app/delivery/middleware/auth.go

@@ -7,6 +7,7 @@ import (
 	"time"
 
 	"git.ma-al.com/goc_daniel/b2b/app/config"
+	"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
 	"git.ma-al.com/goc_daniel/b2b/app/model"
 	"git.ma-al.com/goc_daniel/b2b/app/service/authService"
 	constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
@@ -68,7 +69,7 @@ func Authenticate() fiber.Handler {
 		}
 
 		// We now populate the target user
-		if model.CustomerRole(user.Role.Name) != model.RoleAdmin {
+		if !userLocale.OriginalUser.HasPermission(perms.Teleport) {
 			return c.Next()
 		}
 

app/delivery/middleware/perms/permissions.go

@@ -14,4 +14,5 @@ const (
 	SearchCreateIndex           Permission = "search.create_index"
 	OrdersViewAll               Permission = "orders.view_all"
 	OrdersModifyAll             Permission = "orders.modify_all"
+	Teleport                    Permission = "teleport"
 )

i18n/migrations/20260302163100_routes.sql

@@ -42,12 +42,6 @@ INSERT IGNORE INTO `b2b_top_menu` (`menu_id`, `label`, `parent_id`, `params`, `a
 (3, JSON_COMPACT('{"name":"admin-products","trans":{"pl":{"label":"admin-products"},"en":{"label":"admin-products"},"de":{"label":"admin-products"}}}'),1,JSON_COMPACT('{}'),1,1),
 (9, JSON_COMPACT('{"name":"carts","trans":{"pl":{"label":"Koszyki"},"en":{"label":"Carts"},"de":{"label":"Warenkörbe"}}}'),3,JSON_COMPACT('{"route": {"name": "home", "params":{"locale": ""}}}'),1,1);
 
-CREATE TABLE `b2b_route_roles` ( 
-  `route_id` INT NOT NULL,
-  `role_id` BIGINT UNSIGNED NOT NULL,
-   PRIMARY KEY (`id`, `role_id`)
-);
-
 
 -- +goose Down
 

i18n/migrations/20260302163123_create_tables_data.sql

@@ -40,6 +40,9 @@ INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('6', 'webdav.create_token')
 INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('7', 'product_translation.save');
 INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('8', 'product_translation.translate');
 INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('9', 'search.create_index');
+INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('10', 'orders.view_all');
+INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('11', 'orders.modify_all');
+INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('12', 'teleport');
 
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '1');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '2');
@@ -50,6 +53,9 @@ INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '6'
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '7');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '8');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '9');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '10');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '11');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '12');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '1');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '2');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '3');
@@ -59,6 +65,9 @@ INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '6'
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '7');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '8');
 INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '9');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '10');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '11');
+INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '12');
 
 INSERT INTO `b2b_route_roles` (`route_id`, `role_id`) VALUES
 (1, '1'),