rebuilt storage

Reviewed-on: #50
Reviewed-by: Wiktor Dudzic <dudzic_wiktor@ma-al.com>

.env

@@ -48,6 +48,10 @@ EMAIL_FROM=test@ma-al.com
 EMAIL_FROM_NAME=Gitea Manager
 EMAIL_ADMIN=goc_marek@ma-al.pl
 
+# STORAGE
+STORAGE_ROOT=./storage
+
+
 I18N_LANGS=en,pl,cs
 
 PDF_SERVER_URL=http://localhost:8000

.gitignore

@@ -6,3 +6,5 @@ i18n/*.json
 *_templ.go
 tmp/main
 test.go
+storage/*
+!storage/.gitkeep

app/config/config.go

@@ -2,8 +2,10 @@ package config
 
 import (
 	"fmt"
+	"log"
 	"log/slog"
 	"os"
+	"path/filepath"
 	"reflect"
 	"strconv"
 	"strings"
@@ -24,7 +26,8 @@ type Config struct {
 	GoogleTranslate GoogleTranslateConfig
 	Image           ImageConfig
 	Cors            CorsConfig
-	MailiSearch     MeiliSearchConfig
+	MeiliSearch     MeiliSearchConfig
+	Storage         StorageConfig
 }
 
 type I18n struct {
@@ -95,6 +98,10 @@ type EmailConfig struct {
 	Enabled      bool   `env:"EMAIL_ENABLED,false"`
 }
 
+type StorageConfig struct {
+	RootFolder string `env:"STORAGE_ROOT"`
+}
+
 type PdfPrinter struct {
 	ServerUrl string `env:"PDF_SERVER_URL,http://localhost:8000"`
 }
@@ -155,7 +162,7 @@ func load() *Config {
 
 	err = loadEnv(&cfg.OAuth.Google)
 	if err != nil {
-		slog.Error("not possible to load env variables for outh google : ", err.Error(), "")
+		slog.Error("not possible to load env variables for oauth google : ", err.Error(), "")
 	}
 
 	err = loadEnv(&cfg.App)
@@ -170,12 +177,12 @@ func load() *Config {
 
 	err = loadEnv(&cfg.I18n)
 	if err != nil {
-		slog.Error("not possible to load env variables for email : ", err.Error(), "")
+		slog.Error("not possible to load env variables for i18n : ", err.Error(), "")
 	}
 
 	err = loadEnv(&cfg.Pdf)
 	if err != nil {
-		slog.Error("not possible to load env variables for email : ", err.Error(), "")
+		slog.Error("not possible to load env variables for pdf : ", err.Error(), "")
 	}
 
 	err = loadEnv(&cfg.GoogleTranslate)
@@ -185,19 +192,25 @@ func load() *Config {
 
 	err = loadEnv(&cfg.Image)
 	if err != nil {
-		slog.Error("not possible to load env variables for google translate : ", err.Error(), "")
+		slog.Error("not possible to load env variables for image : ", err.Error(), "")
 	}
 
 	err = loadEnv(&cfg.Cors)
 	if err != nil {
-		slog.Error("not possible to load env variables for google translate : ", err.Error(), "")
+		slog.Error("not possible to load env variables for cors : ", err.Error(), "")
 	}
 
-	err = loadEnv(&cfg.MailiSearch)
+	err = loadEnv(&cfg.MeiliSearch)
 	if err != nil {
-		slog.Error("not possible to load env variables for google translate : ", err.Error(), "")
+		slog.Error("not possible to load env variables for meili search : ", err.Error(), "")
 	}
 
+	err = loadEnv(&cfg.Storage)
+	if err != nil {
+		slog.Error("not possible to load env variables for storage : ", err.Error(), "")
+	}
+	cfg.Storage.RootFolder = ResolveRelativePath(cfg.Storage.RootFolder)
+
 	return cfg
 }
 
@@ -308,6 +321,22 @@ func setValue(field reflect.Value, val string, key string) error {
 	return nil
 }
 
+func ResolveRelativePath(relativePath string) string {
+	// get working directory (where program was started)
+	wd, err := os.Getwd()
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	// convert to absolute path
+	absPath := relativePath
+	if !filepath.IsAbs(absPath) {
+		absPath = filepath.Join(wd, absPath)
+	}
+
+	return filepath.Clean(absPath)
+}
+
 func parseEnvTag(tag string) (key string, def *string) {
 	if tag == "" {
 		return "", nil

app/delivery/middleware/auth.go

@@ -1,12 +1,16 @@
 package middleware
 
 import (
+	"encoding/base64"
+	"strconv"
 	"strings"
+	"time"
 
 	"git.ma-al.com/goc_daniel/b2b/app/config"
 	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/authService"
 	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 
 	"github.com/gofiber/fiber/v3"
 )
@@ -60,9 +64,52 @@ func AuthMiddleware() fiber.Handler {
 			})
 		}
 
-		// Set user in context
+		// Create locale. LangID is overwritten by auth Token
-		c.Locals(constdata.USER_LOCALES_NAME, user.ToSession())
+		var userLocale model.UserLocale
-		c.Locals(constdata.USER_LOCALES_ID, user.ID)
+		userLocale.OriginalUser = user
+
+		// Check if target user is present
+		targetUserIDAttribute := c.Query("target_user_id")
+
+		if targetUserIDAttribute == "" {
+			userLocale.User = user
+			c.Locals(constdata.USER_LOCALE, &userLocale)
+
+			return c.Next()
+		}
+
+		// We now populate the target user
+		if user.Role != model.RoleAdmin {
+			return c.Status(fiber.StatusForbidden).JSON(fiber.Map{
+				"error": "admin access required",
+			})
+		}
+
+		targetUserID, err := strconv.Atoi(targetUserIDAttribute)
+		if err != nil {
+			return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{
+				"error": "invalid target user id attribute",
+			})
+		}
+
+		// to verify target user, we use the same functionality as for verifying original user
+		// Get target user from database
+		user, err = authService.GetUserByID(uint(targetUserID))
+		if err != nil {
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+				"error": "target user not found",
+			})
+		}
+
+		// Check if target user is active
+		if !user.IsActive {
+			return c.Status(fiber.StatusForbidden).JSON(fiber.Map{
+				"error": "target user account is inactive",
+			})
+		}
+
+		userLocale.User = user
+		c.Locals(constdata.USER_LOCALE, &userLocale)
 
 		return c.Next()
 	}
@@ -71,21 +118,14 @@ func AuthMiddleware() fiber.Handler {
 // RequireAdmin creates admin-only middleware
 func RequireAdmin() fiber.Handler {
 	return func(c fiber.Ctx) error {
-		user := c.Locals("user")
+		originalUserRole, ok := localeExtractor.GetOriginalUserRole(c)
-		if user == nil {
+		if !ok {
 			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
 				"error": "not authenticated",
 			})
 		}
 
-		userSession, ok := user.(*model.UserSession)
+		if originalUserRole != model.RoleAdmin {
-		if !ok {
-			return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{
-				"error": "invalid user session",
-			})
-		}
-
-		if userSession.Role != model.RoleAdmin {
 			return c.Status(fiber.StatusForbidden).JSON(fiber.Map{
 				"error": "admin access required",
 			})
@@ -95,22 +135,70 @@ func RequireAdmin() fiber.Handler {
 	}
 }
 
-// GetUserID extracts user ID from context
+// Webdav
-func GetUserID(c fiber.Ctx) uint {
+func Webdav() fiber.Handler {
-	userID, ok := c.Locals("userID").(uint)
+	authService := authService.NewAuthService()
-	if !ok {
+
-		return 0
+	return func(c fiber.Ctx) error {
-	}
+		authHeader := c.Get("Authorization")
-	return userID
+		if authHeader == "" {
+			c.Set("WWW-Authenticate", `Basic realm="webdav"`)
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+				"error": "authorization token required",
+			})
 		}
 
-// GetUser extracts user from context
+		if !strings.HasPrefix(authHeader, "Basic ") {
-func GetUser(c fiber.Ctx) *model.UserSession {
+			c.Set("WWW-Authenticate", `Basic realm="webdav"`)
-	user, ok := c.Locals("user").(*model.UserSession)
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
-	if !ok {
+				"error": "invalid authorization token",
-		return nil
+			})
+		}
+
+		encoded := strings.TrimPrefix(authHeader, "Basic ")
+		decoded, err := base64.StdEncoding.DecodeString(encoded)
+		if err != nil {
+			c.Set("WWW-Authenticate", `Basic realm="webdav"`)
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+				"error": "invalid authorization token",
+			})
+		}
+
+		credentials := strings.SplitN(string(decoded), ":", 2)
+		rawToken := ""
+		if len(credentials) == 1 {
+			rawToken = credentials[0]
+		} else if len(credentials) == 2 {
+			rawToken = credentials[1]
+		}
+		if len(rawToken) != constdata.NBYTES_IN_WEBDAV_TOKEN*2 {
+			c.Set("WWW-Authenticate", `Basic realm="webdav"`)
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+				"error": "invalid authorization token",
+			})
+		}
+
+		// we identify user based on this token.
+		user, err := authService.GetUserByWebdavToken(rawToken)
+		if err != nil {
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+				"error": "user not found",
+			})
+		}
+
+		if user.WebdavExpires != nil && user.WebdavExpires.Before(time.Now()) {
+			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+				"error": "invalid or expired token",
+			})
+		}
+
+		var userLocale model.UserLocale
+		userLocale.OriginalUser = user
+		userLocale.User = user
+		c.Locals(constdata.USER_LOCALE, &userLocale)
+
+		return c.Next()
 	}
-	return user
 }
 
 // GetConfig returns the app config

app/delivery/middleware/language.go

@@ -4,7 +4,9 @@ import (
 	"strconv"
 	"strings"
 
+	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/langsService"
+	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
 	"github.com/gofiber/fiber/v3"
 )
 
@@ -22,15 +24,11 @@ func LanguageMiddleware() fiber.Handler {
 			if id, err := strconv.ParseUint(langIDStr, 10, 32); err == nil {
 				langID = uint(id)
 				if langID > 0 {
-					lang, err := langService.GetLanguageById(langID)
+					c.Locals(constdata.USER_LOCALE, returnNewLocale(langID))
-					if err == nil {
-						c.Locals("langID", langID)
-						c.Locals("lang", lang)
 					return c.Next()
 				}
 			}
 		}
-		}
 
 		// 2. Check cookie
 		cookieLang := c.Cookies("lang_id", "")
@@ -38,15 +36,11 @@ func LanguageMiddleware() fiber.Handler {
 			if id, err := strconv.ParseUint(cookieLang, 10, 32); err == nil {
 				langID = uint(id)
 				if langID > 0 {
-					lang, err := langService.GetLanguageById(langID)
+					c.Locals(constdata.USER_LOCALE, returnNewLocale(langID))
-					if err == nil {
-						c.Locals("langID", langID)
-						c.Locals("lang", lang)
 					return c.Next()
 				}
 			}
 		}
-		}
 
 		// 3. Check Accept-Language header
 		acceptLang := c.Get("Accept-Language", "")
@@ -57,8 +51,7 @@ func LanguageMiddleware() fiber.Handler {
 				lang, err := langService.GetLanguageByISOCode(isoCode)
 				if err == nil && lang != nil {
 					langID = uint(lang.ID)
-					c.Locals("langID", langID)
+					c.Locals(constdata.USER_LOCALE, returnNewLocale(langID))
-					c.Locals("lang", lang)
 					return c.Next()
 				}
 			}
@@ -68,8 +61,7 @@ func LanguageMiddleware() fiber.Handler {
 		defaultLang, err := langService.GetDefaultLanguage()
 		if err == nil && defaultLang != nil {
 			langID = uint(defaultLang.ID)
-			c.Locals("langID", langID)
+			c.Locals(constdata.USER_LOCALE, returnNewLocale(langID))
-			c.Locals("lang", defaultLang)
 		}
 
 		return c.Next()
@@ -104,11 +96,9 @@ func parseAcceptLanguage(header string) string {
 	return strings.ToLower(first)
 }
 
-// GetLanguageID extracts language ID from context
+func returnNewLocale(lang_id uint) *model.UserLocale {
-func GetLanguageID(c fiber.Ctx) uint {
+	newLocale := model.UserLocale{}
-	langID, ok := c.Locals("langID").(uint)
+	newLocale.OriginalUser = &model.Customer{}
-	if !ok {
+	newLocale.OriginalUser.LangID = lang_id
-		return 0
+	return &newLocale
-	}
-	return langID
 }

app/delivery/web/api/public/auth.go

@@ -268,15 +268,15 @@ func (h *AuthHandler) RefreshToken(c fiber.Ctx) error {
 
 // Me returns the current user info
 func (h *AuthHandler) Me(c fiber.Ctx) error {
-	user := c.Locals("user")
+	userLocale := c.Locals(constdata.USER_LOCALE).(*model.UserLocale)
-	if user == nil {
+	if userLocale.OriginalUser == nil {
 		return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
 			"error": responseErrors.GetErrorCode(c, responseErrors.ErrNotAuthenticated),
 		})
 	}
 
 	return c.JSON(fiber.Map{
-		"user": user,
+		"user": *userLocale.OriginalUser,
 	})
 }
 
@@ -351,21 +351,12 @@ func (h *AuthHandler) CompleteRegistration(c fiber.Ctx) error {
 
 // Updates JWT Tokens. Requires authentication and updates access token only
 func (h *AuthHandler) UpdateJWTToken(c fiber.Ctx) error {
-	userLocals, ok := c.Locals(constdata.USER_LOCALES_NAME).(*model.UserSession)
+	userLocale, ok := c.Locals(constdata.USER_LOCALE).(*model.UserLocale)
 	if !ok {
 		return c.Status(fiber.StatusUnauthorized).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrNotAuthenticated)))
 	}
 
-	user := model.Customer{
-		ID:        userLocals.UserID,
-		Email:     userLocals.Email,
-		Role:      userLocals.Role,
-		LangID:    userLocals.LangID,
-		CountryID: userLocals.CountryID,
-		IsActive:  userLocals.IsActive,
-	}
-
 	// Parse language and country_id from query params
 	langIDStr := c.Query("lang_id")
 
@@ -375,7 +366,7 @@ func (h *AuthHandler) UpdateJWTToken(c fiber.Ctx) error {
 			return c.Status(fiber.StatusBadRequest).
 				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadLangID)))
 		}
-		user.LangID = uint(parsedID)
+		userLocale.OriginalUser.LangID = uint(parsedID)
 	}
 
 	countryIDStr := c.Query("country_id")
@@ -386,10 +377,10 @@ func (h *AuthHandler) UpdateJWTToken(c fiber.Ctx) error {
 			return c.Status(fiber.StatusBadRequest).
 				JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadCountryID)))
 		}
-		user.CountryID = uint(parsedID)
+		userLocale.OriginalUser.CountryID = uint(parsedID)
 	}
 
-	newAccessToken, err := h.authService.UpdateJWTToken(&user)
+	newAccessToken, err := h.authService.UpdateJWTToken(userLocale.OriginalUser)
 
 	if err != nil {
 		return c.Status(responseErrors.GetErrorStatus(err)).JSON(fiber.Map{

app/delivery/web/api/public/routing.go

@@ -3,6 +3,7 @@ package public
 import (
 	"git.ma-al.com/goc_daniel/b2b/app/service/menuService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -30,7 +31,7 @@ func RoutingHandlerRoutes(r fiber.Router) fiber.Router {
 }
 
 func (h *RoutingHandler) GetRouting(c fiber.Ctx) error {
-	lang_id, ok := c.Locals("langID").(uint)
+	lang_id, ok := localeExtractor.GetLangID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))

app/delivery/web/api/restricted/carts.go

@@ -5,6 +5,7 @@ import (
 
 	"git.ma-al.com/goc_daniel/b2b/app/service/cartsService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -37,7 +38,7 @@ func CartsHandlerRoutes(r fiber.Router) fiber.Router {
 }
 
 func (h *CartsHandler) AddNewCart(c fiber.Ctx) error {
-	userID, ok := c.Locals("userID").(uint)
+	userID, ok := localeExtractor.GetUserID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
@@ -53,7 +54,7 @@ func (h *CartsHandler) AddNewCart(c fiber.Ctx) error {
 }
 
 func (h *CartsHandler) ChangeCartName(c fiber.Ctx) error {
-	userID, ok := c.Locals("userID").(uint)
+	userID, ok := localeExtractor.GetUserID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
@@ -78,7 +79,7 @@ func (h *CartsHandler) ChangeCartName(c fiber.Ctx) error {
 }
 
 func (h *CartsHandler) RetrieveCartsInfo(c fiber.Ctx) error {
-	userID, ok := c.Locals("userID").(uint)
+	userID, ok := localeExtractor.GetUserID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
@@ -94,7 +95,7 @@ func (h *CartsHandler) RetrieveCartsInfo(c fiber.Ctx) error {
 }
 
 func (h *CartsHandler) RetrieveCart(c fiber.Ctx) error {
-	userID, ok := c.Locals("userID").(uint)
+	userID, ok := localeExtractor.GetUserID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
@@ -117,7 +118,7 @@ func (h *CartsHandler) RetrieveCart(c fiber.Ctx) error {
 }
 
 func (h *CartsHandler) AddProduct(c fiber.Ctx) error {
-	userID, ok := c.Locals("userID").(uint)
+	userID, ok := localeExtractor.GetUserID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))

app/delivery/web/api/restricted/list.go

@@ -5,6 +5,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/listService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/query/query_params"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
@@ -43,19 +44,19 @@ func (h *ListHandler) ListProducts(c fiber.Ctx) error {
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
 
-	id_lang, ok := c.Locals("langID").(uint)
+	id_lang, ok := localeExtractor.GetLangID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
 	}
 
-	listing, err := h.listService.ListProducts(id_lang, paging, filters)
+	list, err := h.listService.ListProducts(id_lang, paging, filters)
 	if err != nil {
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
 
-	return c.JSON(response.Make(&listing.Items, int(listing.Count), i18n.T_(c, response.Message_OK)))
+	return c.JSON(response.Make(&list.Items, int(list.Count), i18n.T_(c, response.Message_OK)))
 }
 
 var columnMappingListProducts map[string]string = map[string]string{
@@ -74,19 +75,19 @@ func (h *ListHandler) ListUsers(c fiber.Ctx) error {
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
 
-	id_lang, ok := c.Locals("langID").(uint)
+	id_lang, ok := localeExtractor.GetLangID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
 	}
 
-	listing, err := h.listService.ListUsers(id_lang, paging, filters)
+	list, err := h.listService.ListUsers(id_lang, paging, filters)
 	if err != nil {
 		return c.Status(responseErrors.GetErrorStatus(err)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
 
-	return c.JSON(response.Make(&listing.Items, int(listing.Count), i18n.T_(c, response.Message_OK)))
+	return c.JSON(response.Make(&list.Items, int(list.Count), i18n.T_(c, response.Message_OK)))
 }
 
 var columnMappingListUsers map[string]string = map[string]string{

app/delivery/web/api/restricted/menu.go

@@ -5,6 +5,7 @@ import (
 
 	"git.ma-al.com/goc_daniel/b2b/app/service/menuService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -33,7 +34,7 @@ func MenuHandlerRoutes(r fiber.Router) fiber.Router {
 }
 
 func (h *MenuHandler) GetCategoryTree(c fiber.Ctx) error {
-	lang_id, ok := c.Locals("langID").(uint)
+	lang_id, ok := localeExtractor.GetLangID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
@@ -56,7 +57,7 @@ func (h *MenuHandler) GetCategoryTree(c fiber.Ctx) error {
 }
 
 func (h *MenuHandler) GetBreadcrumb(c fiber.Ctx) error {
-	lang_id, ok := c.Locals("langID").(uint)
+	lang_id, ok := localeExtractor.GetLangID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
@@ -86,7 +87,7 @@ func (h *MenuHandler) GetBreadcrumb(c fiber.Ctx) error {
 }
 
 func (h *MenuHandler) GetTopMenu(c fiber.Ctx) error {
-	lang_id, ok := c.Locals("langID").(uint)
+	lang_id, ok := localeExtractor.GetLangID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))

app/delivery/web/api/restricted/productTranslation.go

@@ -4,8 +4,10 @@ import (
 	"strconv"
 
 	"git.ma-al.com/goc_daniel/b2b/app/config"
+	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/productTranslationService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -41,7 +43,7 @@ func ProductTranslationHandlerRoutes(r fiber.Router) fiber.Router {
 
 // GetProductDescription returns the product description for a given product ID
 func (h *ProductTranslationHandler) GetProductDescription(c fiber.Ctx) error {
-	userID, ok := c.Locals("userID").(uint)
+	userID, ok := localeExtractor.GetUserID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
@@ -72,12 +74,18 @@ func (h *ProductTranslationHandler) GetProductDescription(c fiber.Ctx) error {
 
 // SaveProductDescription saves the description for a given product ID, in given language
 func (h *ProductTranslationHandler) SaveProductDescription(c fiber.Ctx) error {
-	userID, ok := c.Locals("userID").(uint)
+	userID, ok := localeExtractor.GetUserID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
 	}
 
+	userRole, ok := localeExtractor.GetOriginalUserRole(c)
+	if !ok || userRole != model.RoleAdmin {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrAdminAccessRequired)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrAdminAccessRequired)))
+	}
+
 	productID_attribute := c.Query("productID")
 	productID, err := strconv.Atoi(productID_attribute)
 	if err != nil {
@@ -109,12 +117,18 @@ func (h *ProductTranslationHandler) SaveProductDescription(c fiber.Ctx) error {
 
 // TranslateProductDescription returns translated product description
 func (h *ProductTranslationHandler) TranslateProductDescription(c fiber.Ctx) error {
-	userID, ok := c.Locals("userID").(uint)
+	userID, ok := localeExtractor.GetUserID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
 	}
 
+	userRole, ok := localeExtractor.GetOriginalUserRole(c)
+	if !ok || userRole != model.RoleAdmin {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrAdminAccessRequired)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrAdminAccessRequired)))
+	}
+
 	productID_attribute := c.Query("productID")
 	productID, err := strconv.Atoi(productID_attribute)
 	if err != nil {

app/delivery/web/api/restricted/search.go

@@ -4,9 +4,11 @@ import (
 	"encoding/json"
 	"fmt"
 
+	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/meiliService"
 	searchservice "git.ma-al.com/goc_daniel/b2b/app/service/searchService"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
@@ -36,12 +38,18 @@ func MeiliSearchHandlerRoutes(r fiber.Router) fiber.Router {
 }
 
 func (h *MeiliSearchHandler) CreateIndex(c fiber.Ctx) error {
-	id_lang, ok := c.Locals("langID").(uint)
+	id_lang, ok := localeExtractor.GetLangID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
 	}
 
+	userRole, ok := localeExtractor.GetOriginalUserRole(c)
+	if !ok || userRole != model.RoleAdmin {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrAdminAccessRequired)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrAdminAccessRequired)))
+	}
+
 	err := h.meiliService.CreateIndex(id_lang)
 	if err != nil {
 		fmt.Printf("CreateIndex error: %v\n", err)
@@ -49,12 +57,11 @@ func (h *MeiliSearchHandler) CreateIndex(c fiber.Ctx) error {
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
 	}
 
-	nothing := ""
+	return c.JSON(response.Make(nullable.GetNil(""), 0, i18n.T_(c, response.Message_OK)))
-	return c.JSON(response.Make(&nothing, 0, i18n.T_(c, response.Message_OK)))
 }
 
 func (h *MeiliSearchHandler) Search(c fiber.Ctx) error {
-	id_lang, ok := c.Locals("langID").(uint)
+	id_lang, ok := localeExtractor.GetLangID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))
@@ -88,7 +95,7 @@ func (h *MeiliSearchHandler) Search(c fiber.Ctx) error {
 }
 
 func (h *MeiliSearchHandler) GetSettings(c fiber.Ctx) error {
-	id_lang, ok := c.Locals("langID").(uint)
+	id_lang, ok := localeExtractor.GetLangID(c)
 	if !ok {
 		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
 			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrBadAttribute)))

app/delivery/web/api/restricted/storage.go

@@ -0,0 +1,100 @@
+package restricted
+
+import (
+	"strconv"
+
+	"git.ma-al.com/goc_daniel/b2b/app/config"
+	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/service/storageService"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/nullable"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/response"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
+	"github.com/gofiber/fiber/v3"
+)
+
+type StorageHandler struct {
+	storageService *storageService.StorageService
+	config         *config.Config
+}
+
+func NewStorageHandler() *StorageHandler {
+	return &StorageHandler{
+		storageService: storageService.New(),
+		config:         config.Get(),
+	}
+}
+
+func StorageHandlerRoutes(r fiber.Router) fiber.Router {
+	handler := NewStorageHandler()
+
+	// for all users
+	r.Get("/list-content/*", handler.ListContent)
+	r.Get("/download-file/*", handler.DownloadFile)
+
+	// for admins only
+	r.Get("/create-new-webdav-token", handler.CreateNewWebdavToken)
+
+	return r
+}
+
+// accepted path looks like e.g. "/folder1/" or "folder1"
+func (h *StorageHandler) ListContent(c fiber.Ctx) error {
+	// relative path defaults to root directory
+	abs_path, err := h.storageService.AbsPath(h.config.Storage.RootFolder, c.Params("*"))
+	if err != nil {
+		return c.Status(responseErrors.GetErrorStatus(err)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
+	}
+
+	entries_in_list, err := h.storageService.ListContent(abs_path)
+
+	if err != nil {
+		return c.Status(responseErrors.GetErrorStatus(err)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
+	}
+
+	return c.JSON(response.Make(entries_in_list, 0, i18n.T_(c, response.Message_OK)))
+}
+
+func (h *StorageHandler) DownloadFile(c fiber.Ctx) error {
+	abs_path, err := h.storageService.AbsPath(h.config.Storage.RootFolder, c.Params("*"))
+	if err != nil {
+		return c.Status(responseErrors.GetErrorStatus(err)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
+	}
+
+	f, filename, filesize, err := h.storageService.DownloadFilePrep(abs_path)
+	if err != nil {
+		return c.Status(responseErrors.GetErrorStatus(err)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
+	}
+
+	c.Attachment(filename)
+	c.Set("Content-Length", strconv.FormatInt(filesize, 10))
+	c.Set("Content-Type", "application/octet-stream")
+	return c.SendStream(f, int(filesize))
+}
+
+func (h *StorageHandler) CreateNewWebdavToken(c fiber.Ctx) error {
+	userID, ok := localeExtractor.GetUserID(c)
+	if !ok {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrInvalidBody)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrInvalidBody)))
+	}
+
+	userRole, ok := localeExtractor.GetOriginalUserRole(c)
+	if !ok || userRole != model.RoleAdmin {
+		return c.Status(responseErrors.GetErrorStatus(responseErrors.ErrAdminAccessRequired)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, responseErrors.ErrAdminAccessRequired)))
+	}
+
+	new_token, err := h.storageService.NewWebdavToken(userID)
+	if err != nil {
+		return c.Status(responseErrors.GetErrorStatus(err)).
+			JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(c, err)))
+	}
+
+	return c.JSON(response.Make(&new_token, 0, i18n.T_(c, response.Message_OK)))
+}

app/delivery/web/api/webdav/storage.go

@@ -0,0 +1,198 @@
+package webdav
+
+import (
+	"bytes"
+	"io"
+	"net/http"
+	"strconv"
+
+	"git.ma-al.com/goc_daniel/b2b/app/config"
+	"git.ma-al.com/goc_daniel/b2b/app/service/storageService"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
+	"github.com/gofiber/fiber/v3"
+)
+
+type StorageHandler struct {
+	storageService *storageService.StorageService
+	config         *config.Config
+}
+
+func NewStorageHandler() *StorageHandler {
+	return &StorageHandler{
+		storageService: storageService.New(),
+		config:         config.Get(),
+	}
+}
+
+func StorageHandlerRoutes(r fiber.Router) fiber.Router {
+	handler := NewStorageHandler()
+
+	// for webdav use only
+	r.Get("/*", handler.Get)
+	r.Head("/*", handler.Get)
+	r.Put("/*", handler.Put)
+	r.Delete("/*", handler.Delete)
+	r.Add([]string{"MKCOL"}, "/*", handler.Mkcol)
+	r.Add([]string{"PROPFIND"}, "/*", handler.Propfind)
+	r.Add([]string{"PROPPATCH"}, "/*", handler.Proppatch)
+	r.Add([]string{"MOVE"}, "/*", handler.Move)
+	r.Add([]string{"COPY"}, "/*", handler.Copy)
+
+	return r
+}
+
+func (h *StorageHandler) Get(c fiber.Ctx) error {
+	// fmt.Println("GET")
+	absPath, err := h.storageService.AbsPath(h.config.Storage.RootFolder, c.Params("*"))
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	info, err := h.storageService.EntryInfo(absPath)
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	if info.IsDir() {
+		xml, err := h.storageService.Propfind(h.config.Storage.RootFolder, absPath, "1")
+		if err != nil {
+			return c.SendStatus(responseErrors.GetErrorStatus(err))
+		}
+
+		c.Set("Content-Type", `application/xml; charset="utf-8"`)
+		return c.Status(http.StatusMultiStatus).SendString(xml)
+
+	} else {
+		f, filename, filesize, err := h.storageService.DownloadFilePrep(absPath)
+		if err != nil {
+			return c.SendStatus(responseErrors.GetErrorStatus(err))
+		}
+
+		c.Attachment(filename)
+		c.Set("Content-Length", strconv.FormatInt(filesize, 10))
+		c.Set("Content-Type", "application/octet-stream")
+		return c.SendStream(f, int(filesize))
+	}
+}
+
+func (h *StorageHandler) Put(c fiber.Ctx) error {
+	// fmt.Println("PUT")
+	absPath, err := h.storageService.AbsPath(h.config.Storage.RootFolder, c.Params("*"))
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	var src io.Reader
+	if bodyStream := c.Request().BodyStream(); bodyStream != nil {
+		defer c.Request().CloseBodyStream()
+		src = bodyStream
+	} else {
+		src = bytes.NewReader(c.Body())
+	}
+
+	err = h.storageService.Put(absPath, src)
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	return c.SendStatus(http.StatusCreated)
+}
+
+func (h *StorageHandler) Delete(c fiber.Ctx) error {
+	// fmt.Println("DELETE")
+	absPath, err := h.storageService.AbsPath(h.config.Storage.RootFolder, c.Params("*"))
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+	if absPath == h.config.Storage.RootFolder {
+		return c.SendStatus(responseErrors.GetErrorStatus(responseErrors.ErrAccessDenied))
+	}
+
+	err = h.storageService.Delete(absPath)
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	return c.SendStatus(http.StatusNoContent)
+}
+
+func (h *StorageHandler) Mkcol(c fiber.Ctx) error {
+	// fmt.Println("Mkcol")
+	absPath, err := h.storageService.AbsPath(h.config.Storage.RootFolder, c.Params("*"))
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	err = h.storageService.Mkcol(absPath)
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	return c.SendStatus(http.StatusCreated)
+}
+
+func (h *StorageHandler) Propfind(c fiber.Ctx) error {
+	// fmt.Println("PROPFIND")
+	absPath, err := h.storageService.AbsPath(h.config.Storage.RootFolder, c.Params("*"))
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	xml, err := h.storageService.Propfind(h.config.Storage.RootFolder, absPath, "1")
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	c.Set("Content-Type", `application/xml; charset="utf-8"`)
+	return c.Status(http.StatusMultiStatus).SendString(xml)
+}
+
+func (h *StorageHandler) Proppatch(c fiber.Ctx) error {
+	return c.SendStatus(http.StatusNotImplemented) // 501
+}
+
+func (h *StorageHandler) Move(c fiber.Ctx) error {
+	// fmt.Println("MOVE")
+	srcAbsPath, err := h.storageService.AbsPath(h.config.Storage.RootFolder, c.Params("*"))
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	dest := c.Get("Destination")
+	if dest == "" {
+		return c.SendStatus(http.StatusBadRequest)
+	}
+	destAbsPath, err := h.storageService.ObtainDestPath(h.config.Storage.RootFolder, dest)
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	err = h.storageService.Move(srcAbsPath, destAbsPath)
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+	return c.SendStatus(http.StatusCreated)
+}
+
+func (h *StorageHandler) Copy(c fiber.Ctx) error {
+	// fmt.Println("COPY")
+	srcAbsPath, err := h.storageService.AbsPath(h.config.Storage.RootFolder, c.Params("*"))
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	dest := c.Get("Destination")
+	if dest == "" {
+		return c.SendStatus(http.StatusBadRequest)
+	}
+	destAbsPath, err := h.storageService.ObtainDestPath(h.config.Storage.RootFolder, dest)
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+
+	err = h.storageService.Copy(srcAbsPath, destAbsPath)
+	if err != nil {
+		return c.SendStatus(responseErrors.GetErrorStatus(err))
+	}
+	return c.SendStatus(http.StatusCreated)
+}

app/delivery/web/init.go

@@ -14,6 +14,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/web/api"
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/web/api/public"
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/web/api/restricted"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/web/api/webdav"
 	"git.ma-al.com/goc_daniel/b2b/app/delivery/web/general"
 
 	"github.com/gofiber/fiber/v3"
@@ -25,6 +26,7 @@ import (
 type Server struct {
 	app        *fiber.App
 	cfg        *config.Config
+	webdav     fiber.Router
 	api        fiber.Router
 	public     fiber.Router
 	restricted fiber.Router
@@ -42,12 +44,23 @@ func (s *Server) Cfg() *config.Config {
 
 // New creates a new server instance
 func New() *Server {
-	return &Server{
+	var s Server
-		app: fiber.New(fiber.Config{
+
+	app :=
+		fiber.New(fiber.Config{
 			ErrorHandler:      customErrorHandler,
-		}),
+			BodyLimit:         50 * 1024 * 1024, // 50 MB
-		cfg: config.Get(),
+			StreamRequestBody: true,
-	}
+			RequestMethods: []string{
+				fiber.MethodGet, fiber.MethodHead, fiber.MethodPost, fiber.MethodPut,
+				fiber.MethodDelete, fiber.MethodConnect, fiber.MethodOptions,
+				fiber.MethodTrace, fiber.MethodPatch, "MKCOL", "PROPFIND", "PROPPATCH", "MOVE", "COPY",
+			},
+		})
+
+	s.app = app
+	s.cfg = config.Get()
+	return &s
 }
 
 // Setup configures the server with routes and middleware
@@ -76,6 +89,8 @@ func (s *Server) Setup() error {
 	s.public = s.api.Group("/public")
 	s.restricted = s.api.Group("/restricted")
 	s.restricted.Use(middleware.AuthMiddleware())
+	s.webdav = s.api.Group("/webdav")
+	s.webdav.Use(middleware.Webdav())
 
 	// initialize language endpoints (general)
 	api.NewLangHandler().InitLanguage(s.api, s.cfg)
@@ -115,6 +130,12 @@ func (s *Server) Setup() error {
 	carts := s.restricted.Group("/carts")
 	restricted.CartsHandlerRoutes(carts)
 
+	// storage (uses various authorization means)
+	restrictedStorage := s.restricted.Group("/storage")
+	webdavStorage := s.webdav.Group("/storage")
+	restricted.StorageHandlerRoutes(restrictedStorage)
+	webdav.StorageHandlerRoutes(webdavStorage)
+
 	s.api.All("*", func(c fiber.Ctx) error {
 		return c.SendStatus(fiber.StatusNotFound)
 	})

app/model/customer.go

@@ -23,6 +23,8 @@ type Customer struct {
 	EmailVerificationExpires *time.Time     `json:"-"`
 	PasswordResetToken       string         `gorm:"size:255" json:"-"`
 	PasswordResetExpires     *time.Time     `json:"-"`
+	WebdavToken              string         `gorm:"size:255" json:"-"`
+	WebdavExpires            *time.Time     `json:"-"`
 	LastPasswordResetRequest *time.Time     `json:"-"`
 	LastLoginAt              *time.Time     `json:"last_login_at,omitempty"`
 	LangID                   uint           `gorm:"default:2" json:"lang_id"`    // User's preferred language
@@ -82,6 +84,15 @@ type UserSession struct {
 	IsActive  bool         `json:"is_active"`
 }
 
+type UserLocale struct {
+	// User is the Target user if present, otherwise same as Original.
+	// User ought to be used in applications
+	User *Customer
+	// Original user is the one associated with auth token
+	OriginalUser *Customer
+	// Importantly, lang_id used in application is stored as OriginalUser.LangID
+}
+
 // ToSession converts User to UserSession
 func (u *Customer) ToSession() *UserSession {
 	return &UserSession{
@@ -98,6 +109,7 @@ func (u *Customer) ToSession() *UserSession {
 type LoginRequest struct {
 	Email    string `json:"email" form:"email"`
 	Password string `json:"password" form:"password"`
+	LangID   *uint  `json:"lang_id" form:"lang_id"`
 }
 
 // RegisterRequest represents the initial registration form data

app/model/entry.go

@@ -0,0 +1,6 @@
+package model
+
+type EntryInList struct {
+	Name     string
+	IsFolder bool
+}

app/repos/searchRepo/searchRepo.go

@@ -32,12 +32,12 @@ func New() UISearchRepo {
 }
 
 func (r *SearchRepo) Search(index string, body []byte) (*SearchProxyResponse, error) {
-	url := fmt.Sprintf("%s/indexes/%s/search", r.cfg.MailiSearch.ServerURL, index)
+	url := fmt.Sprintf("%s/indexes/%s/search", r.cfg.MeiliSearch.ServerURL, index)
 	return r.doRequest(http.MethodPost, url, body)
 }
 
 func (r *SearchRepo) GetIndexSettings(index string) (*SearchProxyResponse, error) {
-	url := fmt.Sprintf("%s/indexes/%s/settings", r.cfg.MailiSearch.ServerURL, index)
+	url := fmt.Sprintf("%s/indexes/%s/settings", r.cfg.MeiliSearch.ServerURL, index)
 	return r.doRequest(http.MethodGet, url, nil)
 }
 
@@ -55,8 +55,8 @@ func (r *SearchRepo) doRequest(method, url string, body []byte) (*SearchProxyRes
 	}
 
 	req.Header.Set("Content-Type", "application/json")
-	if r.cfg.MailiSearch.ApiKey != "" {
+	if r.cfg.MeiliSearch.ApiKey != "" {
-		req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", r.cfg.MailiSearch.ApiKey))
+		req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", r.cfg.MeiliSearch.ApiKey))
 	}
 
 	client := &http.Client{}

app/repos/storageRepo/storageRepo.go

@@ -0,0 +1,178 @@
+package storageRepo
+
+import (
+	"io"
+	"os"
+	"path/filepath"
+	"time"
+
+	"git.ma-al.com/goc_daniel/b2b/app/db"
+	"git.ma-al.com/goc_daniel/b2b/app/model"
+)
+
+type UIStorageRepo interface {
+	SaveWebdavToken(user_id uint, hash_token string, expires_at *time.Time) error
+	EntryInfo(abs_path string) (os.FileInfo, error)
+	ListContent(abs_path string) (*[]model.EntryInList, error)
+	OpenFile(abs_path string) (*os.File, error)
+	Put(abs_path string, src io.Reader) error
+	Delete(abs_path string) error
+	Mkcol(abs_path string) error
+	Move(src_abs_path string, dest_abs_path string) error
+	Copy(src_abs_path string, dest_abs_path string) error
+}
+
+type StorageRepo struct{}
+
+func New() UIStorageRepo {
+	return &StorageRepo{}
+}
+
+func (r *StorageRepo) SaveWebdavToken(user_id uint, hash_token string, expires_at *time.Time) error {
+	return db.DB.
+		Table("b2b_customers").
+		Where("id = ?", user_id).
+		Updates(map[string]interface{}{
+			"webdav_token":   hash_token,
+			"webdav_expires": expires_at,
+		}).
+		Error
+}
+
+func (r *StorageRepo) EntryInfo(abs_path string) (os.FileInfo, error) {
+	return os.Stat(abs_path)
+}
+
+func (r *StorageRepo) ListContent(abs_path string) (*[]model.EntryInList, error) {
+	entries, err := os.ReadDir(abs_path)
+	if err != nil {
+		return nil, err
+	}
+
+	var entries_in_list []model.EntryInList
+
+	for _, entry := range entries {
+		var next_entry_in_list model.EntryInList
+		next_entry_in_list.Name = entry.Name()
+		next_entry_in_list.IsFolder = entry.IsDir()
+
+		entries_in_list = append(entries_in_list, next_entry_in_list)
+	}
+
+	return &entries_in_list, nil
+}
+
+func (r *StorageRepo) OpenFile(abs_path string) (*os.File, error) {
+	return os.Open(abs_path)
+}
+
+func (r *StorageRepo) Put(abs_path string, src io.Reader) error {
+	// Write to a temp file in the same directory, then atomically rename.
+	tmp, err := os.CreateTemp(filepath.Dir(abs_path), ".put-*")
+	if err != nil {
+		return err
+	}
+	tmp_name := tmp.Name()
+	cleanup_tmp := true
+	defer func() {
+		_ = tmp.Close()
+		if cleanup_tmp {
+			_ = os.Remove(tmp_name)
+		}
+	}()
+
+	_, err = io.Copy(tmp, src)
+	if err != nil {
+		return err
+	}
+
+	err = tmp.Sync()
+	if err != nil {
+		return err
+	}
+	err = tmp.Close()
+	if err != nil {
+		return err
+	}
+
+	err = os.Chmod(tmp_name, 0o644)
+	if err != nil {
+		return err
+	}
+
+	err = os.Rename(tmp_name, abs_path)
+	if err != nil {
+		return err
+	}
+
+	cleanup_tmp = false
+	return nil
+}
+
+func (r *StorageRepo) Delete(abs_path string) error {
+	return os.RemoveAll(abs_path)
+}
+
+func (r *StorageRepo) Mkcol(abs_path string) error {
+	return os.Mkdir(abs_path, 0755)
+}
+
+func (r *StorageRepo) Move(src_abs_path string, dest_abs_path string) error {
+	return os.Rename(src_abs_path, dest_abs_path)
+}
+
+func (r *StorageRepo) Copy(src_abs_path string, dest_abs_path string) error {
+	info, err := os.Stat(src_abs_path)
+	if err != nil {
+		return err
+	}
+
+	if info.IsDir() {
+		return r.copyDir(src_abs_path, dest_abs_path)
+	} else {
+		return r.copyFile(src_abs_path, dest_abs_path)
+	}
+}
+
+func (r *StorageRepo) copyFile(src_abs_path string, dest_abs_path string) error {
+	f, err := os.Open(src_abs_path)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	err = r.Put(dest_abs_path, f)
+	return err
+}
+
+func (r *StorageRepo) copyDir(src_abs_path string, dest_abs_path string) error {
+	if err := os.Mkdir(dest_abs_path, 0755); err != nil {
+		return err
+	}
+
+	entries, err := os.ReadDir(src_abs_path)
+	if err != nil {
+		return err
+	}
+
+	for _, entry := range entries {
+
+		entity_src_path := filepath.Join(src_abs_path, entry.Name())
+		entity_dst_Path := filepath.Join(dest_abs_path, entry.Name())
+
+		if entry.IsDir() {
+			err = r.copyDir(entity_src_path, entity_dst_Path)
+			if err != nil {
+				return err
+			}
+
+		} else {
+			err = r.copyFile(entity_src_path, entity_dst_Path)
+			if err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}

app/service/authService/auth.go

@@ -83,6 +83,15 @@ func (s *AuthService) Login(req *model.LoginRequest) (*model.AuthResponse, strin
 	// Update last login time
 	now := time.Now()
 	user.LastLoginAt = &now
+
+	if req.LangID != nil {
+		_, err := s.GetLangISOCode(*req.LangID)
+		if err != nil {
+			return nil, "", responseErrors.ErrBadLangID
+		}
+		user.LangID = *req.LangID
+	}
+
 	s.db.Save(&user)
 
 	// Generate access token (JWT)
@@ -443,6 +452,19 @@ func (s *AuthService) GetUserByEmail(email string) (*model.Customer, error) {
 	return &user, nil
 }
 
+func (s *AuthService) GetUserByWebdavToken(rawToken string) (*model.Customer, error) {
+	tokenHash := hashToken(rawToken)
+
+	var user model.Customer
+	if err := s.db.Where("webdav_token = ?", tokenHash).First(&user).Error; err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return nil, responseErrors.ErrUserNotFound
+		}
+		return nil, fmt.Errorf("database error: %w", err)
+	}
+	return &user, nil
+}
+
 // createRefreshToken generates a random opaque token, stores its hash in the DB, and returns the raw token.
 func (s *AuthService) createRefreshToken(userID uint) (string, error) {
 	// Generate 32 random bytes → 64-char hex string

app/service/emailService/email.go

@@ -10,6 +10,7 @@ import (
 	"git.ma-al.com/goc_daniel/b2b/app/config"
 	"git.ma-al.com/goc_daniel/b2b/app/service/langsService"
 	"git.ma-al.com/goc_daniel/b2b/app/templ/emails"
+	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
 	"git.ma-al.com/goc_daniel/b2b/app/utils/i18n"
 	"git.ma-al.com/goc_daniel/b2b/app/view"
 )
@@ -133,6 +134,6 @@ func (s *EmailService) passwordResetEmailTemplate(name, resetURL string, langID
 // newUserAdminNotificationTemplate returns the HTML template for admin notification
 func (s *EmailService) newUserAdminNotificationTemplate(userEmail, userName, baseURL string) string {
 	buf := bytes.Buffer{}
-	emails.EmailAdminNotificationWrapper(view.EmailLayout[view.EmailAdminNotificationData]{LangID: 2, Data: view.EmailAdminNotificationData{UserEmail: userEmail, UserName: userName, BaseURL: baseURL}}).Render(context.Background(), &buf)
+	emails.EmailAdminNotificationWrapper(view.EmailLayout[view.EmailAdminNotificationData]{LangID: constdata.ADMIN_NOTIFICATION_LANGUAGE, Data: view.EmailAdminNotificationData{UserEmail: userEmail, UserName: userName, BaseURL: baseURL}}).Render(context.Background(), &buf)
 	return buf.String()
 }

app/service/meiliService/meiliService.go

@@ -27,8 +27,8 @@ type MeiliService struct {
 func New() *MeiliService {
 
 	client := meilisearch.New(
-		config.Get().MailiSearch.ServerURL,
+		config.Get().MeiliSearch.ServerURL,
-		meilisearch.WithAPIKey(config.Get().MailiSearch.ApiKey),
+		meilisearch.WithAPIKey(config.Get().MeiliSearch.ApiKey),
 	)
 
 	return &MeiliService{

app/service/storageService/storageService.go

@@ -0,0 +1,283 @@
+package storageService
+
+import (
+	"crypto/rand"
+	"crypto/sha256"
+	"encoding/hex"
+	"encoding/xml"
+	"io"
+	"net/http"
+	"net/url"
+	"os"
+	"path"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"time"
+
+	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/repos/storageRepo"
+	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/responseErrors"
+)
+
+type StorageService struct {
+	storageRepo storageRepo.UIStorageRepo
+}
+
+func New() *StorageService {
+	return &StorageService{
+		storageRepo: storageRepo.New(),
+	}
+}
+
+func (s *StorageService) EntryInfo(abs_path string) (os.FileInfo, error) {
+	return s.storageRepo.EntryInfo(abs_path)
+}
+
+func (s *StorageService) NewWebdavToken(user_id uint) (string, error) {
+	b := make([]byte, constdata.NBYTES_IN_WEBDAV_TOKEN)
+
+	_, err := rand.Read(b)
+	if err != nil {
+		return "", err
+	}
+
+	raw_token := hex.EncodeToString(b)
+	hash_token_bytes := sha256.Sum256([]byte(raw_token))
+	hash_token := hex.EncodeToString(hash_token_bytes[:])
+	expires_at := time.Now().Add(24 * time.Hour)
+
+	return raw_token, s.storageRepo.SaveWebdavToken(user_id, hash_token, &expires_at)
+}
+
+func (s *StorageService) DownloadFilePrep(abs_path string) (*os.File, string, int64, error) {
+	info, err := s.storageRepo.EntryInfo(abs_path)
+	if err != nil || info.IsDir() {
+		return nil, "", 0, responseErrors.ErrFileDoesNotExist
+	}
+
+	f, err := s.storageRepo.OpenFile(abs_path)
+	if err != nil {
+		return nil, "", 0, err
+	}
+
+	return f, filepath.Base(abs_path), info.Size(), nil
+}
+
+func (s *StorageService) ListContent(abs_path string) (*[]model.EntryInList, error) {
+	info, err := s.storageRepo.EntryInfo(abs_path)
+	if err != nil || !info.IsDir() {
+		return nil, responseErrors.ErrFolderDoesNotExist
+	}
+
+	entries_in_list, err := s.storageRepo.ListContent(abs_path)
+	return entries_in_list, err
+}
+
+func (s *StorageService) Propfind(root string, abs_path string, depth string) (string, error) {
+	href := href(root, abs_path)
+
+	max_depth := 0
+	switch depth {
+	case "0":
+		max_depth = 0
+	case "1":
+		max_depth = 1
+	case "infinity":
+		max_depth = 32
+	default:
+		max_depth = 0
+	}
+
+	info, err := s.storageRepo.EntryInfo(abs_path)
+	if err != nil {
+		return "", err
+	}
+
+	xml := `<?xml version="1.0" encoding="utf-8"?>` +
+		`<D:multistatus xmlns:D="DAV:">`
+
+	if info.IsDir() {
+		href = ensureTrailingSlash(href)
+		next_xml, err := buildDirPropResponse(abs_path, href, info, max_depth)
+		if err != nil {
+			return "", err
+		}
+		xml += next_xml
+	} else {
+		xml += buildFilePropResponse(href, info)
+	}
+
+	xml += `</D:multistatus>`
+
+	return xml, nil
+}
+
+func (s *StorageService) Put(abs_path string, src io.Reader) error {
+	return s.storageRepo.Put(abs_path, src)
+}
+
+func (s *StorageService) Delete(abs_path string) error {
+	return s.storageRepo.Delete(abs_path)
+}
+
+func (s *StorageService) Mkcol(abs_path string) error {
+	_, err := s.storageRepo.EntryInfo(abs_path)
+	if err == nil {
+		return responseErrors.ErrNameTaken
+	} else if os.IsNotExist(err) {
+		return s.storageRepo.Mkcol(abs_path)
+	} else {
+		return err
+	}
+}
+
+func (s *StorageService) Move(src_abs_path string, dest_abs_path string) error {
+	return s.storageRepo.Move(src_abs_path, dest_abs_path)
+}
+
+func (s *StorageService) Copy(src_abs_path string, dest_abs_path string) error {
+	return s.storageRepo.Copy(src_abs_path, dest_abs_path)
+}
+
+func buildFilePropResponse(href string, info os.FileInfo) string {
+	name := info.Name()
+	return "" +
+		"<D:response>" +
+		"<D:href>" + xmlEscape(href) + "</D:href>" +
+		"<D:propstat>" +
+		"<D:prop>" +
+		"<D:displayname>" + xmlEscape(name) + "</D:displayname>" +
+		"<D:getcontentlength>" + strconv.FormatInt(info.Size(), 10) + "</D:getcontentlength>" +
+		"<D:getlastmodified>" + xmlEscape(info.ModTime().UTC().Format(http.TimeFormat)) + "</D:getlastmodified>" +
+		"<D:resourcetype/>" +
+		"</D:prop>" +
+		"<D:status>HTTP/1.1 200 OK</D:status>" +
+		"</D:propstat>" +
+		"</D:response>"
+}
+
+func buildDirPropResponse(abs_path string, href string, info os.FileInfo, max_depth int) (string, error) {
+	name := info.Name()
+
+	xml := "" +
+		"<D:response>" +
+		"<D:href>" + xmlEscape(ensureTrailingSlash(href)) + "</D:href>" +
+		"<D:propstat>" +
+		"<D:prop>" +
+		"<D:displayname>" + xmlEscape(name) + "</D:displayname>" +
+		"<D:resourcetype><D:collection/></D:resourcetype>" +
+		"<D:getlastmodified>" + xmlEscape(info.ModTime().UTC().Format(http.TimeFormat)) + "</D:getlastmodified>" +
+		"</D:prop>" +
+		"<D:status>HTTP/1.1 200 OK</D:status>" +
+		"</D:propstat>" +
+		"</D:response>"
+
+	if max_depth <= 0 {
+		return xml, nil
+	}
+
+	entries, err := os.ReadDir(abs_path)
+	if err != nil {
+		return "", err
+	}
+
+	for _, entry := range entries {
+		child_abs_path := filepath.Join(abs_path, entry.Name())
+		child_href := path.Join(href, entry.Name())
+
+		child_info, err := entry.Info()
+		if err != nil {
+			return "", err
+		}
+
+		var xml_next string
+		if entry.IsDir() {
+			xml_next, err = buildDirPropResponse(child_abs_path, ensureTrailingSlash(child_href), child_info, max_depth-1)
+		} else {
+			xml_next = buildFilePropResponse(child_href, child_info)
+		}
+
+		if err != nil {
+			return "", err
+		}
+		xml += xml_next
+	}
+
+	return xml, nil
+}
+
+func ensureTrailingSlash(s string) string {
+	if s == "/" {
+		return s
+	}
+	if !strings.HasSuffix(s, "/") {
+		return s + "/"
+	}
+	return s
+}
+
+func xmlEscape(s string) string {
+	var b strings.Builder
+	xml.EscapeText(&b, []byte(s))
+	return b.String()
+}
+
+// Returns href based on file's absolute path. Doesn't validate abs_path
+func href(root string, abs_path string) string {
+	rel, _ := filepath.Rel(root, abs_path)
+
+	if rel == "." {
+		return constdata.WEBDAV_HREF_ROOT + "/"
+	}
+
+	rel = filepath.ToSlash(rel)
+
+	parts := strings.Split(rel, "/")
+	for i, p := range parts {
+		parts[i] = url.PathEscape(p)
+	}
+
+	return strings.TrimRight(constdata.WEBDAV_HREF_ROOT, "/") + "/" + strings.Join(parts, "/")
+}
+
+// AbsPath extracts an absolute path and validates it
+func (s *StorageService) AbsPath(root string, relative_path string) (string, error) {
+	decoded, err := url.PathUnescape(relative_path)
+	if err != nil {
+		return "", err
+	}
+
+	clean_name := filepath.Clean(decoded)
+	full_path := filepath.Join(root, clean_name)
+
+	if full_path != root && !strings.HasPrefix(full_path, root+"/") {
+		return "", responseErrors.ErrAccessDenied
+	}
+
+	return full_path, nil
+}
+
+// ObtainDestPath extracts the absolute path based on URL absolute path
+func (s *StorageService) ObtainDestPath(root string, dest_path string) (string, error) {
+	idx := strings.Index(dest_path, constdata.WEBDAV_TRIMMED_ROOT)
+	if idx == -1 {
+		return "", responseErrors.ErrAccessDenied
+	}
+	prefix_removed := dest_path[idx+len(constdata.WEBDAV_TRIMMED_ROOT):]
+
+	decoded, err := url.PathUnescape(prefix_removed)
+	if err != nil {
+		return "", err
+	}
+
+	clean_dest_path := filepath.Clean(decoded)
+	if clean_dest_path == "" {
+		return root, nil
+	} else if strings.HasPrefix(clean_dest_path, "/") {
+		return root + "/" + strings.TrimPrefix(clean_dest_path, "/"), nil
+	} else {
+		return "", responseErrors.ErrAccessDenied
+	}
+}

app/utils/const_data/consts.go

@@ -4,6 +4,7 @@ package constdata
 const PASSWORD_VALIDATION_REGEX = `^(?=.*[a-z])(?=.*[A-Z])(?=.*\d).{10,}$`
 const SHOP_ID = 1
 const SHOP_DEFAULT_LANGUAGE = 1
+const ADMIN_NOTIFICATION_LANGUAGE = 2
 
 // CATEGORY_TREE_ROOT_ID corresponds to id_category in ps_category which has is_root_category=1
 const CATEGORY_TREE_ROOT_ID = 2
@@ -11,5 +12,9 @@ const CATEGORY_TREE_ROOT_ID = 2
 const MAX_AMOUNT_OF_CARTS_PER_USER = 10
 const DEFAULT_NEW_CART_NAME = "new cart"
 
-const USER_LOCALES_NAME = "user"
+const USER_LOCALE = "user"
-const USER_LOCALES_ID = "userID"
+
+// WEBDAV
+const NBYTES_IN_WEBDAV_TOKEN = 32
+const WEBDAV_HREF_ROOT = "http://localhost:3000/api/v1/webdav/storage"
+const WEBDAV_TRIMMED_ROOT = "localhost:3000/api/v1/webdav/storage"

app/utils/i18n/i18n.go

@@ -8,6 +8,7 @@ import (
 	"sync"
 
 	"git.ma-al.com/goc_daniel/b2b/app/model"
+	"git.ma-al.com/goc_daniel/b2b/app/utils/localeExtractor"
 	"github.com/gofiber/fiber/v3"
 )
 
@@ -177,7 +178,7 @@ func (s *TranslationsStore) ReloadTranslations(translations []model.Translation)
 
 // T_ is meant to be used to translate error messages and other system communicates.
 func T_[T ~string](c fiber.Ctx, key T, params ...interface{}) string {
-	if langID, ok := c.Locals("langID").(uint); ok {
+	if langID, ok := localeExtractor.GetLangID(c); ok {
 		parts := strings.Split(string(key), ".")
 
 		if len(parts) >= 2 {

app/utils/localeExtractor/localeExtractor.go

@@ -0,0 +1,31 @@
+package localeExtractor
+
+import (
+	"git.ma-al.com/goc_daniel/b2b/app/model"
+	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
+	"github.com/gofiber/fiber/v3"
+)
+
+func GetLangID(c fiber.Ctx) (uint, bool) {
+	user_locale, ok := c.Locals(constdata.USER_LOCALE).(*model.UserLocale)
+	if !ok || user_locale.OriginalUser == nil {
+		return 0, false
+	}
+	return user_locale.OriginalUser.LangID, true
+}
+
+func GetUserID(c fiber.Ctx) (uint, bool) {
+	user_locale, ok := c.Locals(constdata.USER_LOCALE).(*model.UserLocale)
+	if !ok || user_locale.User == nil {
+		return 0, false
+	}
+	return user_locale.User.ID, true
+}
+
+func GetOriginalUserRole(c fiber.Ctx) (model.CustomerRole, bool) {
+	user_locale, ok := c.Locals(constdata.USER_LOCALE).(*model.UserLocale)
+	if !ok || user_locale.OriginalUser == nil {
+		return "", false
+	}
+	return user_locale.OriginalUser.Role, true
+}

app/utils/responseErrors/responseErrors.go

@@ -16,6 +16,7 @@ var (
 	ErrInvalidToken        = errors.New("invalid token")
 	ErrTokenExpired        = errors.New("token has expired")
 	ErrTokenRequired       = errors.New("token is required")
+	ErrAdminAccessRequired = errors.New("admin access is required")
 
 	// Typed errors for logging in and registering
 	ErrInvalidCredentials    = errors.New("invalid email or password")
@@ -59,6 +60,13 @@ var (
 	ErrMaxAmtOfCartsReached              = errors.New("maximal amount of carts reached")
 	ErrUserHasNoSuchCart                 = errors.New("user does not have cart with given id")
 	ErrProductOrItsVariationDoesNotExist = errors.New("product or its variation with given ids does not exist")
+
+	// Typed errors for storage
+	ErrAccessDenied             = errors.New("access denied!")
+	ErrFolderDoesNotExist       = errors.New("folder does not exist")
+	ErrFileDoesNotExist         = errors.New("file does not exist")
+	ErrNameTaken                = errors.New("name taken")
+	ErrMissingFileFieldDocument = errors.New("missing file field 'document'")
 )
 
 // Error represents an error with HTTP status code
@@ -111,6 +119,8 @@ func GetErrorCode(c fiber.Ctx, err error) string {
 		return i18n.T_(c, "error.err_token_required")
 	case errors.Is(err, ErrRefreshTokenRequired):
 		return i18n.T_(c, "error.err_refresh_token_required")
+	case errors.Is(err, ErrAdminAccessRequired):
+		return i18n.T_(c, "error.err_admin_access_required")
 	case errors.Is(err, ErrBadLangID):
 		return i18n.T_(c, "error.err_bad_lang_id")
 	case errors.Is(err, ErrBadCountryID):
@@ -162,6 +172,17 @@ func GetErrorCode(c fiber.Ctx, err error) string {
 	case errors.Is(err, ErrProductOrItsVariationDoesNotExist):
 		return i18n.T_(c, "error.product_or_its_variation_does_not_exist")
 
+	case errors.Is(err, ErrAccessDenied):
+		return i18n.T_(c, "error.access_denied")
+	case errors.Is(err, ErrFolderDoesNotExist):
+		return i18n.T_(c, "error.folder_does_not_exist")
+	case errors.Is(err, ErrFileDoesNotExist):
+		return i18n.T_(c, "error.file_does_not_exist")
+	case errors.Is(err, ErrNameTaken):
+		return i18n.T_(c, "error.name_taken")
+	case errors.Is(err, ErrMissingFileFieldDocument):
+		return i18n.T_(c, "error.missing_file_field_document")
+
 	default:
 		return i18n.T_(c, "error.err_internal_server_error")
 	}
@@ -184,6 +205,7 @@ func GetErrorStatus(err error) int {
 		errors.Is(err, ErrEmailPasswordRequired),
 		errors.Is(err, ErrTokenRequired),
 		errors.Is(err, ErrRefreshTokenRequired),
+		errors.Is(err, ErrAdminAccessRequired),
 		errors.Is(err, ErrBadLangID),
 		errors.Is(err, ErrBadCountryID),
 		errors.Is(err, ErrPasswordsDoNotMatch),
@@ -203,7 +225,12 @@ func GetErrorStatus(err error) int {
 		errors.Is(err, ErrRootNeverReached),
 		errors.Is(err, ErrMaxAmtOfCartsReached),
 		errors.Is(err, ErrUserHasNoSuchCart),
-		errors.Is(err, ErrProductOrItsVariationDoesNotExist):
+		errors.Is(err, ErrProductOrItsVariationDoesNotExist),
+		errors.Is(err, ErrAccessDenied),
+		errors.Is(err, ErrFolderDoesNotExist),
+		errors.Is(err, ErrFileDoesNotExist),
+		errors.Is(err, ErrNameTaken),
+		errors.Is(err, ErrMissingFileFieldDocument):
 		return fiber.StatusBadRequest
 	case errors.Is(err, ErrEmailExists):
 		return fiber.StatusConflict

bruno/b2b-daniel/save-product-description.yml

@@ -0,0 +1,28 @@
+info:
+  name: save-product-description
+  type: http
+  seq: 19
+
+http:
+  method: POST
+  url: http://localhost:3000/api/v1/restricted/product-translation/save-product-description?productID=1&productLangID=3
+  params:
+    - name: productID
+      value: "1"
+      type: query
+    - name: productLangID
+      value: "3"
+      type: query
+  body:
+    type: json
+    data: |-
+      {
+        "description": "<p>Der Einsatz von Rehabilitationsrollen in verschiedenen Übungen und Behandlungen wirkt sich positiv auf die Reduzierung von Verletzungen und die Genesungschancen aus. Sie werden in der Rehabilitation, bei Korrekturgymnastik sowie in der traditionellen und Sportmassage eingesetzt, da sie ideal zum Anheben und Spreizen von Gliedmaßen geeignet sind. Zudem können sie zur Unterstützung von Knien, Füßen, Armen und Schultern verwendet werden. Auch für Kinder sind Rehabilitationsrollen empfehlenswert; ihre spielerische Anwendung fördert die Entwicklung der Grobmotorik.</p><p> Dank der großen Auswahl an Farben und Größen lässt sich ein Übungsset zusammenstellen, das in jeder Physiotherapiepraxis, jedem Massageraum, jeder Schule oder jedem Kindergarten benötigt wird.</p><p> Die Rehabilitationsrolle ist ein Medizinprodukt, das den grundlegenden Anforderungen an Medizinprodukte und den Bestimmungen des Medizinproduktegesetzes entspricht, im Register für Medizinprodukte des Amtes für die Registrierung von Arzneimitteln, Medizinprodukten und Biozidprodukten eingetragen ist, mit der Konformitätserklärung des Herstellers versehen ist und das CE-Zeichen trägt. </p><p></p><p><img src=\"https://www.naluconcept.com/img/cms/Logotypy/images.jpg\" alt=\"Medizinprodukt\" style=\"margin-left:auto;margin-right:auto;\" width=\"253\" height=\"86\" /></p><h4> <strong>Empfohlene Verwendung:</strong></h4><ul style=\"list-style-type:circle;\"><li> in der Rehabilitation</li><li> während Massagen (traditionell, Sport)</li><li> in der Korrekturgymnastik (insbesondere für Kinder)</li><li> zur Linderung von Verletzungen einzelner Körperteile</li><li> Zur Unterstützung von: Knien, Knöcheln, Kopf des Patienten</li><li> bei Übungen zur Entwicklung der motorischen Fähigkeiten von Kindern</li><li> in Schönheitssalons</li><li> in Kinderspielzimmern</li></ul><p></p><h4> <strong>Materialspezifikationen:</strong></h4><p> <strong>Abdeckung:</strong> PVC-beschichtetes Material, das für medizinische Geräte vorgesehen ist und daher sehr leicht zu reinigen und zu desinfizieren ist:</p><ul style=\"list-style-type:circle;\"><li> Material gemäß REACH-Verordnung, zertifiziert mit dem STANDARD 100 Zertifikat von OEKO-TEX®.</li><li> Enthält keine Phthalate</li><li> feuerfest</li><li> resistent gegenüber physiologischen Flüssigkeiten (Blut, Urin, Schweiß) und Alkohol</li><li> UV-beständig, daher auch für den Einsatz im Freien geeignet.</li><li> kratzfest</li><li> ölbeständig </li></ul><p><img src=\"https://www.naluconcept.com/img/cms/Logotypy/reach.jpg\" alt=\"ERREICHEN\" width=\"115\" height=\"115\" /><img src=\"https://www.naluconcept.com/img/cms/Logotypy/oeko-tex.jpg\" alt=\"Öko-Tex Standard 100 Zertifikat\" width=\"116\" height=\"114\" /><img src=\"https://www.naluconcept.com/img/cms/Logotypy/phthalate-free.jpg\" alt=\"Enthält keine Phthalate\" width=\"112\" height=\"111\" /><img src=\"https://www.naluconcept.com/img/cms/Logotypy/fireresistant.jpg\" alt=\"Feuerfest\" width=\"114\" height=\"113\" /><img src=\"https://www.naluconcept.com/img/cms/Logotypy/odporny-na-alkohol.jpg\" alt=\"Alkoholbeständig\" width=\"114\" height=\"114\" /><img src=\"https://www.naluconcept.com/img/cms/Logotypy/odporny-na-uv.jpg\" alt=\"UV-beständig\" width=\"117\" height=\"116\" /><img src=\"https://www.naluconcept.com/img/cms/Logotypy/outdoor.jpg\" alt=\"Für den Einsatz im Freien konzipiert\" width=\"116\" height=\"116\" /><img src=\"https://www.naluconcept.com/img/cms/Logotypy/odporny-na-zadrapania.jpg\" alt=\"Kratzfest\" width=\"97\" height=\"96\" /><img src=\"https://www.naluconcept.com/img/cms/Logotypy/olejoodporny.jpg\" alt=\"Ölbeständig\" width=\"99\" height=\"98\" /></p><p> <strong>Füllung:</strong> mittelharter Polyurethanschaum mit erhöhter Verformungsbeständigkeit:</p><ul style=\"list-style-type:circle;\"><li> besitzt ein Hygienezertifikat, ausgestellt vom Institut für Maritime und Tropenmedizin in Gdynia</li><li> zertifiziert mit dem STANDARD 100 by OEKO-TEX® Zertifikat – Produktklasse I, ausgestellt vom Textilforschungsinstitut in Łódź</li><li> Hergestellt aus hochwertigen Rohstoffen, die die Ozonschicht nicht schädigen. </li></ul><p><img src=\"https://www.naluconcept.com/img/cms/Logotypy/oeko-tex.jpg\" alt=\"Öko-Tex Standard 100 Zertifikat\" width=\"95\" height=\"95\" /><img src=\"https://www.naluconcept.com/img/cms/Logotypy/Logo_GUMed_kolor-180x180.jpg\" alt=\"Hygienezertifikat\" width=\"94\" height=\"94\" /><img src=\"https://www.naluconcept.com/img/cms/Logotypy/atest_higieniczny_kolor.jpg\" alt=\"Hygienezertifikat\" width=\"79\" height=\"94\" /></p><p></p><p></p>"
+      }
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b-daniel/translate-product-description.yml

@@ -0,0 +1,28 @@
+info:
+  name: translate-product-description
+  type: http
+  seq: 21
+
+http:
+  method: GET
+  url: http://localhost:3000/api/v1/restricted/product-translation/translate-product-description?productID=51&productFromLangID=1&productToLangID=3&model=Google
+  params:
+    - name: productID
+      value: "51"
+      type: query
+    - name: productFromLangID
+      value: "1"
+      type: query
+    - name: productToLangID
+      value: "3"
+      type: query
+    - name: model
+      value: Google
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b_daniel/auth/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: auth
+  type: folder
+  seq: 1
+
+request:
+  auth: inherit

bruno/b2b_daniel/auth/update-choice.yml

@@ -1,7 +1,7 @@
 info:
   name: update-choice
   type: http
-  seq: 3
+  seq: 1
 
 http:
   method: POST

bruno/b2b_daniel/carts/add-new-cart.yml

@@ -1,7 +1,7 @@
 info:
   name: add-new-cart
   type: http
-  seq: 11
+  seq: 1
 
 http:
   method: GET

bruno/b2b_daniel/carts/add-product-to-cart (1).yml

@@ -1,7 +1,7 @@
 info:
   name: add-product-to-cart (1)
   type: http
-  seq: 16
+  seq: 1
 
 http:
   method: GET

bruno/b2b_daniel/carts/add-product-to-cart.yml

@@ -1,7 +1,7 @@
 info:
   name: add-product-to-cart
   type: http
-  seq: 15
+  seq: 14
 
 http:
   method: GET

bruno/b2b_daniel/carts/change-cart-name.yml

@@ -1,7 +1,7 @@
 info:
   name: change-cart-name
   type: http
-  seq: 12
+  seq: 1
 
 http:
   method: GET

bruno/b2b_daniel/carts/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: carts
+  type: folder
+  seq: 7
+
+request:
+  auth: inherit

bruno/b2b_daniel/carts/retrieve-cart.yml

@@ -1,7 +1,7 @@
 info:
   name: retrieve-cart
   type: http
-  seq: 14
+  seq: 1
 
 http:
   method: GET

bruno/b2b_daniel/carts/retrieve-carts-info.yml

@@ -1,7 +1,7 @@
 info:
   name: retrieve-carts-info
   type: http
-  seq: 13
+  seq: 1
 
 http:
   method: GET

bruno/b2b_daniel/langs-and-countries/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: langs-and-countries
+  type: folder
+  seq: 4
+
+request:
+  auth: inherit

bruno/b2b_daniel/langs-and-countries/get_countries.yml

@@ -1,7 +1,7 @@
 info:
   name: get_countries
   type: http
-  seq: 4
+  seq: 1
 
 http:
   method: GET

bruno/b2b_daniel/list/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: list
+  type: folder
+  seq: 3
+
+request:
+  auth: inherit

bruno/b2b_daniel/list/list-products.yml

@@ -5,7 +5,7 @@ info:
 
 http:
   method: GET
-  url: http://localhost:3000/api/v1/restricted/list/list-products?p=1&elems=10
+  url: http://localhost:3000/api/v1/restricted/list/list-products?p=1&elems=10&target_user_id=2
   params:
     - name: p
       value: "1"
@@ -13,6 +13,9 @@ http:
     - name: elems
       value: "10"
       type: query
+    - name: target_user_id
+      value: "2"
+      type: query
 
 settings:
   encodeUrl: true

bruno/b2b_daniel/list/list-users.yml

@@ -1,7 +1,7 @@
 info:
   name: list-users
   type: http
-  seq: 2
+  seq: 1
 
 http:
   method: GET

bruno/b2b_daniel/menu/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: menu
+  type: folder
+  seq: 5
+
+request:
+  auth: inherit

bruno/b2b_daniel/menu/get-breadcrumb.yml

@@ -1,7 +1,7 @@
 info:
   name: get-breadcrumb
   type: http
-  seq: 18
+  seq: 1
 
 http:
   method: GET

bruno/b2b_daniel/menu/get-category-tree.yml

@@ -1,7 +1,7 @@
 info:
   name: get-category-tree
   type: http
-  seq: 5
+  seq: 1
 
 http:
   method: GET

bruno/b2b_daniel/product-translation/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: product-translation
+  type: folder
+  seq: 2
+
+request:
+  auth: inherit

bruno/b2b_daniel/product-translation/get-product-description.yml

@@ -1,7 +1,7 @@
 info:
   name: get-product-description
   type: http
-  seq: 17
+  seq: 1
 
 http:
   method: GET

bruno/b2b_daniel/product-translation/translate-product-description.yml

@@ -0,0 +1,28 @@
+info:
+  name: translate-product-description
+  type: http
+  seq: 24
+
+http:
+  method: GET
+  url: http://localhost:3000/api/v1/restricted/product-translation/translate-product-description?productID=51&productFromLangID=2&productToLangID=3&model=Google
+  params:
+    - name: productID
+      value: "51"
+      type: query
+    - name: productFromLangID
+      value: "2"
+      type: query
+    - name: productToLangID
+      value: "3"
+      type: query
+    - name: model
+      value: Google
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b_daniel/search/create-index.yml

@@ -1,11 +1,11 @@
 info:
   name: create-index
   type: http
-  seq: 7
+  seq: 1
 
 http:
   method: GET
-  url: http://localhost:3000/api/v1/restricted/meili-search/create-index
+  url: http://localhost:3000/api/v1/restricted/search/create-index
   auth: inherit
 
 settings:

bruno/b2b_daniel/search/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: search
+  type: folder
+  seq: 6
+
+request:
+  auth: inherit

bruno/b2b_daniel/search/get-indexes.yml

@@ -1,7 +1,7 @@
 info:
   name: get-indexes
   type: http
-  seq: 9
+  seq: 1
 
 http:
   method: GET

bruno/b2b_daniel/search/remove-index.yml

@@ -1,7 +1,7 @@
 info:
   name: remove-index
   type: http
-  seq: 8
+  seq: 1
 
 http:
   method: DELETE

bruno/b2b_daniel/search/search.yml

@@ -1,11 +1,11 @@
 info:
   name: search
   type: http
-  seq: 10
+  seq: 1
 
 http:
   method: GET
-  url: http://localhost:3000/api/v1/restricted/meili-search/search?query=w&limit=4&id_category=0&price_lower_bound=60.0&price_upper_bound=70.0
+  url: http://localhost:3000/api/v1/restricted/search/search?query=w&limit=4&id_category=0&price_lower_bound=60.0&price_upper_bound=70.0
   params:
     - name: query
       value: w

bruno/b2b_daniel/search/test.yml

@@ -1,11 +1,11 @@
 info:
   name: test
   type: http
-  seq: 6
+  seq: 1
 
 http:
   method: GET
-  url: http://localhost:3000/api/v1/restricted/meili-search/test
+  url: http://localhost:3000/api/v1/restricted/search/test
   auth: inherit
 
 settings:

bruno/b2b_daniel/storage-old/copy.yml

@@ -0,0 +1,19 @@
+info:
+  name: copy
+  type: http
+  seq: 7
+
+http:
+  method: GET
+  url: http://localhost:3000/api/v1/restricted/storage/copy/folder1/test.txt?dest_path=/folder/a.txt
+  params:
+    - name: dest_path
+      value: /folder/a.txt
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b_daniel/storage-old/create-folder.yml

@@ -0,0 +1,19 @@
+info:
+  name: create-folder
+  type: http
+  seq: 1
+
+http:
+  method: GET
+  url: http://localhost:3000/api/v1/restricted/storage/create-folder?name=folder
+  params:
+    - name: name
+      value: folder
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b_daniel/storage-old/delete-file.yml

@@ -0,0 +1,15 @@
+info:
+  name: delete-file
+  type: http
+  seq: 1
+
+http:
+  method: DELETE
+  url: http://localhost:3000/api/v1/restricted/storage/delete-file/folder1/TODO.txt
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b_daniel/storage-old/delete-folder.yml

@@ -0,0 +1,15 @@
+info:
+  name: delete-folder
+  type: http
+  seq: 1
+
+http:
+  method: DELETE
+  url: http://localhost:3000/api/v1/restricted/storage/delete-folder/folder/
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b_daniel/storage-old/download-file.yml

@@ -0,0 +1,15 @@
+info:
+  name: download-file
+  type: http
+  seq: 1
+
+http:
+  method: GET
+  url: http://localhost:3000/api/v1/restricted/storage/download-file/folder1/test.xlsx
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b_daniel/storage-old/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: storage-old
+  type: folder
+  seq: 1
+
+request:
+  auth: inherit

bruno/b2b_daniel/storage-old/list-content.yml

@@ -0,0 +1,15 @@
+info:
+  name: list-content
+  type: http
+  seq: 1
+
+http:
+  method: GET
+  url: http://localhost:3000/api/v1/restricted/storage/list-content/folder1
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b_daniel/storage-old/move.yml

@@ -0,0 +1,19 @@
+info:
+  name: move
+  type: http
+  seq: 8
+
+http:
+  method: GET
+  url: http://localhost:3000/api/v1/restricted/storage/move/folder?dest_path=/folder1/test.txt
+  params:
+    - name: dest_path
+      value: /folder1/test.txt
+      type: query
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b_daniel/storage-old/upload-file.yml

@@ -0,0 +1,22 @@
+info:
+  name: upload-file
+  type: http
+  seq: 1
+
+http:
+  method: POST
+  url: http://localhost:3000/api/v1/restricted/storage/upload-file/folder1/
+  body:
+    type: multipart-form
+    data:
+      - name: document
+        type: file
+        value:
+          - /home/daniel/TODO.txt
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b_daniel/storage-restricted/create-new-webdav-token.yml

@@ -0,0 +1,15 @@
+info:
+  name: create-new-webdav-token
+  type: http
+  seq: 1
+
+http:
+  method: GET
+  url: http://localhost:3000/api/v1/restricted/storage/create-new-webdav-token
+  auth: inherit
+
+settings:
+  encodeUrl: true
+  timeout: 0
+  followRedirects: true
+  maxRedirects: 5

bruno/b2b_daniel/storage-restricted/folder.yml

@@ -0,0 +1,7 @@
+info:
+  name: storage-restricted
+  type: folder
+  seq: 9
+
+request:
+  auth: inherit

go.mod

@@ -36,6 +36,8 @@ require (
 	github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
 	github.com/googleapis/gax-go/v2 v2.15.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+	github.com/mattn/go-runewidth v0.0.16 // indirect
+	github.com/rivo/uniseg v0.2.0 // indirect
 	github.com/spf13/pflag v1.0.6 // indirect
 	github.com/tidwall/gjson v1.18.0 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
@@ -98,7 +100,7 @@ require (
 	github.com/valyala/fasthttp v1.69.0 // indirect
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	github.com/xyproto/randomstring v1.2.0 // indirect
-	golang.org/x/net v0.52.0 // indirect
+	golang.org/x/net v0.52.0
 	golang.org/x/sync v0.20.0 // indirect
 	golang.org/x/sys v0.42.0 // indirect
 	golang.org/x/text v0.35.0 // indirect

go.sum

@@ -72,6 +72,8 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
 github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
 github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
 github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
+github.com/gofiber/fiber/v2 v2.52.12 h1:0LdToKclcPOj8PktUdIKo9BUohjjwfnQl42Dhw8/WUw=
+github.com/gofiber/fiber/v2 v2.52.12/go.mod h1:YEcBbO/FB+5M1IZNBP9FO3J9281zgPAreiI1oqg8nDw=
 github.com/gofiber/fiber/v3 v3.1.0 h1:1p4I820pIa+FGxfwWuQZ5rAyX0WlGZbGT6Hnuxt6hKY=
 github.com/gofiber/fiber/v3 v3.1.0/go.mod h1:n2nYQovvL9z3Too/FGOfgtERjW3GQcAUqgfoezGBZdU=
 github.com/gofiber/schema v1.7.0 h1:yNM+FNRZjyYEli9Ey0AXRBrAY9jTnb+kmGs3lJGPvKg=
@@ -134,6 +136,8 @@ github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHP
 github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc=
+github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
 github.com/mattn/go-sqlite3 v1.14.8/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
 github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
 github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
@@ -154,6 +158,8 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
 github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
 github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=

i18n/migrations/20260302163122_create_tables.sql

@@ -69,6 +69,8 @@ CREATE TABLE IF NOT EXISTS b2b_customers (
   email_verification_expires      DATETIME(6) NULL,
   password_reset_token            VARCHAR(255) NULL,
   password_reset_expires          DATETIME(6) NULL,
+  webdav_token                    VARCHAR(255) NULL,
+  webdav_expires                  DATETIME(6) NULL,
   last_password_reset_request     DATETIME(6) NULL,
   last_login_at                   DATETIME(6) NULL,
   lang_id                         BIGINT NULL DEFAULT 2,
@@ -84,6 +86,8 @@ ON b2b_customers (email);
 CREATE INDEX IF NOT EXISTS idx_customers_deleted_at
 ON b2b_customers (deleted_at);
 
+CREATE INDEX IF NOT EXISTS idx_customers_webdav_token
+ON b2b_customers (webdav_token);
 
 -- customer_carts
 CREATE TABLE IF NOT EXISTS b2b_customer_carts (