Roles and permissions view completed

2025-01-31 12:09:08 +01:00
parent 0e707e8721
commit acfd2c7b14
5 changed files with 119 additions and 99 deletions
--- a/backend/api/permissions/resource_actions.go
+++ b/backend/api/permissions/resource_actions.go
@@ -34,17 +34,14 @@ func HandleResourceActions(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	result := make([]map[string]interface{}, 0)
+	result := make(map[string]interface{}, 0)

 	for _, gp := range groupedPermissions {
 		var actions []string

 		_ = gp.Actions.AssignTo(&actions)

-		result = append(result, map[string]interface{}{
-			"resource": gp.Resource,
-			"actions":  actions,
-		})
+		result[gp.Resource] = actions
 	}

 	core.JSONSuccess{
--- a/backend/api/roles/add_permission.go
+++ b/backend/api/roles/add_permission.go
@@ -3,20 +3,19 @@ package roles
 import (
 	"context"
 	"net/http"
-	"strconv"

 	"fr.latosa-escrima/core"
 	"fr.latosa-escrima/core/models"
-	"github.com/google/uuid"
 )

 func HandleAddPermission(w http.ResponseWriter, r *http.Request) {
 	ctx := context.Background()
 	role_id := r.PathValue("role_uuid")
-	permission_id := r.PathValue("permission_id")
+	resource := r.PathValue("resource")
+	action := r.PathValue("action")
 	var permission models.Permission
 	count, err := core.DB.NewSelect().Model(&permission).
-		Where("id = ?", permission_id).
+		Where("resource = ? AND action = ?", resource, action).
 		Limit(1).ScanAndCount(ctx)
 	if count == 0 {
 		core.JSONError{
@@ -39,11 +38,9 @@ func HandleAddPermission(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	pid, err := strconv.Atoi(permission_id)
-	rid, err := uuid.Parse(role_id)
 	permissionRole := models.PermissionToRole{
-		PermissionID: pid,
-		RoleID:       rid,
+		PermissionID: permission.ID,
+		RoleID:       role.ID,
 	}
 	_, err = core.DB.NewInsert().Model(&permissionRole).Ignore().
 		Exec(ctx)
--- a/backend/api/roles/remove_permission.go
+++ b/backend/api/roles/remove_permission.go
@@ -11,10 +11,22 @@ import (
 func HandleRemovePermission(w http.ResponseWriter, r *http.Request) {
 	ctx := context.Background()
 	role_id := r.PathValue("role_uuid")
-	permission_id := r.PathValue("permission_id")
+	resource := r.PathValue("resource")
+	action := r.PathValue("action")
+	var permission models.Permission
+	count, err := core.DB.NewSelect().Model(&permission).
+		Where("resource = ? AND action = ?", resource, action).
+		Limit(1).ScanAndCount(ctx)
+	if count == 0 {
+		core.JSONError{
+			Status:  core.Error,
+			Message: "Permission doesn't exist.",
+		}.Respond(w, http.StatusNotFound)
+		return
+	}

-	_, err := core.DB.NewDelete().Model((*models.PermissionToRole)(nil)).
-		Where("permission_id = ? AND role_id = ?", permission_id, role_id).
+	_, err = core.DB.NewDelete().Model((*models.PermissionToRole)(nil)).
+		Where("permission_id = ? AND role_id = ?", permission.ID, role_id).
 		Exec(ctx)

 	if err != nil {
--- a/backend/api/roles_routes.go
+++ b/backend/api/roles_routes.go
@@ -30,11 +30,11 @@ var RolesRoutes = map[string]core.Handler{
 		Handler:     roles.HandleRolePermissions,
 		Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
 	},
-	"/roles/{role_uuid}/permissions/{permission_id}/add": {
+	"/roles/{role_uuid}/permissions/{resource}/{action}/add": {
 		Handler:     roles.HandleAddPermission,
 		Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT},
 	},
-	"/roles/{role_uuid}/permissions/{permission_id}/remove": {
+	"/roles/{role_uuid}/permissions/{resource}/{action}/remove": {
 		Handler:     roles.HandleRemovePermission,
 		Middlewares: []core.Middleware{Methods("PATCH"), AuthJWT},
 	},