Starting to implement permissions into frontend

2025-01-30 15:50:58 +01:00
parent 8d2214e5dd
commit 0e707e8721
16 changed files with 715 additions and 35 deletions
--- a/backend/api/blogs/delete.go
+++ b/backend/api/blogs/delete.go
@@ -1,17 +1,17 @@
 package blogs
-<<<<<<< HEAD

 import (
 	"context"
 	"log"
 	"net/http"

-	"fr.latosa-escrima/api/core"
+	"fr.latosa-escrima/core"
+	"fr.latosa-escrima/core/models"
 )

 func HandleDelete(w http.ResponseWriter, r *http.Request) {
 	uuid := r.PathValue("blog_uuid")
-	var blog core.Blog
+	var blog models.Blog
 	res, err := core.DB.NewDelete().
 		Model(&blog).
 		Where("blog_id = ?", uuid).
@@ -31,5 +31,3 @@ func HandleDelete(w http.ResponseWriter, r *http.Request) {
 		Message: "Blog deleted.",
 	}.Respond(w, http.StatusOK)
 }
-=======
->>>>>>> dev/cedric
--- a/backend/api/events_routes.go
+++ b/backend/api/events_routes.go
@@ -19,6 +19,9 @@ var EventsRoutes = map[string]core.Handler{
 		Handler:     events.HandleDelete,
 		Middlewares: []core.Middleware{Methods("DELETE"), AuthJWT}},
 	"/events/{event_uuid}/update": {
-		Handler:     events.HandleUpdate,
-		Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT}},
+		Handler: events.HandleUpdate,
+		Middlewares: []core.Middleware{
+			Methods("PATCH"),
+			HasPermissions("events", "update"),
+			AuthJWT}},
 }
--- a/backend/api/middlewares.go
+++ b/backend/api/middlewares.go
@@ -9,8 +9,10 @@ import (

 	"fr.latosa-escrima/api/users"
 	core "fr.latosa-escrima/core"
+	"fr.latosa-escrima/core/models"
 	"fr.latosa-escrima/utils"
 	"github.com/golang-jwt/jwt/v5"
+	"github.com/google/uuid"
 )

 func CORS(next http.Handler) http.Handler {
@@ -78,12 +80,12 @@ func AuthJWT(next http.Handler) http.Handler {
 }

 // @param methods string -> HttpMethods separated by commas.
-func Methods(methods string) core.Middleware {
-	_methods := strings.Split(strings.ToUpper(methods), ",")
+func Methods(methods ...string) core.Middleware {
+	// _methods := strings.Split(strings.ToUpper(methods), ",")
 	middleware := func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			if len(methods) > 0 {
-				if !utils.Contains(_methods, r.Method) {
+				if !utils.Contains(methods, r.Method) {
 					core.JSONError{
 						Status:  core.Error,
 						Message: "Method is not allowed.",
@@ -98,3 +100,109 @@ func Methods(methods string) core.Middleware {

 	return middleware
 }
+
+// WARNING: For this to work, the Middleware AuthJWT has to be applied after in
+// the Middleswares ([]core.Middleware)
+//
+// This Middleware behaves like a AND on the actions. The user must have all the
+// listed actions on this particular resource.
+func HasPermissions(resource string, actions ...string) core.Middleware {
+	var middleware core.Middleware = func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			ctx := context.Background()
+			token, ok := r.Context().Value("token").(*jwt.Token)
+			if !ok {
+				core.JSONError{
+					Status:  core.Error,
+					Message: "Couldn't retrieve your JWT.",
+				}.Respond(w, http.StatusInternalServerError)
+				return
+			}
+
+			claims, ok := token.Claims.(jwt.MapClaims)
+			if !ok {
+				core.JSONError{
+					Status:  core.Error,
+					Message: "Invalid token claims.",
+				}.Respond(w, http.StatusInternalServerError)
+				return
+			}
+
+			id, err := uuid.Parse(claims["user_id"].(string))
+			if err != nil {
+				core.JSONError{
+					Status:  core.Error,
+					Message: err.Error(),
+				}.Respond(w, http.StatusInternalServerError)
+				return
+			}
+
+			var user models.User
+			count, err := core.DB.NewSelect().Model(&user).
+				Where("user_id = ?", id).
+				Relation("Roles.Permissions").
+				Limit(1).
+				ScanAndCount(ctx)
+			if count == 0 {
+				core.JSONError{
+					Status:  core.Error,
+					Message: "The user doesn't exist",
+				}.Respond(w, http.StatusNotFound)
+				return
+			}
+
+			if err != nil {
+				core.JSONError{
+					Status:  core.Error,
+					Message: err.Error(),
+				}.Respond(w, http.StatusInternalServerError)
+				return
+			}
+
+			// permissions := utils.MergeArrays(
+			// 	utils.Map(user.Roles, func(r models.Role) []models.Permission {
+			// 		return r.Permissions
+			// 	})...)
+			//
+			// for _, action := range actions {
+			// 	permission := utils.Find(permissions, func(p models.Permission, i int) bool {
+			// 		return resource == p.Resource && action == p.Action
+			// 	})
+			// 	if permission == nil {
+			// 		core.JSONError{
+			// 			Status:  core.Error,
+			// 			Message: fmt.Sprintf("The user doesn't have the proper permission %s:%s", resource, action),
+			// 		}.Respond(w, http.StatusUnauthorized)
+			// 		return
+			// 	}
+			// }
+
+			permissionsSet := make(map[string]struct{}) // Set to store unique permissions
+
+			// Populate the set with user's permissions
+			for _, role := range user.Roles {
+				for _, perm := range role.Permissions {
+					key := perm.Resource + ":" + perm.Action
+					permissionsSet[key] = struct{}{} // Store as a set for fast lookups
+				}
+			}
+
+			// Check if the user has all required permissions
+			for _, action := range actions {
+				key := resource + ":" + action
+				if _, exists := permissionsSet[key]; !exists {
+					core.JSONError{
+						Status:  core.Error,
+						Message: fmt.Sprintf("The user doesn't have the proper permission %s:%s", resource, action),
+					}.Respond(w, http.StatusUnauthorized)
+					return
+				}
+			}
+
+			next.ServeHTTP(w, r)
+		})
+
+	}
+
+	return middleware
+}
--- a/backend/api/permissions/resource_actions.go
+++ b/backend/api/permissions/resource_actions.go
@@ -0,0 +1,55 @@
+package permissions
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+
+	"fr.latosa-escrima/core"
+	"fr.latosa-escrima/core/models"
+	"github.com/jackc/pgtype"
+)
+
+type ResourceActions struct {
+	Resource string           `bun:"resource" json:"resource"`
+	Actions  pgtype.TextArray `bun:"actions" json:"actions"`
+}
+
+func HandleResourceActions(w http.ResponseWriter, r *http.Request) {
+	var groupedPermissions []ResourceActions
+	err := core.DB.NewSelect().
+		Model((*models.Permission)(nil)).
+		Column("resource").
+		ColumnExpr("array_agg(action) AS actions").
+		Group("resource").
+		Scan(context.Background(), &groupedPermissions)
+
+	fmt.Println(groupedPermissions)
+
+	if err != nil {
+		core.JSONError{
+			Status:  core.Error,
+			Message: err.Error(),
+		}.Respond(w, http.StatusInternalServerError)
+		return
+	}
+
+	result := make([]map[string]interface{}, 0)
+
+	for _, gp := range groupedPermissions {
+		var actions []string
+
+		_ = gp.Actions.AssignTo(&actions)
+
+		result = append(result, map[string]interface{}{
+			"resource": gp.Resource,
+			"actions":  actions,
+		})
+	}
+
+	core.JSONSuccess{
+		Status:  core.Success,
+		Message: "Permissions found.",
+		Data:    result,
+	}.Respond(w, http.StatusOK)
+}
--- a/backend/api/permissions_routes.go
+++ b/backend/api/permissions_routes.go
@@ -10,6 +10,10 @@ var PermissionsRoutes = map[string]core.Handler{
 		Handler:     permissions.HandlePermissions,
 		Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
 	},
+	"/permissions/grouped": {
+		Handler:     permissions.HandleResourceActions,
+		Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
+	},
 	"/permissions/{permission_id}": {
 		Handler:     permissions.HandlePermission,
 		Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
--- a/backend/api/users_routes.go
+++ b/backend/api/users_routes.go
@@ -9,31 +9,41 @@ var UserRoutes = map[string]core.Handler{
 	"/users/login": {
 		Handler:     users.HandleLogin,
 		Middlewares: []core.Middleware{Methods("POST")}},
+	// Could add users:own:get permission there, but don't think it's
+	// necessary
 	"/users/me": {
 		Handler:     users.HandleMe,
 		Middlewares: []core.Middleware{Methods("GET"), AuthJWT}},
 	"/users": {
-		Handler:     users.HandleUsers,
-		Middlewares: []core.Middleware{Methods("GET"), AuthJWT}},
+		Handler: users.HandleUsers,
+		Middlewares: []core.Middleware{Methods("GET"),
+			HasPermissions("users", "get"), AuthJWT}},
 	"/users/new": {
-		Handler:     users.HandleNew,
-		Middlewares: []core.Middleware{Methods("POST"), AuthJWT}},
+		Handler: users.HandleNew,
+		Middlewares: []core.Middleware{Methods("POST"),
+			HasPermissions("users", "insert"), AuthJWT}},
 	"/users/{user_uuid}": {
-		Handler:     users.HandleUser,
-		Middlewares: []core.Middleware{Methods("GET"), AuthJWT}},
+		Handler: users.HandleUser,
+		Middlewares: []core.Middleware{Methods("GET"),
+			HasPermissions("users", "get"), AuthJWT}},
 	"/users/{user_uuid}/delete": {
-		Handler:     users.HandleDelete,
-		Middlewares: []core.Middleware{Methods("DELETE"), AuthJWT}},
+		Handler: users.HandleDelete,
+		Middlewares: []core.Middleware{Methods("DELETE"),
+			HasPermissions("users", "delete"), AuthJWT}},
 	"/users/{user_uuid}/update": {
-		Handler:     users.HandleUpdate,
-		Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT}},
+		Handler: users.HandleUpdate,
+		Middlewares: []core.Middleware{Methods("PATCH"),
+			HasPermissions("users", "update"), AuthJWT}},
 	"/users/{user_uuid}/roles": {
-		Handler:     users.HandleRoles,
-		Middlewares: []core.Middleware{Methods("GET"), AuthJWT}},
+		Handler: users.HandleRoles,
+		Middlewares: []core.Middleware{Methods("GET"),
+			HasPermissions("users", "get"), AuthJWT}},
 	"/users/{user_uuid}/roles/{role_id}/add": {
-		Handler:     users.HandleAddRole,
-		Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT}},
+		Handler: users.HandleAddRole,
+		Middlewares: []core.Middleware{Methods("PATCH"),
+			HasPermissions("users", "update"), AuthJWT}},
 	"/users/{user_uuid}/roles/{role_id}/remove": {
-		Handler:     users.HandleRemoveRole,
-		Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT}},
+		Handler: users.HandleRemoveRole,
+		Middlewares: []core.Middleware{Methods("PATCH"),
+			HasPermissions("users", "update"), AuthJWT}},
 }
--- a/backend/go.mod
+++ b/backend/go.mod
@@ -14,6 +14,7 @@ require (

 require (
 	github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect
+	github.com/jackc/pgio v1.0.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
 )
@@ -26,6 +27,7 @@ require (

 require (
 	github.com/fatih/color v1.18.0 // indirect
+	github.com/jackc/pgtype v1.14.4
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
--- a/backend/go.sum
+++ b/backend/go.sum
@@ -1,36 +1,128 @@
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs=
+github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ=
+github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc=
 github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM=
 github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU=
+github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
+github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
+github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
+github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
 github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
 github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gorilla/csrf v1.7.2 h1:oTUjx0vyf2T+wkrx09Trsev1TE+/EbDAeHtSTbtC2eI=
 github.com/gorilla/csrf v1.7.2/go.mod h1:F1Fj3KG23WYHE6gozCmBAezKookxbIvUJT+121wTuLk=
 github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
 github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
+github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo=
+github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
+github.com/jackc/chunkreader/v2 v2.0.1/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
+github.com/jackc/pgconn v0.0.0-20190420214824-7e0022ef6ba3/go.mod h1:jkELnwuX+w9qN5YIfX0fl88Ehu4XC3keFuOJJk9pcnA=
+github.com/jackc/pgconn v0.0.0-20190824142844-760dd75542eb/go.mod h1:lLjNuW/+OfW9/pnVKPazfWOgNfH2aPem8YQ7ilXGvJE=
+github.com/jackc/pgconn v0.0.0-20190831204454-2fabfa3c18b7/go.mod h1:ZJKsE/KZfsUgOEh9hBm+xYTstcNHg7UPMVJqRfQxq4s=
+github.com/jackc/pgconn v1.8.0/go.mod h1:1C2Pb36bGIP9QHGBYCjnyhqu7Rv3sGshaQUvmfGIB/o=
+github.com/jackc/pgconn v1.9.0/go.mod h1:YctiPyvzfU11JFxoXokUOOKQXQmDMoJL9vJzHH8/2JY=
+github.com/jackc/pgconn v1.9.1-0.20210724152538-d89c8390a530/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI=
+github.com/jackc/pgconn v1.14.3/go.mod h1:RZbme4uasqzybK2RK5c65VsHxoyaml09lx3tXOcO/VM=
+github.com/jackc/pgio v1.0.0 h1:g12B9UwVnzGhueNavwioyEEpAmqMe1E/BN9ES+8ovkE=
+github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8=
+github.com/jackc/pgmock v0.0.0-20190831213851-13a1b77aafa2/go.mod h1:fGZlG77KXmcq05nJLRkk0+p82V8B8Dw8KN2/V9c/OAE=
+github.com/jackc/pgmock v0.0.0-20201204152224-4fe30f7445fd/go.mod h1:hrBW0Enj2AZTNpt/7Y5rr2xe/9Mn757Wtb2xeBzPv2c=
+github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65/go.mod h1:5R2h2EEX+qri8jOWMbJCtaPWkrrNc7OHwsp2TCqp7ak=
+github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
+github.com/jackc/pgproto3 v1.1.0/go.mod h1:eR5FA3leWg7p9aeAqi37XOTgTIbkABlvcPB3E5rlc78=
+github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190420180111-c116219b62db/go.mod h1:bhq50y+xrl9n5mRYyCBFKkpRVTLYJVWeCc+mEAI3yXA=
+github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190609003834-432c2951c711/go.mod h1:uH0AWtUmuShn0bcesswc4aBTWGvw0cAxIJp+6OB//Wg=
+github.com/jackc/pgproto3/v2 v2.0.0-rc3/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM=
+github.com/jackc/pgproto3/v2 v2.0.0-rc3.0.20190831210041-4c03ce451f29/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM=
+github.com/jackc/pgproto3/v2 v2.0.6/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgproto3/v2 v2.1.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgproto3/v2 v2.3.3/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E=
+github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
+github.com/jackc/pgtype v0.0.0-20190421001408-4ed0de4755e0/go.mod h1:hdSHsc1V01CGwFsrv11mJRHWJ6aifDLfdV3aVjFF0zg=
+github.com/jackc/pgtype v0.0.0-20190824184912-ab885b375b90/go.mod h1:KcahbBH1nCMSo2DXpzsoWOAfFkdEtEJpPbVLq8eE+mc=
+github.com/jackc/pgtype v0.0.0-20190828014616-a8802b16cc59/go.mod h1:MWlu30kVJrUS8lot6TQqcg7mtthZ9T0EoIBFiJcmcyw=
+github.com/jackc/pgtype v1.8.1-0.20210724151600-32e20a603178/go.mod h1:C516IlIV9NKqfsMCXTdChteoXmwgUceqaLfjg2e3NlM=
+github.com/jackc/pgtype v1.14.0/go.mod h1:LUMuVrfsFfdKGLw+AFFVv6KtHOFMwRgDDzBt76IqCA4=
+github.com/jackc/pgtype v1.14.4 h1:fKuNiCumbKTAIxQwXfB/nsrnkEI6bPJrrSiMKgbJ2j8=
+github.com/jackc/pgtype v1.14.4/go.mod h1:aKeozOde08iifGosdJpz9MBZonJOUJxqNpPBcMJTlVA=
+github.com/jackc/pgx/v4 v4.0.0-20190420224344-cc3461e65d96/go.mod h1:mdxmSJJuR08CZQyj1PVQBHy9XOp5p8/SHH6a0psbY9Y=
+github.com/jackc/pgx/v4 v4.0.0-20190421002000-1b8f0016e912/go.mod h1:no/Y67Jkk/9WuGR0JG/JseM9irFbnEPbuWV2EELPNuM=
+github.com/jackc/pgx/v4 v4.0.0-pre1.0.20190824185557-6972a5742186/go.mod h1:X+GQnOEnf1dqHGpw7JmHqHc1NxDoalibchSk9/RWuDc=
+github.com/jackc/pgx/v4 v4.12.1-0.20210724153913-640aa07df17c/go.mod h1:1QD0+tgSXP7iUjYm9C1NxKhny7lq6ee99u/z+IHFcgs=
+github.com/jackc/pgx/v4 v4.18.2/go.mod h1:Ey4Oru5tH5sB6tV7hDmfWFahwF15Eb7DNXlRKx2CkVw=
+github.com/jackc/puddle v0.0.0-20190413234325-e4ced69a3a2b/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v1.3.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
 github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
 github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
 github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
 github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.1.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
 github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
+github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ=
+github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
 github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
+github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/puzpuzpuz/xsync/v3 v3.4.0 h1:DuVBAdXuGFHv8adVXjWWZ63pJq+NRXOWVXlKDBZ+mJ4=
 github.com/puzpuzpuz/xsync/v3 v3.4.0/go.mod h1:VjzYrABPabuM4KyBh1Ftq6u8nhwY5tBPKP9jpmh0nnA=
+github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
+github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
+github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU=
+github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
+github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4=
+github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
+github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
+github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc h1:9lRDQMhESg+zvGYmW5DyG0UqvY96Bu5QYsTLvCHdrgo=
@@ -51,17 +143,114 @@ github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAh
 github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds=
 github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4=
 github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
+go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
+go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
+go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
+go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
+go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
+go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
+go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU=
+go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA=
+go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
+go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
+go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=
+golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
+golang.org/x/crypto v0.20.0/go.mod h1:Xwo95rrVNIoSMx9wa1JroENMToLWn3RNVrTBpLHgZPQ=
 golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
 golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
+golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
 golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
+golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
+golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190823170909-c4a336ef6a2f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
+golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc h1:2gGKlE2+asNV9m7xrywl36YYNnBG5ZQ0r/BOOxqPpmk=
 gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod h1:m7x9LTH6d71AHyAX77c9yqWCCa3UKHcVEj9y7hAtKDk=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df h1:n7WqCuqOuCbNr617RXOY0AWRXxgwEyPp2z+p0+hgMuE=
 gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkpBDuZnXENFzX8qRjMDMyPD6BRkCw=
+gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 mellium.im/sasl v0.3.2 h1:PT6Xp7ccn9XaXAnJ03FcEjmAn7kK1x7aoXV6F+Vmrl0=
 mellium.im/sasl v0.3.2/go.mod h1:NKXDi1zkr+BlMHLQjY3ofYuU4KSPFxknb8mfEu6SveY=
--- a/backend/main.go
+++ b/backend/main.go
@@ -66,8 +66,11 @@ func main() {

 	baseRoutes := map[string]core.Handler{
 		"/": {
-			Handler:     handler,
-			Middlewares: []core.Middleware{api.Methods("get")}},
+			Handler: handler,
+			Middlewares: []core.Middleware{api.Methods("GET"),
+				api.HasPermissions("users", "insert", "jfkdjfdk"),
+				api.AuthJWT,
+			}},
 		"/contact": {
 			Handler:     api.HandleContact,
 			Middlewares: []core.Middleware{api.Methods("POST"), CSRFMiddleware},
--- a/backend/utils/for_each.go
+++ b/backend/utils/for_each.go
@@ -0,0 +1,14 @@
+package utils
+
+func Find[T comparable](arr []T, callback func(v T, index int) bool) *T {
+	var result *T = nil
+
+	for i := 0; i < len(arr); i++ {
+		if stop := callback(arr[i], i); stop {
+			result = &arr[i]
+			break
+		}
+	}
+
+	return result
+}
--- a/backend/utils/merge_arrays.go
+++ b/backend/utils/merge_arrays.go
@@ -0,0 +1,11 @@
+package utils
+
+func MergeArrays[K comparable](arrays ...[]K) []K {
+	merged := make([]K, 0)
+
+	for _, v := range arrays {
+		merged = append(merged, v...)
+	}
+
+	return merged
+}
--- a/backend/utils/merge_arrays_test.go
+++ b/backend/utils/merge_arrays_test.go
@@ -0,0 +1,64 @@
+package utils
+
+import (
+	"reflect"
+	"testing"
+)
+
+func TestMergeArrays(t *testing.T) {
+	type Person struct {
+		Name string
+		Age  int
+	}
+
+	tests := []struct {
+		name     string
+		arrays   interface{}
+		expected interface{}
+	}{
+		// Integer arrays
+		{"Empty arrays", [][]int{}, []int{}},
+		{"Single array", [][]int{{1, 2, 3}}, []int{1, 2, 3}},
+		{"Two arrays", [][]int{{1, 2}, {3, 4}}, []int{1, 2, 3, 4}},
+		{"Multiple arrays", [][]int{{1}, {2}, {3, 4}}, []int{1, 2, 3, 4}},
+		{"Array with duplicates", [][]int{{1, 2}, {2, 3}}, []int{1, 2, 2, 3}},
+
+		// String arrays
+		{"String arrays", [][]string{{"a", "b"}, {"c", "d"}}, []string{"a", "b", "c", "d"}},
+		{"String arrays with duplicates", [][]string{{"hello", "world"}, {"world", "Go"}}, []string{"hello", "world", "world", "Go"}},
+
+		// Struct arrays
+		{"Struct arrays", [][]Person{
+			{{Name: "Alice", Age: 30}, {Name: "Bob", Age: 25}},
+			{{Name: "Charlie", Age: 40}},
+		}, []Person{
+			{Name: "Alice", Age: 30},
+			{Name: "Bob", Age: 25},
+			{Name: "Charlie", Age: 40},
+		}},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			switch v := tt.arrays.(type) {
+			case [][]int:
+				result := MergeArrays(v...)
+				if !reflect.DeepEqual(result, tt.expected.([]int)) {
+					t.Errorf("MergeArrays(%v) = %v; want %v", v, result, tt.expected)
+				}
+			case [][]string:
+				result := MergeArrays(v...)
+				if !reflect.DeepEqual(result, tt.expected.([]string)) {
+					t.Errorf("MergeArrays(%v) = %v; want %v", v, result, tt.expected)
+				}
+			case [][]Person:
+				result := MergeArrays(v...)
+				if !reflect.DeepEqual(result, tt.expected.([]Person)) {
+					t.Errorf("MergeArrays(%v) = %v; want %v", v, result, tt.expected)
+				}
+			default:
+				t.Fatalf("Unsupported test case type: %T", v)
+			}
+		})
+	}
+}
--- a/frontend/app/(auth)/dashboard/settings/roles/page.tsx
+++ b/frontend/app/(auth)/dashboard/settings/roles/page.tsx
@@ -0,0 +1,209 @@
+"use client";
+
+import { useState } from "react";
+import { Card, CardContent, CardHeader, CardTitle } from "@/components/ui/card";
+import { Checkbox } from "@/components/ui/checkbox";
+import { Button } from "@/components/ui/button";
+import { Input } from "@/components/ui/input";
+import {
+	Dialog,
+	DialogContent,
+	DialogHeader,
+	DialogTitle,
+	DialogTrigger,
+	DialogFooter,
+} from "@/components/ui/dialog";
+import { ChevronDown, ChevronRight, Plus, Trash2 } from "lucide-react";
+import { toTitleCase } from "@/lib/utils";
+import { useApi } from "@/hooks/use-api";
+
+type Action = "create" | "read" | "update" | "delete";
+
+interface Permission {
+	resource: string;
+	actions: Action[];
+}
+
+interface Role {
+	name: string;
+	permissions: Permission[];
+}
+
+// Sample data
+const initialRoles: Role[] = [
+	{
+		name: "Admin",
+		permissions: [
+			{
+				resource: "users",
+				actions: ["create", "read", "update", "delete"],
+			},
+			{
+				resource: "events",
+				actions: ["create", "read", "update", "delete"],
+			},
+			{
+				resource: "blogs",
+				actions: ["create", "read", "update", "delete"],
+			},
+		],
+	},
+	{
+		name: "Editor",
+		permissions: [
+			{ resource: "users", actions: ["read"] },
+			{ resource: "events", actions: ["create", "read", "update"] },
+			{ resource: "blogs", actions: ["create", "read", "update"] },
+		],
+	},
+];
+
+interface PermissionsGrouped {
+	resource: string;
+	actions: string[];
+}
+
+export default function RolesAndPermissions() {
+	const [roles, setRoles] = useState<Role[]>(initialRoles);
+	const [newRoleName, setNewRoleName] = useState<string>("");
+	const [isDialogOpen, setIsDialogOpen] = useState<boolean>(false);
+
+	const { data: permissions } = useApi<PermissionsGrouped[]>(
+		"/permissions/grouped",
+		{},
+		true,
+	);
+
+	const addNewRole = () => {
+		if (newRoleName.trim() === "") return;
+
+		const newRole: Role = {
+			name: newRoleName.trim(),
+			permissions: [
+				{ resource: "users", actions: [] },
+				{ resource: "events", actions: [] },
+				{ resource: "blogs", actions: [] },
+			],
+		};
+		setRoles([...roles, newRole]);
+		setNewRoleName("");
+		setIsDialogOpen(false);
+	};
+
+	const deleteRole = (index: number) => {
+		const updatedRoles = roles.filter((_, i) => i !== index);
+		setRoles(updatedRoles);
+	};
+
+	return (
+		<div className="container mx-auto p-4 space-y-6">
+			<div className="flex justify-between items-center">
+				<h1 className="text-2xl font-bold">Rôles et Permissions</h1>
+				<Dialog open={isDialogOpen} onOpenChange={setIsDialogOpen}>
+					<DialogTrigger asChild>
+						<Button>
+							<Plus className="mr-2 h-4 w-4" /> Nouveau rôle
+						</Button>
+					</DialogTrigger>
+					<DialogContent>
+						<DialogHeader>
+							<DialogTitle>Nouveau rôle</DialogTitle>
+						</DialogHeader>
+						<div className="py-4">
+							<Input
+								placeholder="Nom du rôle"
+								value={newRoleName}
+								onChange={(e) => setNewRoleName(e.target.value)}
+							/>
+						</div>
+						<DialogFooter>
+							<Button
+								onClick={addNewRole}
+								disabled={newRoleName.trim() === ""}
+							>
+								Ajouter
+							</Button>
+						</DialogFooter>
+					</DialogContent>
+				</Dialog>
+			</div>
+			{roles.map((role, index) => (
+				<RoleCard
+					key={index}
+					role={role}
+					onDelete={() => deleteRole(index)}
+				/>
+			))}
+		</div>
+	);
+}
+
+interface RoleCardProps {
+	role: Role;
+	onDelete: () => void;
+}
+
+function RoleCard({ role, onDelete }: RoleCardProps) {
+	return (
+		<Card>
+			<CardHeader className="flex flex-row items-center justify-between space-y-0 pb-2">
+				<CardTitle>{role.name}</CardTitle>
+				<Button variant="destructive" size="icon" onClick={onDelete}>
+					<Trash2 className="h-4 w-4" />
+				</Button>
+			</CardHeader>
+			<CardContent>
+				{role.permissions.map((permission) => (
+					<ResourceSection
+						key={permission.resource}
+						resource={permission.resource}
+						actions={permission.actions}
+					/>
+				))}
+			</CardContent>
+		</Card>
+	);
+}
+
+interface ResourceSectionProps {
+	resource: string;
+	actions: Action[];
+}
+
+function ResourceSection({ resource, actions }: ResourceSectionProps) {
+	const [isExpanded, setIsExpanded] = useState<boolean>(false);
+
+	return (
+		<div className="mb-4">
+			<button
+				className="flex items-center text-lg font-semibold mb-2"
+				onClick={() => setIsExpanded(!isExpanded)}
+			>
+				{isExpanded ? (
+					<ChevronDown className="mr-2" />
+				) : (
+					<ChevronRight className="mr-2" />
+				)}
+				{toTitleCase(resource)}
+			</button>
+			{isExpanded && (
+				<div className="grid grid-cols-2 sm:grid-cols-4 gap-2 ml-6">
+					{actions.map((action) => (
+						<div
+							key={action}
+							className="flex items-center space-x-2"
+						>
+							<Checkbox id={`${resource}-${action}`} />
+							<label
+								htmlFor={`${resource}-${action}`}
+								className="text-sm font-medium leading-none peer-disabled:cursor-not-allowed peer-disabled:opacity-70"
+							>
+								{action}
+							</label>
+						</div>
+					))}
+				</div>
+			)}
+		</div>
+	);
+}
--- a/frontend/components/app-sidebar.tsx
+++ b/frontend/components/app-sidebar.tsx
@@ -12,6 +12,7 @@ import {
 	Calendar,
 	Loader2,
 	Camera,
+	UserRoundCog,
 } from "lucide-react";

 import { NavMain } from "@/components/nav-main";
@@ -103,6 +104,11 @@ const data = {
 					url: "/dashboard/settings/shortcodes",
 					icon: Camera,
 				},
+				{
+					title: "Rôles et Permissions",
+					url: "/dashboard/settings/roles",
+					icon: UserRoundCog,
+				},
 			],
 		},
 	],
--- a/frontend/components/planning.tsx
+++ b/frontend/components/planning.tsx
@@ -58,10 +58,7 @@ const Planning: React.FC<{
 				csrfToken: false,
 			});
 			if (res.status === "Error") {
-				console.log("Error");
-			}
-			if (res.status === "Success") {
-				calendar?.events?.update(eventSelected);
+				// calendar?.events?.update(oldEvent);
 			}
 		} catch (e) {
 			console.log(e);
@@ -89,9 +86,12 @@ const Planning: React.FC<{
 				onEventClick(event, e) {
 					setEventSelected(event);
 				},
-				async onEventUpdate(event) {
-					console.log(event);
-					await handleEventUpdate(event);
+				// async onBeforeEventUpdate(oldEvent, newEvent) {
+				// 	await request("/api/me/has-permissions")
+				// },
+				async onEventUpdate(newEvent) {
+					// console.log(event);
+					await handleEventUpdate(newEvent);
 				},
 			},
 		},
--- a/frontend/lib/utils.ts
+++ b/frontend/lib/utils.ts
@@ -4,3 +4,7 @@ import { twMerge } from "tailwind-merge";
 export function cn(...inputs: ClassValue[]) {
 	return twMerge(clsx(inputs));
 }
+
+export function toTitleCase(str: string) {
+	return str.replace(/\b\w/g, (char) => char.toUpperCase());
+}