goc_daniel/b2b
2
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases Wiki Activity

no-vat-customers #71

Merged
dudzic_wiktor merged 8 commits from no-vat-customers into main 2026-04-15 11:32:14 +00:00
Conversation 1 Commits 8 Files Changed 7 +19 -105
6 changed files with 19 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit e31ecda582 - Show all commits

3
app/delivery/middleware/auth.go
View File

@@ -7,6 +7,7 @@ import (
"time" "time"
"git.ma-al.com/goc_daniel/b2b/app/config" "git.ma-al.com/goc_daniel/b2b/app/config"
"git.ma-al.com/goc_daniel/b2b/app/delivery/middleware/perms"
"git.ma-al.com/goc_daniel/b2b/app/model" "git.ma-al.com/goc_daniel/b2b/app/model"
"git.ma-al.com/goc_daniel/b2b/app/service/authService" "git.ma-al.com/goc_daniel/b2b/app/service/authService"
constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data" constdata "git.ma-al.com/goc_daniel/b2b/app/utils/const_data"
@@ -68,7 +69,7 @@ func Authenticate() fiber.Handler {
} }
// We now populate the target user // We now populate the target user
if model.CustomerRole(user.Role.Name) != model.RoleAdmin { if !userLocale.OriginalUser.HasPermission(perms.Teleport) {
return c.Next() return c.Next()
} }

1
app/delivery/middleware/perms/permissions.go
View File

@@ -14,4 +14,5 @@ const (
SearchCreateIndex Permission = "search.create_index" SearchCreateIndex Permission = "search.create_index"
OrdersViewAll Permission = "orders.view_all" OrdersViewAll Permission = "orders.view_all"
OrdersModifyAll Permission = "orders.modify_all" OrdersModifyAll Permission = "orders.modify_all"
Teleport Permission = "teleport"
) )

12
app/delivery/web/api/restricted/customer.go
View File

@@ -31,7 +31,7 @@ func CustomerHandlerRoutes(r fiber.Router) fiber.Router {
handler := NewCustomerHandler() handler := NewCustomerHandler()
r.Get("", handler.customerData) r.Get("", handler.customerData)
r.Get("/list", handler.listCustomers) r.Get("/list", middleware.Require(perms.UserReadAny), handler.listCustomers)
r.Patch("/no-vat", middleware.Require(perms.UserWriteAny), handler.setCustomerNoVatStatus) r.Patch("/no-vat", middleware.Require(perms.UserWriteAny), handler.setCustomerNoVatStatus)
return r return r
} }
@@ -77,10 +77,6 @@ func (h *customerHandler) listCustomers(fc fiber.Ctx) error {
return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)). return fc.Status(responseErrors.GetErrorStatus(responseErrors.ErrBadAttribute)).
JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute))) JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrBadAttribute)))
} }
if !user.HasPermission(perms.UserReadAny) {
return fc.Status(fiber.StatusForbidden).
JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrForbidden)))
}
p, filt, err := query_params.ParseFilters[model.Customer](fc, columnMappingListUsers) p, filt, err := query_params.ParseFilters[model.Customer](fc, columnMappingListUsers)
if err != nil { if err != nil {
@@ -89,12 +85,6 @@ func (h *customerHandler) listCustomers(fc fiber.Ctx) error {
} }
search := fc.Query("search") search := fc.Query("search")
if search != "" {
if !user.HasPermission(perms.UserReadAny) {
return fc.Status(fiber.StatusForbidden).
JSON(response.Make(nullable.GetNil(""), 0, responseErrors.GetErrorCode(fc, responseErrors.ErrForbidden)))
}
}
customer, err := h.service.Find(user.LangID, p, filt, search) customer, err := h.service.Find(user.LangID, p, filt, search)
if err != nil { if err != nil {

93
app/repos/customerRepo/customerRepo.go
View File

@@ -1,6 +1,7 @@
package customerRepo package customerRepo
import ( import (
"fmt"
"strings" "strings"
"git.ma-al.com/goc_daniel/b2b/app/db" "git.ma-al.com/goc_daniel/b2b/app/db"
@@ -81,13 +82,16 @@ func (repo *CustomerRepo) Find(langId uint, p find.Paging, filt *filters.Filters
for _, word := range words { for _, word := range words {
conditions = append(conditions, ` conditions = append(conditions, `
(LOWER(first_name) LIKE ? OR (
id = ? OR
LOWER(first_name) LIKE ? OR
LOWER(last_name) LIKE ? OR LOWER(last_name) LIKE ? OR
LOWER(email) LIKE ?) LOWER(email) LIKE ?)
`) `)
args = append(args, strings.ToLower(word))
for range 3 { for range 3 {
args = append(args, "%"+strings.ToLower(word)+"%") args = append(args, fmt.Sprintf("%%%s%%", strings.ToLower(word)))
} }
} }
@@ -115,88 +119,3 @@ func (repo *CustomerRepo) Create(customer *model.Customer) error {
func (repo *CustomerRepo) SetCustomerNoVatStatus(customerID uint, isNoVat bool) error { func (repo *CustomerRepo) SetCustomerNoVatStatus(customerID uint, isNoVat bool) error {
return db.DB.Model(&model.Customer{}).Where("id = ?", customerID).Update("is_no_vat", isNoVat).Error return db.DB.Model(&model.Customer{}).Where("id = ?", customerID).Update("is_no_vat", isNoVat).Error
} }
// func (repo *CustomerRepo) Search(
// customerId uint,
// partnerCode string,
// p find.Paging,
// filt *filters.FiltersList,
// search string,
// ) (found find.Found[model.UserInList], err error) {
// words := strings.Fields(search)
// if len(words) > 5 {
// words = words[:5]
// }
// query := ctx.DB().
// Model(&model.Customer{}).
// Select("customer.id AS id, customer.first_name as first_name, customer.last_name as last_name, customer.phone_number AS phone_number, customer.email AS email, count(distinct investment_plan_contract.id) as iiplan_purchases, count(distinct `order`.id) as single_purchases, entity.name as entity_name").
// Where("customer.id <> ?", customerId).
// Where("(customer.id IN (SELECT id FROM customer WHERE partner_code IN (WITH RECURSIVE partners AS (SELECT code AS dst FROM partner WHERE code = ? UNION SELECT code FROM partner JOIN partners ON partners.dst = partner.superior_code) SELECT dst FROM partners)) OR customer.recommender_code = ?)", partnerCode, partnerCode).
// Scopes(view.CustomerListQuery())
// var conditions []string
// var args []interface{}
// for _, word := range words {
// conditions = append(conditions, `
// (LOWER(first_name) LIKE ? OR
// LOWER(last_name) LIKE ? OR
// phone_number LIKE ? OR
// LOWER(email) LIKE ?)
// `)
// for i := 0; i < 4; i++ {
// args = append(args, "%"+strings.ToLower(word)+"%")
// }
// }
// finalQuery := strings.Join(conditions, " AND ")
// query = query.Where(finalQuery, args...).
// Scopes(filt.All()...)
// found, err = find.Paginate[V](ctx, p, query)
// return found, errs.Recorded(span, err)
// }
// func (repo *ListRepo) ListUsers(id_lang uint, p find.Paging, filt *filters.FiltersList) (find.Found[model.UserInList], error) {
// var list []model.UserInList
// var total int64
// query := db.Get().
// Table("b2b_customers AS users").
// Select(`
// users.id AS id,
// users.email AS email,
// users.first_name AS first_name,
// users.last_name AS last_name,
// users.role AS role
// `)
// // Apply all filters
// if filt != nil {
// filt.ApplyAll(query)
// }
// // run counter first as query is without limit and offset
// err := query.Count(&total).Error
// if err != nil {
// return find.Found[model.UserInList]{}, err
// }
// err = query.
// Order("users.id DESC").
// Limit(p.Limit()).
// Offset(p.Offset()).
// Find(&list).Error
// if err != nil {
// return find.Found[model.UserInList]{}, err
// }
// return find.Found[model.UserInList]{
// Items: list,
// Count: uint(total),
// }, nil
// }

6
i18n/migrations/20260302163100_routes.sql
View File

@@ -42,12 +42,6 @@ INSERT IGNORE INTO `b2b_top_menu` (`menu_id`, `label`, `parent_id`, `params`, `a
(3, JSON_COMPACT('{"name":"admin-products","trans":{"pl":{"label":"admin-products"},"en":{"label":"admin-products"},"de":{"label":"admin-products"}}}'),1,JSON_COMPACT('{}'),1,1), (3, JSON_COMPACT('{"name":"admin-products","trans":{"pl":{"label":"admin-products"},"en":{"label":"admin-products"},"de":{"label":"admin-products"}}}'),1,JSON_COMPACT('{}'),1,1),
(9, JSON_COMPACT('{"name":"carts","trans":{"pl":{"label":"Koszyki"},"en":{"label":"Carts"},"de":{"label":"Warenkörbe"}}}'),3,JSON_COMPACT('{"route": {"name": "home", "params":{"locale": ""}}}'),1,1); (9, JSON_COMPACT('{"name":"carts","trans":{"pl":{"label":"Koszyki"},"en":{"label":"Carts"},"de":{"label":"Warenkörbe"}}}'),3,JSON_COMPACT('{"route": {"name": "home", "params":{"locale": ""}}}'),1,1);
CREATE TABLE `b2b_route_roles` (
`route_id` INT NOT NULL,
`role_id` BIGINT UNSIGNED NOT NULL,
PRIMARY KEY (`id`, `role_id`)
);
-- +goose Down -- +goose Down

9
i18n/migrations/20260302163123_create_tables_data.sql
View File

@@ -40,6 +40,9 @@ INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('6', 'webdav.create_token')
INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('7', 'product_translation.save'); INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('7', 'product_translation.save');
INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('8', 'product_translation.translate'); INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('8', 'product_translation.translate');
INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('9', 'search.create_index'); INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('9', 'search.create_index');
INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('10', 'orders.view_all');
INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('11', 'orders.modify_all');
INSERT INTO `b2b_permissions` (`id`, `name`) VALUES ('12', 'teleport');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '1'); INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '1');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '2'); INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '2');
@@ -50,6 +53,9 @@ INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '6'
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '7'); INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '7');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '8'); INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '8');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '9'); INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '9');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '10');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '11');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('2', '12');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '1'); INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '1');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '2'); INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '2');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '3'); INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '3');
@@ -59,6 +65,9 @@ INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '6'
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '7'); INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '7');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '8'); INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '8');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '9'); INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '9');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '10');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '11');
INSERT INTO `b2b_role_permissions` (`role_id`, `permission_id`) VALUES ('3', '12');
INSERT INTO `b2b_route_roles` (`route_id`, `role_id`) VALUES INSERT INTO `b2b_route_roles` (`route_id`, `role_id`) VALUES
(1, '1'), (1, '1'),