Availability based on permissions

backend/api/shortcodes_routes.go

@@ -7,23 +7,27 @@ import (
 
 var ShortcodesRoutes = map[string]core.Handler{
 	"/shortcodes/new": {
-		Handler:     shortcodes.HandleNew,
-		Middlewares: []core.Middleware{Methods("POST"), AuthJWT},
+		Handler: shortcodes.HandleNew,
+		Middlewares: []core.Middleware{Methods("POST"),
+			HasPermissions("shortcodes", "insert"), AuthJWT},
 	},
 	"/shortcodes": {
-		Handler:     shortcodes.HandleShortcodes,
-		Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
+		Handler: shortcodes.HandleShortcodes,
+		Middlewares: []core.Middleware{Methods("GET"),
+			HasPermissions("shortcodes", "get"), AuthJWT},
 	},
 	"/shortcodes/{shortcode}": {
 		Handler:     shortcodes.HandleShortcode,
 		Middlewares: []core.Middleware{Methods("GET")},
 	},
 	"/shortcodes/{shortcode}/delete": {
-		Handler:     shortcodes.HandleDelete,
-		Middlewares: []core.Middleware{Methods("DELETE"), AuthJWT},
+		Handler: shortcodes.HandleDelete,
+		Middlewares: []core.Middleware{Methods("DELETE"),
+			HasPermissions("shortcodes", "delete"), AuthJWT},
 	},
 	"/shortcodes/{shortcode}/update": {
-		Handler:     shortcodes.HandleUpdate,
-		Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT},
+		Handler: shortcodes.HandleUpdate,
+		Middlewares: []core.Middleware{Methods("PATCH"),
+			HasPermissions("shortcodes", "update"), AuthJWT},
 	},
 }