Starting to implement permissions into frontend

2025-01-30 15:50:58 +01:00
parent 8d2214e5dd
commit 0e707e8721
16 changed files with 715 additions and 35 deletions
--- a/backend/api/users_routes.go
+++ b/backend/api/users_routes.go
@@ -9,31 +9,41 @@ var UserRoutes = map[string]core.Handler{
 	"/users/login": {
 		Handler:     users.HandleLogin,
 		Middlewares: []core.Middleware{Methods("POST")}},
+	// Could add users:own:get permission there, but don't think it's
+	// necessary
 	"/users/me": {
 		Handler:     users.HandleMe,
 		Middlewares: []core.Middleware{Methods("GET"), AuthJWT}},
 	"/users": {
-		Handler:     users.HandleUsers,
-		Middlewares: []core.Middleware{Methods("GET"), AuthJWT}},
+		Handler: users.HandleUsers,
+		Middlewares: []core.Middleware{Methods("GET"),
+			HasPermissions("users", "get"), AuthJWT}},
 	"/users/new": {
-		Handler:     users.HandleNew,
-		Middlewares: []core.Middleware{Methods("POST"), AuthJWT}},
+		Handler: users.HandleNew,
+		Middlewares: []core.Middleware{Methods("POST"),
+			HasPermissions("users", "insert"), AuthJWT}},
 	"/users/{user_uuid}": {
-		Handler:     users.HandleUser,
-		Middlewares: []core.Middleware{Methods("GET"), AuthJWT}},
+		Handler: users.HandleUser,
+		Middlewares: []core.Middleware{Methods("GET"),
+			HasPermissions("users", "get"), AuthJWT}},
 	"/users/{user_uuid}/delete": {
-		Handler:     users.HandleDelete,
-		Middlewares: []core.Middleware{Methods("DELETE"), AuthJWT}},
+		Handler: users.HandleDelete,
+		Middlewares: []core.Middleware{Methods("DELETE"),
+			HasPermissions("users", "delete"), AuthJWT}},
 	"/users/{user_uuid}/update": {
-		Handler:     users.HandleUpdate,
-		Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT}},
+		Handler: users.HandleUpdate,
+		Middlewares: []core.Middleware{Methods("PATCH"),
+			HasPermissions("users", "update"), AuthJWT}},
 	"/users/{user_uuid}/roles": {
-		Handler:     users.HandleRoles,
-		Middlewares: []core.Middleware{Methods("GET"), AuthJWT}},
+		Handler: users.HandleRoles,
+		Middlewares: []core.Middleware{Methods("GET"),
+			HasPermissions("users", "get"), AuthJWT}},
 	"/users/{user_uuid}/roles/{role_id}/add": {
-		Handler:     users.HandleAddRole,
-		Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT}},
+		Handler: users.HandleAddRole,
+		Middlewares: []core.Middleware{Methods("PATCH"),
+			HasPermissions("users", "update"), AuthJWT}},
 	"/users/{user_uuid}/roles/{role_id}/remove": {
-		Handler:     users.HandleRemoveRole,
-		Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT}},
+		Handler: users.HandleRemoveRole,
+		Middlewares: []core.Middleware{Methods("PATCH"),
+			HasPermissions("users", "update"), AuthJWT}},
 }