From f7dd0c60d693b28df4673718206b2450befe1fac Mon Sep 17 00:00:00 2001
From: cdricms <36056008+cdricms@users.noreply.github.com>
Date: Fri, 31 Jan 2025 13:07:25 +0100
Subject: [PATCH] Better handling of permissions
---
backend/api/events_routes.go | 10 +++++----
backend/api/middlewares.go | 18 ---------------
backend/api/permissions/permission.go | 25 ++++++++-------------
backend/api/permissions_routes.go | 8 +++----
backend/api/roles/add_permission.go | 5 +++--
backend/api/roles/remove_permission.go | 2 +-
backend/core/models/permissions.go | 5 ++---
backend/core/models/permissions_to_roles.go | 9 ++++----
backend/core/models/roles.go | 2 +-
backend/main.go | 2 +-
frontend/app/layout.tsx | 15 +++++++++++--
frontend/components/hero.tsx | 1 -
12 files changed, 45 insertions(+), 57 deletions(-)
diff --git a/backend/api/events_routes.go b/backend/api/events_routes.go
index 0697d5c..73abcf7 100644
--- a/backend/api/events_routes.go
+++ b/backend/api/events_routes.go
@@ -10,14 +10,16 @@ var EventsRoutes = map[string]core.Handler{
Handler: events.HandleEvents,
Middlewares: []core.Middleware{Methods("GET")}},
"/events/new": {
- Handler: events.HandleNew,
- Middlewares: []core.Middleware{Methods("POST"), AuthJWT}},
+ Handler: events.HandleNew,
+ Middlewares: []core.Middleware{Methods("POST"),
+ HasPermissions("events", "insert"), AuthJWT}},
"/events/{event_uuid}": {
Handler: events.HandleEvent,
Middlewares: []core.Middleware{Methods("GET")}},
"/events/{event_uuid}/delete": {
- Handler: events.HandleDelete,
- Middlewares: []core.Middleware{Methods("DELETE"), AuthJWT}},
+ Handler: events.HandleDelete,
+ Middlewares: []core.Middleware{Methods("DELETE"),
+ HasPermissions("events", "delete"), AuthJWT}},
"/events/{event_uuid}/update": {
Handler: events.HandleUpdate,
Middlewares: []core.Middleware{
diff --git a/backend/api/middlewares.go b/backend/api/middlewares.go
index 447881b..9b1b7c0 100644
--- a/backend/api/middlewares.go
+++ b/backend/api/middlewares.go
@@ -159,24 +159,6 @@ func HasPermissions(resource string, actions ...string) core.Middleware {
return
}
- // permissions := utils.MergeArrays(
- // utils.Map(user.Roles, func(r models.Role) []models.Permission {
- // return r.Permissions
- // })...)
- //
- // for _, action := range actions {
- // permission := utils.Find(permissions, func(p models.Permission, i int) bool {
- // return resource == p.Resource && action == p.Action
- // })
- // if permission == nil {
- // core.JSONError{
- // Status: core.Error,
- // Message: fmt.Sprintf("The user doesn't have the proper permission %s:%s", resource, action),
- // }.Respond(w, http.StatusUnauthorized)
- // return
- // }
- // }
-
permissionsSet := make(map[string]struct{}) // Set to store unique permissions
// Populate the set with user's permissions
diff --git a/backend/api/permissions/permission.go b/backend/api/permissions/permission.go
index 9c145dd..bf442f3 100644
--- a/backend/api/permissions/permission.go
+++ b/backend/api/permissions/permission.go
@@ -9,21 +9,14 @@ import (
)
func HandlePermission(w http.ResponseWriter, r *http.Request) {
- id := r.PathValue("permission_id")
- var permission models.Permission
- count, err := core.DB.NewSelect().
- Model(&permission).
- Where("id = ?", id).
+ resource := r.PathValue("resource")
+ action := r.PathValue("action")
+ var permissions models.Permission
+ err := core.DB.NewSelect().
+ Model(&permissions).
+ Where("resource = ? AND action = ?", resource, action).
Limit(1).
- ScanAndCount(context.Background())
-
- if count == 0 {
- core.JSONSuccess{
- Status: core.Success,
- Message: "Permission not found.",
- }.Respond(w, http.StatusNotFound)
- return
- }
+ Scan(context.Background())
if err != nil {
core.JSONError{
@@ -35,7 +28,7 @@ func HandlePermission(w http.ResponseWriter, r *http.Request) {
core.JSONSuccess{
Status: core.Success,
- Message: "Permission found.",
- Data: permission,
+ Message: "Permissions found.",
+ Data: permissions,
}.Respond(w, http.StatusOK)
}
diff --git a/backend/api/permissions_routes.go b/backend/api/permissions_routes.go
index 7e631d2..6f84b10 100644
--- a/backend/api/permissions_routes.go
+++ b/backend/api/permissions_routes.go
@@ -14,12 +14,12 @@ var PermissionsRoutes = map[string]core.Handler{
Handler: permissions.HandleResourceActions,
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
},
- "/permissions/{permission_id}": {
- Handler: permissions.HandlePermission,
- Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
- },
"/permissions/resources/{resource}": {
Handler: permissions.HandlePermissionsResource,
Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
},
+ "/permissions/resources/{resource}/{action}": {
+ Handler: permissions.HandlePermission,
+ Middlewares: []core.Middleware{Methods("GET"), AuthJWT},
+ },
}
diff --git a/backend/api/roles/add_permission.go b/backend/api/roles/add_permission.go
index f951dd4..25d66a5 100644
--- a/backend/api/roles/add_permission.go
+++ b/backend/api/roles/add_permission.go
@@ -39,8 +39,9 @@ func HandleAddPermission(w http.ResponseWriter, r *http.Request) {
}
permissionRole := models.PermissionToRole{
- PermissionID: permission.ID,
- RoleID: role.ID,
+ PermissionResource: permission.Resource,
+ PermissionAction: permission.Action,
+ RoleID: role.ID,
}
_, err = core.DB.NewInsert().Model(&permissionRole).Ignore().
Exec(ctx)
diff --git a/backend/api/roles/remove_permission.go b/backend/api/roles/remove_permission.go
index 8538164..e056b69 100644
--- a/backend/api/roles/remove_permission.go
+++ b/backend/api/roles/remove_permission.go
@@ -26,7 +26,7 @@ func HandleRemovePermission(w http.ResponseWriter, r *http.Request) {
}
_, err = core.DB.NewDelete().Model((*models.PermissionToRole)(nil)).
- Where("permission_id = ? AND role_id = ?", permission.ID, role_id).
+ Where("resource = ? AND action = ? AND role_id = ?", permission.Resource, permission.Action, role_id).
Exec(ctx)
if err != nil {
diff --git a/backend/core/models/permissions.go b/backend/core/models/permissions.go
index 5532edc..459ead7 100644
--- a/backend/core/models/permissions.go
+++ b/backend/core/models/permissions.go
@@ -8,8 +8,7 @@ type PermissionConditions struct {
type Permission struct {
bun.BaseModel `bun:"table:permissions"`
- ID int `bun:"id,pk,autoincrement" json:"id"`
- Resource string `bun:"resource,notnull,unique:permission" json:"resource"`
- Action string `bun:"action,notnull,unique:permission" json:"action"`
+ Resource string `bun:"resource,pk" json:"resource"`
+ Action string `bun:"action,pk" json:"action"`
Conditions PermissionConditions `bun:"conditions,type:jsonb" json:"conditions"`
}
diff --git a/backend/core/models/permissions_to_roles.go b/backend/core/models/permissions_to_roles.go
index 341f96b..c5660fb 100644
--- a/backend/core/models/permissions_to_roles.go
+++ b/backend/core/models/permissions_to_roles.go
@@ -6,11 +6,12 @@ import (
)
type PermissionToRole struct {
- bun.BaseModel `bun:"table:permissions_to_users"`
+ bun.BaseModel `bun:"table:permissions_to_roles"`
- PermissionID int `bun:"permission_id,pk"`
- RoleID uuid.UUID `bun:"type:uuid,pk"`
+ PermissionAction string `bun:"action,pk"`
+ PermissionResource string `bun:"resource,pk"`
+ RoleID uuid.UUID `bun:"type:uuid,pk"`
- Permission *Permission `bun:"rel:belongs-to,join:permission_id=id"`
+ Permission *Permission `bun:"rel:belongs-to,join:resource=resource,action=action"`
Role *Role `bun:"rel:belongs-to,join:role_id=id"`
}
diff --git a/backend/core/models/roles.go b/backend/core/models/roles.go
index 914d541..5b059e0 100644
--- a/backend/core/models/roles.go
+++ b/backend/core/models/roles.go
@@ -10,5 +10,5 @@ type Role struct {
ID uuid.UUID `bun:"id,pk,type:uuid,default:gen_random_uuid()" json:"id"`
Name string `bun:"name,unique,notnull" json:"name"`
- Permissions []Permission `bun:"m2m:permissions_to_users,join:Role=Permission" json:"permissions,omitempty"`
+ Permissions []Permission `bun:"m2m:permissions_to_roles,join:Role=Permission" json:"permissions,omitempty"`
}
diff --git a/backend/main.go b/backend/main.go
index e303c61..d9a7b97 100644
--- a/backend/main.go
+++ b/backend/main.go
@@ -68,7 +68,7 @@ func main() {
"/": {
Handler: handler,
Middlewares: []core.Middleware{api.Methods("GET"),
- api.HasPermissions("users", "insert", "jfkdjfdk"),
+ api.HasPermissions("blogs", "insert"),
api.AuthJWT,
}},
"/contact": {
diff --git a/frontend/app/layout.tsx b/frontend/app/layout.tsx
index a89e441..53a8187 100644
--- a/frontend/app/layout.tsx
+++ b/frontend/app/layout.tsx
@@ -15,8 +15,19 @@ const geistMono = Geist_Mono({
});
export const metadata: Metadata = {
- title: "Create Next App",
- description: "Generated by create next app",
+ title: "Latosa Escrima France",
+ description: "Site officiel de Latosa Escrima France.",
+ openGraph: {
+ title: "Latosa Escrima France",
+ description: "Site officiel de Latosa Escrima France.",
+ type: "website",
+ countryName: "France",
+ },
+ applicationName: "Latosa Escrima France",
+ authors: {
+ name: "Wing Tsun Picardie",
+ url: "https://www.youtube.com/@WingTsunPicardie",
+ },
};
export default function RootLayout({
diff --git a/frontend/components/hero.tsx b/frontend/components/hero.tsx
index b3b4926..31c4026 100644
--- a/frontend/components/hero.tsx
+++ b/frontend/components/hero.tsx
@@ -18,7 +18,6 @@ const Hero = () => {
alt="logo"
className="h-16"
/>
- Latosa-Escrima
Trouvez votre équilibre avec Latosa-Escrima