cdricms/latosa-escrima
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Availability based on permissions

Browse Source
This commit is contained in:
cdricms
2025-02-19 16:16:47 +01:00
parent 446813315d
commit 2011ae93b6
26 changed files with 1071 additions and 794 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
backend/api/blogs_routes.go
View File

@@ -7,8 +7,9 @@ import (
var BlogsRoutes = map[string]core.Handler{
"/blogs/new": {
Handler: blogs.HandleNew,
Middlewares: []core.Middleware{Methods(("POST")), AuthJWT}},
Handler: blogs.HandleNew,
Middlewares: []core.Middleware{Methods(("POST")),
HasPermissions("blogs", "insert"), AuthJWT}},
"/blogs/{uuid}": {
Handler: blogs.HandleBlog,
Middlewares: []core.Middleware{Methods("GET")}},

20
backend/api/media_routes.go
View File

@@ -7,11 +7,13 @@ import (
var MediaRoutes = map[string]core.Handler{
"/media/upload": {
Handler: media.HandleUpload,
Middlewares: []core.Middleware{Methods("POST"), AuthJWT}},
Handler: media.HandleUpload,
Middlewares: []core.Middleware{Methods("POST"),
HasPermissions("media", "insert"), AuthJWT}},
"/media/verify": {
Handler: media.HandleVerify,
Middlewares: []core.Middleware{Methods("POST"), AuthJWT},
Handler: media.HandleVerify,
Middlewares: []core.Middleware{Methods("POST"),
HasPermissions("media", "insert"), AuthJWT},
},
// Paginated media response
"/media": {
@@ -29,11 +31,13 @@ var MediaRoutes = map[string]core.Handler{
Middlewares: []core.Middleware{Methods("GET")},
},
"/media/{media_uuid}/update": {
Handler: media.HandleUpdate,
Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT},
Handler: media.HandleUpdate,
Middlewares: []core.Middleware{Methods("PATCH"),
HasPermissions("media", "update"), AuthJWT},
},
"/media/{media_uuid}/delete": {
Handler: media.HandleDelete,
Middlewares: []core.Middleware{Methods("DELETE"), AuthJWT},
Handler: media.HandleDelete,
Middlewares: []core.Middleware{Methods("DELETE"),
HasPermissions("media", "delete"), AuthJWT},
},
}

20
backend/api/permissions_routes.go
View File

@@ -7,19 +7,23 @@ import (
var PermissionsRoutes = map[string]core.Handler{
"/permissions": {
Handler: permissions.HandlePermissions,
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
Handler: permissions.HandlePermissions,
Middlewares: []core.Middleware{Methods("GET"),
HasPermissions("permissions", "get"), AuthJWT},
},
"/permissions/grouped": {
Handler: permissions.HandleResourceActions,
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
Handler: permissions.HandleResourceActions,
Middlewares: []core.Middleware{Methods("GET"),
HasPermissions("permissions", "get"), AuthJWT},
},
"/permissions/resources/{resource}": {
Handler: permissions.HandlePermissionsResource,
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
Handler: permissions.HandlePermissionsResource,
Middlewares: []core.Middleware{Methods("GET"),
HasPermissions("permissions", "get"), AuthJWT},
},
"/permissions/resources/{resource}/{action}": {
Handler: permissions.HandlePermission,
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
Handler: permissions.HandlePermission,
Middlewares: []core.Middleware{Methods("GET"),
HasPermissions("permissions", "get"), AuthJWT},
},
}

40
backend/api/roles_routes.go
View File

@@ -7,35 +7,43 @@ import (
var RolesRoutes = map[string]core.Handler{
"/roles": {
Handler: roles.HandleRoles,
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
Handler: roles.HandleRoles,
Middlewares: []core.Middleware{Methods("GET"),
HasPermissions("roles", "get"), AuthJWT},
},
"/roles/new": {
Handler: roles.HandleNew,
Middlewares: []core.Middleware{Methods("POST"), AuthJWT},
Handler: roles.HandleNew,
Middlewares: []core.Middleware{Methods("POST"),
HasPermissions("roles", "insert"), AuthJWT},
},
"/roles/{role_uuid}": {
Handler: roles.HandleRole,
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
Handler: roles.HandleRole,
Middlewares: []core.Middleware{Methods("GET"),
HasPermissions("roles", "get"), AuthJWT},
},
"/roles/{role_uuid}/update": {
Handler: roles.HandleUpdate,
Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT},
Handler: roles.HandleUpdate,
Middlewares: []core.Middleware{Methods("PATCH"),
HasPermissions("roles", "update"), AuthJWT},
},
"/roles/{role_uuid}/delete": {
Handler: roles.HandleDelete,
Middlewares: []core.Middleware{Methods("DELETE"), AuthJWT},
Handler: roles.HandleDelete,
Middlewares: []core.Middleware{Methods("DELETE"),
HasPermissions("roles", "delete"), AuthJWT},
},
"/roles/{role_uuid}/permissions/": {
Handler: roles.HandleRolePermissions,
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
Handler: roles.HandleRolePermissions,
Middlewares: []core.Middleware{Methods("GET"),
HasPermissions("roles", "get"), AuthJWT},
},
"/roles/{role_uuid}/permissions/{resource}/{action}/add": {
Handler: roles.HandleAddPermission,
Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT},
Handler: roles.HandleAddPermission,
Middlewares: []core.Middleware{Methods("PATCH"),
HasPermissions("roles", "update"), AuthJWT},
},
"/roles/{role_uuid}/permissions/{resource}/{action}/remove": {
Handler: roles.HandleRemovePermission,
Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT},
Handler: roles.HandleRemovePermission,
Middlewares: []core.Middleware{Methods("PATCH"),
HasPermissions("roles", "update"), AuthJWT},
},
}

20
backend/api/shortcodes_routes.go
View File

@@ -7,23 +7,27 @@ import (
var ShortcodesRoutes = map[string]core.Handler{
"/shortcodes/new": {
Handler: shortcodes.HandleNew,
Middlewares: []core.Middleware{Methods("POST"), AuthJWT},
Handler: shortcodes.HandleNew,
Middlewares: []core.Middleware{Methods("POST"),
HasPermissions("shortcodes", "insert"), AuthJWT},
},
"/shortcodes": {
Handler: shortcodes.HandleShortcodes,
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
Handler: shortcodes.HandleShortcodes,
Middlewares: []core.Middleware{Methods("GET"),
HasPermissions("shortcodes", "get"), AuthJWT},
},
"/shortcodes/{shortcode}": {
Handler: shortcodes.HandleShortcode,
Middlewares: []core.Middleware{Methods("GET")},
},
"/shortcodes/{shortcode}/delete": {
Handler: shortcodes.HandleDelete,
Middlewares: []core.Middleware{Methods("DELETE"), AuthJWT},
Handler: shortcodes.HandleDelete,
Middlewares: []core.Middleware{Methods("DELETE"),
HasPermissions("shortcodes", "delete"), AuthJWT},
},
"/shortcodes/{shortcode}/update": {
Handler: shortcodes.HandleUpdate,
Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT},
Handler: shortcodes.HandleUpdate,
Middlewares: []core.Middleware{Methods("PATCH"),
HasPermissions("shortcodes", "update"), AuthJWT},
},
}

2
backend/api/users/user.go
View File

@@ -14,7 +14,7 @@ func HandleUser(w http.ResponseWriter, r *http.Request) {
count, err := core.DB.NewSelect().
Model(&user).
Where("user_id = ?", uuid).
Relation("Roles").
Relation("Roles.Permissions").
Limit(1).
ScanAndCount(context.Background())