localhost:3000/api/v1/restricted/menu/get-breadcrumb?root_category_id=2&category_id=13
+  params:
+    - name: root_category_id
+      value: "2"
+      type: query
+    - name: category_id
+      value: "13"
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/menu/Category tree.yml

@@ -0,0 +1,19 @@
+info:
+  name: Category tree
+  type: http
+  seq: 2
+
+http:
+  method: GET
+  url: http://localhost:3000/api/v1/restricted/menu/get-category-tree?root_category_id=2
+  params:
+    - name: root_category_id
+      value: "2"
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/menu/Top Customer Management Menu.yml

@@ -0,0 +1,15 @@
+info:
+  name: Top Customer Management Menu
+  type: http
+  seq: 4
+
+http:
+  method: GET
+  url: "{{bas_url}}/restricted/menu/get-customer-management-menu"
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/menu/Top Menu.yml

@@ -0,0 +1,15 @@
+info:
+  name: Top Menu
+  type: http
+  seq: 3
+
+http:
+  method: GET
+  url: "{{bas_url}}/restricted/menu/get-top-menu"
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/menu/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: menu
+  type: folder
+  seq: 12
+
+request:
+  auth: inherit

bruno/api_v1/order/Change order address.yml

@@ -0,0 +1,33 @@
+info:
+  name: Change order address
+  type: http
+  seq: 3
+
+http:
+  method: POST
+  url: "{{bas_url}}/restricted/orders/change-order-address?order_id=1&country_id=1"
+  params:
+    - name: order_id
+      value: "1"
+      type: query
+    - name: country_id
+      value: "1"
+      type: query
+  body:
+    type: json
+    data: |-
+      {
+        "postal_code": "31-154",
+        "city": "Kraków",
+        "voivodeship": "śląskie",
+        "street": "Długa",
+        "building_no": "5",
+        "recipient": "Adam Adamowicz"
+      }
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/order/Change order status.yml

@@ -0,0 +1,22 @@
+info:
+  name: Change order status
+  type: http
+  seq: 1
+
+http:
+  method: PATCH
+  url: "{{bas_url}}/restricted/orders/change-order-status?order_id=2&status=PENDING"
+  params:
+    - name: order_id
+      value: "2"
+      type: query
+    - name: status
+      value: PENDING
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/order/List.yml

@@ -1,21 +1,22 @@
 info:
-  name: list-products
+  name: List
   type: http
   seq: 1
 
 http:
   method: GET
-  url: http://localhost:3000/api/v1/restricted/list/list-products?p=1&elems=10&target_user_id=2
+  url: "{{bas_url}}/restricted/orders/list?p=1&elems=30&sort=order_id,desc"
   params:
     - name: p
       value: "1"
       type: query
     - name: elems
-      value: "10"
+      value: "30"
       type: query
-    - name: target_user_id
+    - name: sort
-      value: "2"
+      value: order_id,desc
       type: query
+  auth: inherit
 
 settings:
   encodeUrl: true

bruno/api_v1/order/Place new order.yml

@@ -0,0 +1,37 @@
+info:
+  name: Place new order
+  type: http
+  seq: 2
+
+http:
+  method: POST
+  url: "{{bas_url}}/restricted/orders/place-new-order?cart_id=1&name=Test+Order&country_id=1"
+  params:
+    - name: cart_id
+      value: "1"
+      type: query
+    - name: name
+      value: Test Order
+      type: query
+    - name: country_id
+      value: "1"
+      type: query
+  body:
+    type: json
+    data: |-
+      {
+        "postal_code": "31-154",
+        "city": "Kraków",
+        "voivodeship": "małopolskie",
+        "street": "Długa",
+        "building_no": "5",
+        "apartment_no": "7",
+        "recipient": "Jan Kowalski"
+      }
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/order/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: order
+  type: folder
+  seq: 13
+
+request:
+  auth: inherit

bruno/api_v1/product/Products List.yml

@@ -5,7 +5,7 @@ info:
 
 http:
   method: GET
-  url: "{{bas_url}}/restricted/product/list?p=1&elems=30&reference=~NC100"
+  url: "{{bas_url}}/restricted/product/list?p=1&elems=30&reference=~NC100&is_new_eq=0&is_favorite_eq=false&is_oem_eq=FALSE"
   params:
     - name: p
       value: "1"
@@ -27,11 +27,12 @@ http:
     - name: is_new_eq
       value: "0"
       type: query
-      disabled: true
     - name: is_favorite_eq
       value: "false"
       type: query
-      disabled: true
+    - name: is_oem_eq
+      value: "FALSE"
+      type: query
   body:
     type: json
     data: ""

bruno/api_v1/product/folder.yml

@@ -1,7 +1,7 @@
 info:
   name: product
   type: folder
-  seq: 8
+  seq: 9
 
 request:
   auth: inherit

bruno/api_v1/routes/Routes.yml

@@ -0,0 +1,15 @@
+info:
+  name: Routes
+  type: http
+  seq: 1
+
+http:
+  method: GET
+  url: ""
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/api_v1/routes/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: routes
+  type: folder
+  seq: 12
+
+request:
+  auth: inherit

bruno/b2b_daniel/addresses/folder.yml

@@ -1,7 +1,7 @@
 info:
   name: addresses
   type: folder
-  seq: 10
+  seq: 9
 
 request:
   auth: inherit

bruno/b2b_daniel/auth/update-choice.yml

@@ -5,15 +5,14 @@ info:
 
 http:
   method: POST
-  url: http://localhost:3000/api/v1/public/auth/update-choice?lang_id=0&country_id=1
+  url: http://localhost:3000/api/v1/public/auth/update-choice?lang_id=1&country_id=1
   params:
     - name: lang_id
-      value: "0"
+      value: "1"
       type: query
     - name: country_id
       value: "1"
       type: query
-  auth: inherit
 
 settings:
   encodeUrl: true

bruno/b2b_daniel/carts/add-new-cart.yml

@@ -5,7 +5,11 @@ info:
 
 http:
   method: GET
-  url: http://localhost:3000/api/v1/restricted/carts/add-new-cart
+  url: http://localhost:3000/api/v1/restricted/carts/add-new-cart?name=carttt
+  params:
+    - name: name
+      value: carttt
+      type: query
   auth: inherit
 
 settings:

bruno/b2b_daniel/carts/add-product-to-cart (1).yml

@@ -5,7 +5,7 @@ info:
 
 http:
   method: GET
-  url: http://localhost:3000/api/v1/restricted/carts/add-product-to-cart?cart_id=1&product_id=51&amount=1
+  url: http://localhost:3000/api/v1/restricted/carts/add-product-to-cart?cart_id=1&product_id=51&amount=1&set_amount=false
   params:
     - name: cart_id
       value: "1"
@@ -16,6 +16,9 @@ http:
     - name: amount
       value: "1"
       type: query
+    - name: set_amount
+      value: "false"
+      type: query
   auth: inherit
 
 settings:

bruno/b2b_daniel/carts/add-product-to-cart.yml

@@ -5,7 +5,7 @@ info:
 
 http:
   method: GET
-  url: http://localhost:3000/api/v1/restricted/carts/add-product-to-cart?cart_id=1&product_id=51&product_attribute_id=1115&amount=1
+  url: http://localhost:3000/api/v1/restricted/carts/add-product-to-cart?cart_id=1&product_id=51&product_attribute_id=1115&amount=2&set_amount=true
   params:
     - name: cart_id
       value: "1"
@@ -17,7 +17,10 @@ http:
       value: "1115"
       type: query
     - name: amount
-      value: "1"
+      value: "2"
+      type: query
+    - name: set_amount
+      value: "true"
       type: query
   auth: inherit
 

bruno/b2b_daniel/list/list-users.yml

@@ -1,21 +0,0 @@
-info:
-  name: list-users
-  type: http
-  seq: 1
-
-http:
-  method: GET
-  url: http://localhost:3000/api/v1/restricted/list/list-users?p=1&elems=10
-  params:
-    - name: p
-      value: "1"
-      type: query
-    - name: elems
-      value: "10"
-      type: query
-
-settings:
-  encodeUrl: true
-  timeout: 0
-  followRedirects: true
-  maxRedirects: 5

bruno/b2b_daniel/orders/folder.yml

@@ -1,7 +1,7 @@
 info:
   name: orders
   type: folder
-  seq: 11
+  seq: 10
 
 request:
   auth: inherit

bruno/b2b_daniel/product-translation/folder.yml

@@ -1,7 +1,7 @@
 info:
   name: product-translation
   type: folder
-  seq: 2
+  seq: 3
 
 request:
   auth: inherit

bruno/b2b_daniel/storage-old/folder.yml

@@ -1,7 +1,7 @@
 info:
   name: storage-old
   type: folder
-  seq: 1
+  seq: 2
 
 request:
   auth: inherit

bruno/b2b_daniel/storage-restricted/folder.yml

@@ -1,7 +1,7 @@
 info:
   name: storage-restricted
   type: folder
-  seq: 9
+  seq: 8
 
 request:
   auth: inherit

i18n/migrations/20260302163100_routes.sql

@@ -42,10 +42,32 @@ INSERT IGNORE INTO `b2b_top_menu` (`menu_id`, `label`, `parent_id`, `params`, `a
 (3, JSON_COMPACT('{"name":"admin-products","trans":{"pl":{"label":"admin-products"},"en":{"label":"admin-products"},"de":{"label":"admin-products"}}}'),1,JSON_COMPACT('{}'),1,1),
 (9, JSON_COMPACT('{"name":"carts","trans":{"pl":{"label":"Koszyki"},"en":{"label":"Carts"},"de":{"label":"Warenkörbe"}}}'),3,JSON_COMPACT('{"route": {"name": "home", "params":{"locale": ""}}}'),1,1);
 
+CREATE TABLE IF NOT EXISTS b2b_customer_management_menu (
+  menu_id INT AUTO_INCREMENT NOT NULL,
+  label LONGTEXT NOT NULL DEFAULT '{}',
+  parent_id INT NULL DEFAULT NULL,
+  params LONGTEXT NOT NULL DEFAULT '{}',
+  active TINYINT NOT NULL DEFAULT 1,
+  position INT NOT NULL DEFAULT 1,
+  PRIMARY KEY (menu_id),
+  CONSTRAINT FK_b2b_customer_management_menu_parent_id FOREIGN KEY (parent_id) 
+      REFERENCES b2b_customer_management_menu (menu_id) 
+      ON DELETE RESTRICT ON UPDATE RESTRICT,
+  INDEX FK_b2b_customer_management_menu_parent_id_idx (parent_id ASC)
+) ENGINE = InnoDB;
 
+INSERT IGNORE INTO `b2b_customer_management_menu` (`menu_id`, `label`, `parent_id`, `params`, `active`, `position`) VALUES
+(1, JSON_COMPACT('{"name":"root","trans":{"pl":{"label":"Menu główne"},"en":{"label":"Main Menu"},"de":{"label":"Hauptmenü"}}}'),NULL,JSON_COMPACT('{}'),1,1),
+(3, JSON_COMPACT('{"name":"admin-products","trans":{"pl":{"label":"admin-products"},"en":{"label":"admin-products"},"de":{"label":"admin-products"}}}'),1,JSON_COMPACT('{}'),1,1),
+(9, JSON_COMPACT('{"name":"carts","trans":{"pl":{"label":"Koszyki"},"en":{"label":"Carts"},"de":{"label":"Warenkörbe"}}}'),3,JSON_COMPACT('{"route": {"name": "home", "params":{"locale": ""}}}'),1,1);
+
+INSERT INTO `b2b_customer_management_menu` (`menu_id`, `label`, `parent_id`, `params`, `active`, `position`) VALUES (1, '{"name":"root","trans":{"pl":{"label":"Menu główne"},"en":{"label":"Main Menu"},"de":{"label":"Hauptmenü"}}}', NULL, '{}', 1, 1);
+INSERT INTO `b2b_customer_management_menu` (`menu_id`, `label`, `parent_id`, `params`, `active`, `position`) VALUES (3, '{"name":"admin-products","trans":{"pl":{"label":"admin-products"},"en":{"label":"admin-products"},"de":{"label":"admin-products"}}}', 1, '{}', 1, 1);
+INSERT INTO `b2b_customer_management_menu` (`menu_id`, `label`, `parent_id`, `params`, `active`, `position`) VALUES (9, '{"name":"carts","trans":{"pl":{"label":"Koszyki"},"en":{"label":"Carts"},"de":{"label":"Warenkörbe"}}}', 3, '{"route":{"name":"home","params":{"locale":""}}}', 1, 1);
 
 -- +goose Down
 
 DROP TABLE IF EXISTS b2b_routes;
 DROP TABLE IF EXISTS b2b_top_menu;
+DROP TABLE IF EXISTS b2b_customer_management_menu;
 DROP FUNCTION IF EXISTS `slugify_eu`;

i18n/migrations/20260302163122_create_tables.sql

@@ -112,7 +112,8 @@ CREATE TABLE IF NOT EXISTS b2b_customers (
   country_id                      INT NULL DEFAULT 2,
   created_at                      DATETIME(6) NULL,
   updated_at                      DATETIME(6) NULL,
-  deleted_at                      DATETIME(6) NULL
+  deleted_at                      DATETIME(6) NULL,
+  is_no_vat                     TINYINT(1) NOT NULL DEFAULT 0 
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
 
 CREATE UNIQUE INDEX IF NOT EXISTS idx_customers_email
@@ -161,6 +162,16 @@ CREATE TABLE IF NOT EXISTS b2b_favorites (
 ) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4;
 
 
+-- oems
+CREATE TABLE IF NOT EXISTS b2b_oems (
+  user_id BIGINT UNSIGNED NOT NULL,
+  product_id INT UNSIGNED NOT NULL,
+  PRIMARY KEY (user_id, product_id),
+  CONSTRAINT fk_oems_customer FOREIGN KEY (user_id) REFERENCES b2b_customers(id) ON DELETE CASCADE ON UPDATE CASCADE,
+  CONSTRAINT fk_oems_product FOREIGN KEY (product_id) REFERENCES ps_product(id_product) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4;
+
+
 -- refresh_tokens
 CREATE TABLE IF NOT EXISTS b2b_refresh_tokens (
   id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
@@ -240,6 +251,11 @@ CREATE TABLE IF NOT EXISTS b2b_customer_orders (
   country_id BIGINT UNSIGNED NOT NULL,
   address_string TEXT NOT NULL,
   status VARCHAR(50) NOT NULL,
+  created_at DATETIME NOT NULL,
+  updated_at DATETIME NOT NULL,
+  base_price DECIMAL(10, 2) NOT NULL,
+  tax_incl DECIMAL(10, 2) NOT NULL,
+  tax_excl DECIMAL(10, 2) NOT NULL,
   CONSTRAINT fk_customer_orders_customers FOREIGN KEY (user_id) REFERENCES b2b_customers(id) ON DELETE NO ACTION ON UPDATE CASCADE,
   CONSTRAINT fk_customer_orders_countries FOREIGN KEY (country_id) REFERENCES b2b_countries(id) ON DELETE NO ACTION ON UPDATE CASCADE
 ) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4;
@@ -338,6 +354,24 @@ ON b2b_specific_price_customer (b2b_id_customer);
 CREATE INDEX idx_bsp_country_rel
 ON b2b_specific_price_country (b2b_id_country);
 
+CREATE TABLE b2b_route_roles ( 
+  route_id INT NOT NULL,
+  role_id BIGINT UNSIGNED NOT NULL,
+  PRIMARY KEY (route_id, role_id),
+  INDEX idx_role_id (role_id),
+  INDEX idx_route_id (route_id),
+  CONSTRAINT FK_b2b_route_roles_route_id
+    FOREIGN KEY (route_id)
+    REFERENCES b2b_routes (id)
+    ON DELETE CASCADE
+    ON UPDATE CASCADE,
+  CONSTRAINT FK_b2b_route_roles_role_id
+    FOREIGN KEY (role_id)
+    REFERENCES b2b_roles (id)
+    ON DELETE CASCADE
+    ON UPDATE CASCADE
+) ENGINE=InnoDB;
+
 DELIMITER //
 
 CREATE FUNCTION IF NOT EXISTS slugify_eu(input TEXT)
@@ -428,6 +462,30 @@ END$$
 
 DELIMITER ;
 
+CREATE TABLE b2b_order_status_history (
+    id BIGINT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
+    order_id BIGINT UNSIGNED NOT NULL,
+    old_status VARCHAR(50) NULL,
+    new_status VARCHAR(50) NOT NULL,
+    created_at TIMESTAMP NOT NULL DEFAULT NOW(),
+    user_id BIGINT UNSIGNED NULL
+);
+
+CREATE INDEX idx_order_status_history_order
+    ON b2b_order_status_history(order_id);
+
+CREATE INDEX idx_order_status_history_user
+    ON b2b_order_status_history(user_id);
+
+ALTER TABLE b2b_order_status_history
+ADD CONSTRAINT fk_order
+FOREIGN KEY (order_id) REFERENCES b2b_customer_orders(order_id);
+
+ALTER TABLE b2b_order_status_history
+ADD CONSTRAINT fk_user
+FOREIGN KEY (user_id) REFERENCES b2b_customers(id);
+
+
 -- +goose Down
 
 DROP TABLE IF EXISTS b2b_addresses;
@@ -438,6 +496,7 @@ DROP TABLE IF EXISTS b2b_customer_carts;
 DROP TABLE IF EXISTS b2b_specific_price_country;
 DROP TABLE IF EXISTS b2b_specific_price_customer;
 DROP TABLE IF EXISTS b2b_specific_price_product_attribute;
+DROP TABLE IF EXISTS b2b_route_roles;
 DROP TABLE IF EXISTS b2b_specific_price_category;
 DROP TABLE IF EXISTS b2b_specific_price_product;
 DROP TABLE IF EXISTS b2b_specific_price;

i18n/migrations/20260302163123_create_tables_data.sql

@@ -10,6 +10,20 @@ VALUES
 INSERT INTO `b2b_roles` (`name`, `id`) VALUES ('user','1');
 INSERT INTO `b2b_roles` (`name`, `id`) VALUES ('admin','2');
 INSERT INTO `b2b_roles` (`name`, `id`) VALUES ('super_admin','3');
+INSERT INTO `b2b_roles` (`name`, `id`) VALUES ('unlogged','4');
+
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (1, '1');
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (3, '1');
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (9, '1');
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (1, '2');
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (3, '2');
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (9, '2');
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (1, '3');
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (3, '3');
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (9, '3');
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (1, '4');
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (3, '4');
+INSERT INTO `b2b_top_menu_roles` (`top_menu_id`, `role_id`) VALUES (9, '4');
 
 
 -- insert sample admin user admin@ma-al.com/Maal12345678
@@ -39,6 +53,9 @@ INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('6', 'webdav.create_token')
 INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('7', 'product_translation.save');
 INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('8', 'product_translation.translate');
 INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('9', 'search.create_index');
+INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('10', 'orders.view_all');
+INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('11', 'orders.modify_all');
+INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('12', 'teleport');
 
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '1');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '2');
@@ -49,6 +66,9 @@ INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '6'
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '7');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '8');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '9');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '10');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '11');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '12');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '1');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '2');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '3');
@@ -58,4 +78,36 @@ INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '6'
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '7');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '8');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '9');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '10');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '11');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '12');
+
+INSERT INTO `b2b_route_roles` (`route_id`, `role_id`) VALUES
+(1, '1'),
+(1, '2'),
+(1, '3'),
+(2, '1'),
+(2, '2'),
+(2, '3'),
+(2, '4'),
+(3, '1'),
+(3, '2'),
+(3, '3'),
+(3, '4'),
+(4, '1'),
+(4, '2'),
+(4, '3'),
+(4, '4'),
+(5, '1'),
+(5, '2'),
+(5, '3'),
+(5, '4'),
+(6, '1'),
+(6, '2'),
+(6, '3'),
+(6, '4'),
+(7, '1'),
+(7, '2'),
+(7, '3'),
+(7, '4');
 -- +goose Down

i18n/migrations/20260319163200_procedures.sql

@@ -16,6 +16,7 @@ READS SQL DATA
 BEGIN
 
   DECLARE v_tax_rate DECIMAL(10,4) DEFAULT 0;
+  DECLARE v_tax_group INT;
 
   DECLARE v_base_raw DECIMAL(20,6);
   DECLARE v_base DECIMAL(20,6);
@@ -29,45 +30,54 @@ BEGIN
 
   DECLARE v_has_specific INT DEFAULT 0;
 
-  -- currency
   DECLARE v_target_currency BIGINT;
   DECLARE v_target_rate DECIMAL(13,6) DEFAULT 1;
   DECLARE v_specific_rate DECIMAL(13,6) DEFAULT 1;
 
+  DECLARE v_is_no_vat TINYINT DEFAULT 0;
+
   SET p_id_product_attribute = NULLIF(p_id_product_attribute, 0);
 
+  -- ================= CUSTOMER VAT =================
+  SELECT COALESCE(c.is_no_vat, 0)
+  INTO v_is_no_vat
+  FROM b2b_customers c
+  WHERE c.id = p_id_customer
+  LIMIT 1;
+
+  -- ================= TAX GROUP =================
+  SELECT ps.id_tax_rules_group
+  INTO v_tax_group
+  FROM ps_product_shop ps
+  WHERE ps.id_product = p_id_product
+    AND ps.id_shop = p_id_shop
+  LIMIT 1;
+
   -- ================= TAX =================
   SELECT COALESCE(t.rate, 0)
   INTO v_tax_rate
   FROM ps_tax_rule tr
   JOIN ps_tax t ON t.id_tax = tr.id_tax
   LEFT JOIN b2b_countries c ON c.id = p_id_country
-  WHERE tr.id_tax_rules_group = (
+  WHERE tr.id_tax_rules_group = v_tax_group
-    SELECT ps.id_tax_rules_group
+    AND tr.id_country = c.ps_id_country
-    FROM ps_product_shop ps
-    WHERE ps.id_product = p_id_product
-      AND ps.id_shop = p_id_shop
-    LIMIT 1
-  )
-  AND tr.id_country = c.ps_id_country
   LIMIT 1;
 
-  -- ================= TARGET CURRENCY =================
+  IF v_is_no_vat = 1 THEN
-  SELECT c.b2b_id_currency
+    SET v_tax_rate = 0;
-  INTO v_target_currency
+  END IF;
+
+  -- ================= CURRENCY =================
+  SELECT c.b2b_id_currency, r.conversion_rate
+  INTO v_target_currency, v_target_rate
   FROM b2b_countries c
+  LEFT JOIN b2b_currency_rates r
+    ON r.b2b_id_currency = c.b2b_id_currency
   WHERE c.id = p_id_country
-  LIMIT 1;
-
-  -- latest target rate
-  SELECT r.conversion_rate
-  INTO v_target_rate
-  FROM b2b_currency_rates r
-  WHERE r.b2b_id_currency = v_target_currency
   ORDER BY r.created_at DESC
   LIMIT 1;
 
-  -- ================= BASE PRICE (RAW) =================
+  -- ================= BASE PRICE =================
   SELECT
     COALESCE(ps.price, p.price) + COALESCE(pas.price, 0)
   INTO v_base_raw
@@ -79,8 +89,8 @@ BEGIN
     AND pas.id_shop = p_id_shop
   WHERE p.id_product = p_id_product;
 
-  -- convert base to target currency
   SET v_base = v_base_raw * v_target_rate;
+  SET v_excl = v_base;
 
   -- ================= RULE SELECTION =================
   SELECT
@@ -99,71 +109,67 @@ BEGIN
 
   FROM b2b_specific_price bsp
 
+  LEFT JOIN b2b_specific_price_product spp
+    ON spp.b2b_specific_price_id = bsp.id
+    AND spp.id_product = p_id_product
+
+  LEFT JOIN b2b_specific_price_product_attribute spa
+    ON spa.b2b_specific_price_id = bsp.id
+    AND spa.id_product_attribute = p_id_product_attribute
+
+  LEFT JOIN b2b_specific_price_customer spc
+    ON spc.b2b_specific_price_id = bsp.id
+    AND spc.b2b_id_customer = p_id_customer
+
+  LEFT JOIN b2b_specific_price_country spco
+    ON spco.b2b_specific_price_id = bsp.id
+    AND spco.b2b_id_country = p_id_country
+
+  LEFT JOIN b2b_specific_price_category spcat
+    ON spcat.b2b_specific_price_id = bsp.id
+
+  LEFT JOIN ps_category_product cp
+    ON cp.id_category = spcat.id_category
+    AND cp.id_product = p_id_product
+
   WHERE bsp.is_active = 1
     AND bsp.from_quantity <= p_quantity
 
-    -- intersection rules (unchanged)
+    AND (spp.id_product IS NOT NULL OR NOT EXISTS (
-    AND (
+          SELECT 1 FROM b2b_specific_price_product x WHERE x.b2b_specific_price_id = bsp.id
-      NOT EXISTS (SELECT 1 FROM b2b_specific_price_product x WHERE x.b2b_specific_price_id = bsp.id)
+        ))
-      OR EXISTS (SELECT 1 FROM b2b_specific_price_product x WHERE x.b2b_specific_price_id = bsp.id AND x.id_product = p_id_product)
-    )
 
-    AND (
+    AND (spa.id_product_attribute IS NOT NULL OR NOT EXISTS (
-      NOT EXISTS (SELECT 1 FROM b2b_specific_price_product_attribute x WHERE x.b2b_specific_price_id = bsp.id)
+          SELECT 1 FROM b2b_specific_price_product_attribute x WHERE x.b2b_specific_price_id = bsp.id
-      OR EXISTS (SELECT 1 FROM b2b_specific_price_product_attribute x WHERE x.b2b_specific_price_id = bsp.id AND x.id_product_attribute = p_id_product_attribute)
+        ))
-    )
 
-    AND (
+    AND (spc.b2b_id_customer IS NOT NULL OR NOT EXISTS (
-      NOT EXISTS (SELECT 1 FROM b2b_specific_price_category x WHERE x.b2b_specific_price_id = bsp.id)
+          SELECT 1 FROM b2b_specific_price_customer x WHERE x.b2b_specific_price_id = bsp.id
-      OR EXISTS (
+        ))
-        SELECT 1 FROM b2b_specific_price_category x
-        JOIN ps_category_product cp ON cp.id_category = x.id_category
-        WHERE x.b2b_specific_price_id = bsp.id AND cp.id_product = p_id_product
-      )
-    )
 
-    AND (
+    AND (spco.b2b_id_country IS NOT NULL OR NOT EXISTS (
-      NOT EXISTS (SELECT 1 FROM b2b_specific_price_customer x WHERE x.b2b_specific_price_id = bsp.id)
+          SELECT 1 FROM b2b_specific_price_country x WHERE x.b2b_specific_price_id = bsp.id
-      OR EXISTS (SELECT 1 FROM b2b_specific_price_customer x WHERE x.b2b_specific_price_id = bsp.id AND x.b2b_id_customer = p_id_customer)
+        ))
-    )
 
-    AND (
+    AND (cp.id_product IS NOT NULL OR NOT EXISTS (
-      NOT EXISTS (SELECT 1 FROM b2b_specific_price_country x WHERE x.b2b_specific_price_id = bsp.id)
+          SELECT 1 FROM b2b_specific_price_category x WHERE x.b2b_specific_price_id = bsp.id
-      OR EXISTS (SELECT 1 FROM b2b_specific_price_country x WHERE x.b2b_specific_price_id = bsp.id AND x.b2b_id_country = p_id_country)
+        ))
-    )
 
   ORDER BY
-    -- customer wins
+    (spc.b2b_id_customer IS NOT NULL) DESC,
-    (EXISTS (SELECT 1 FROM b2b_specific_price_customer x WHERE x.b2b_specific_price_id = bsp.id AND x.b2b_id_customer = p_id_customer)) DESC,
+    (spa.id_product_attribute IS NOT NULL) DESC,
-
+    (spp.id_product IS NOT NULL) DESC,
-    -- attribute
+    (cp.id_product IS NOT NULL) DESC,
-    (EXISTS (SELECT 1 FROM b2b_specific_price_product_attribute x WHERE x.b2b_specific_price_id = bsp.id AND x.id_product_attribute = p_id_product_attribute)) DESC,
+    (spco.b2b_id_country IS NOT NULL) DESC,
-
-    -- product
-    (EXISTS (SELECT 1 FROM b2b_specific_price_product x WHERE x.b2b_specific_price_id = bsp.id AND x.id_product = p_id_product)) DESC,
-
-    -- category
-    (EXISTS (
-      SELECT 1 FROM b2b_specific_price_category x
-      JOIN ps_category_product cp ON cp.id_category = x.id_category
-      WHERE x.b2b_specific_price_id = bsp.id AND cp.id_product = p_id_product
-    )) DESC,
-
-    -- country
-    (EXISTS (SELECT 1 FROM b2b_specific_price_country x WHERE x.b2b_specific_price_id = bsp.id AND x.b2b_id_country = p_id_country)) DESC,
-
     bsp.id DESC
 
   LIMIT 1;
 
   -- ================= APPLY =================
-  SET v_excl = v_base;
-
   IF v_has_specific = 1 THEN
 
     IF v_reduction_type = 'amount' THEN
 
-      -- convert specific price currency if needed
       IF v_specific_currency_id IS NOT NULL AND v_specific_currency_id != v_target_currency THEN
 
         SELECT r.conversion_rate
@@ -173,7 +179,6 @@ BEGIN
         ORDER BY r.created_at DESC
         LIMIT 1;
 
-        -- normalize → then convert to target
         SET v_excl = (v_fixed_price / v_specific_rate) * v_target_rate;
 
       ELSE
@@ -319,7 +324,8 @@ DROP PROCEDURE IF EXISTS get_product_base //
 CREATE PROCEDURE get_product_base(
   IN p_id_product INT,
   IN p_id_shop INT,
-  IN p_id_lang INT
+  IN p_id_lang INT,
+  IN p_id_customer INT
 )
 BEGIN
     SELECT
@@ -376,14 +382,21 @@ BEGIN
         
         -- Relations
         m.name AS manufacturer,
-        cl.name AS category
+        cl.name AS category,
 
-        -- This doesn't fit to base product, I'll add proper is_favorite to product later
+        p.is_oem,
-
+        EXISTS(
-        -- EXISTS(
+          SELECT 1 FROM b2b_favorites f
-        --   SELECT 1 FROM b2b_favorites f
+          WHERE f.user_id = p_id_customer AND f.product_id = p_id_product
-        --   WHERE f.user_id = p_id_customer AND f.product_id = p_id_product
+        ) AS is_favorite,
-        -- ) AS is_favorite
+        CASE
+          WHEN ps.date_add >= DATE_SUB(
+            NOW(),
+            INTERVAL COALESCE(CAST(ps_configuration.value AS SIGNED), 20) DAY
+          ) AND ps.active = 1
+          THEN 1
+          ELSE 0
+        END AS is_new
 
 
 
@@ -401,6 +414,8 @@ BEGIN
        AND cl.id_shop = p_id_shop
     LEFT JOIN ps_manufacturer m 
         ON m.id_manufacturer = p.id_manufacturer
+    LEFT JOIN ps_configuration
+        ON ps_configuration.name = 'PS_NB_DAYS_NEW_PRODUCT'
 
     WHERE p.id_product = p_id_product
     LIMIT 1;