UPDATE: change some router
All checks were successful
Build and Release / release (push) Successful in 1m6s
All checks were successful
Build and Release / release (push) Successful in 1m6s
This commit is contained in:
@@ -179,7 +179,7 @@ func (h *UserController) GetVerificationByUserID(c fiber.Ctx) error {
|
|||||||
// @Success 200 {object} response.CommonResponse
|
// @Success 200 {object} response.CommonResponse
|
||||||
// @Failure 400 {object} response.CommonResponse
|
// @Failure 400 {object} response.CommonResponse
|
||||||
// @Failure 500 {object} response.CommonResponse
|
// @Failure 500 {object} response.CommonResponse
|
||||||
// @Router /users/{id} [put]
|
// @Router /users/current [put]
|
||||||
func (h *UserController) UpdateProfile(c fiber.Ctx) error {
|
func (h *UserController) UpdateProfile(c fiber.Ctx) error {
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
@@ -217,7 +217,7 @@ func (h *UserController) UpdateProfile(c fiber.Ctx) error {
|
|||||||
// @Success 200 {object} response.CommonResponse
|
// @Success 200 {object} response.CommonResponse
|
||||||
// @Failure 400 {object} response.CommonResponse
|
// @Failure 400 {object} response.CommonResponse
|
||||||
// @Failure 500 {object} response.CommonResponse
|
// @Failure 500 {object} response.CommonResponse
|
||||||
// @Router /users/{id}/password [patch]
|
// @Router /users/current/password [patch]
|
||||||
func (h *UserController) ChangePassword(c fiber.Ctx) error {
|
func (h *UserController) ChangePassword(c fiber.Ctx) error {
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
@@ -336,8 +336,8 @@ func (h *UserController) ChangeRoleUser(c fiber.Ctx) error {
|
|||||||
Message: "Invalid user claims",
|
Message: "Invalid user claims",
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
userId := c.Params("id")
|
||||||
user, err := h.service.ChangeRoleUser(ctx, claims, dto)
|
user, err := h.service.ChangeRoleUser(ctx, userId, claims, dto)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return c.Status(fiber.StatusInternalServerError).JSON(response.CommonResponse{
|
return c.Status(fiber.StatusInternalServerError).JSON(response.CommonResponse{
|
||||||
Status: false,
|
Status: false,
|
||||||
|
|||||||
@@ -18,7 +18,6 @@ type ChangePasswordDto struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type ChangeRoleDto struct {
|
type ChangeRoleDto struct {
|
||||||
UserID string `json:"user_id" validate:"required,uuid"`
|
|
||||||
Roles []string `json:"role_ids" validate:"required,min=1,dive,required,uuid"`
|
Roles []string `json:"role_ids" validate:"required,min=1,dive,required,uuid"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -18,6 +18,12 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
|
|||||||
controller.GetUserCurrent,
|
controller.GetUserCurrent,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
route.Put(
|
||||||
|
"/current",
|
||||||
|
middlewares.JwtAccess(userRepo),
|
||||||
|
controller.UpdateProfile,
|
||||||
|
)
|
||||||
|
|
||||||
route.Get(
|
route.Get(
|
||||||
"/current/media",
|
"/current/media",
|
||||||
middlewares.JwtAccess(userRepo),
|
middlewares.JwtAccess(userRepo),
|
||||||
@@ -30,6 +36,12 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
|
|||||||
controller.GetUserApplication,
|
controller.GetUserApplication,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
route.Patch(
|
||||||
|
"/current/password",
|
||||||
|
middlewares.JwtAccess(userRepo),
|
||||||
|
controller.ChangePassword,
|
||||||
|
)
|
||||||
|
|
||||||
route.Get(
|
route.Get(
|
||||||
"/:id",
|
"/:id",
|
||||||
middlewares.JwtAccess(userRepo),
|
middlewares.JwtAccess(userRepo),
|
||||||
@@ -37,12 +49,6 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
|
|||||||
controller.GetUserById,
|
controller.GetUserById,
|
||||||
)
|
)
|
||||||
|
|
||||||
route.Put(
|
|
||||||
"/:id",
|
|
||||||
middlewares.JwtAccess(userRepo),
|
|
||||||
controller.UpdateProfile,
|
|
||||||
)
|
|
||||||
|
|
||||||
route.Delete(
|
route.Delete(
|
||||||
"/:id",
|
"/:id",
|
||||||
middlewares.JwtAccess(userRepo),
|
middlewares.JwtAccess(userRepo),
|
||||||
@@ -74,16 +80,10 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
|
|||||||
route.Patch(
|
route.Patch(
|
||||||
"/:id/role",
|
"/:id/role",
|
||||||
middlewares.JwtAccess(userRepo),
|
middlewares.JwtAccess(userRepo),
|
||||||
middlewares.RequireAnyRole(constants.ADMIN),
|
middlewares.RequireAnyRole(constants.ADMIN, constants.MOD),
|
||||||
controller.ChangeRoleUser,
|
controller.ChangeRoleUser,
|
||||||
)
|
)
|
||||||
|
|
||||||
route.Patch(
|
|
||||||
"/:id/password",
|
|
||||||
middlewares.JwtAccess(userRepo),
|
|
||||||
controller.ChangePassword,
|
|
||||||
)
|
|
||||||
|
|
||||||
route.Get(
|
route.Get(
|
||||||
"/",
|
"/",
|
||||||
middlewares.JwtAccess(userRepo),
|
middlewares.JwtAccess(userRepo),
|
||||||
|
|||||||
@@ -27,7 +27,7 @@ type UserService interface {
|
|||||||
|
|
||||||
//admin
|
//admin
|
||||||
DeleteUser(ctx context.Context, userId string) error
|
DeleteUser(ctx context.Context, userId string) error
|
||||||
ChangeRoleUser(ctx context.Context, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error)
|
ChangeRoleUser(ctx context.Context, userId string, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error)
|
||||||
RestoreUser(ctx context.Context, userId string) (*response.UserResponse, error)
|
RestoreUser(ctx context.Context, userId string) (*response.UserResponse, error)
|
||||||
GetUserByID(ctx context.Context, userId string) (*response.UserResponse, error)
|
GetUserByID(ctx context.Context, userId string) (*response.UserResponse, error)
|
||||||
SearchUser(ctx context.Context, dto *request.SearchUserDto) (*response.PaginatedResponse, error)
|
SearchUser(ctx context.Context, dto *request.SearchUserDto) (*response.PaginatedResponse, error)
|
||||||
@@ -84,13 +84,13 @@ func (u *userService) ChangePassword(ctx context.Context, userId string, dto *re
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error) {
|
func (u *userService) ChangeRoleUser(ctx context.Context, userId string, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error) {
|
||||||
userId, err := convert.StringToUUID(dto.UserID)
|
userUUID, err := convert.StringToUUID(userId)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
return nil, fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
user, err := u.userRepo.GetByID(ctx, userId)
|
user, err := u.userRepo.GetByID(ctx, userUUID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fiber.NewError(fiber.StatusNotFound, err.Error())
|
return nil, fiber.NewError(fiber.StatusNotFound, err.Error())
|
||||||
}
|
}
|
||||||
@@ -132,11 +132,11 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
|
|||||||
return nil, fiber.NewError(fiber.StatusForbidden, "MOD cannot assign ADMIN role to any user")
|
return nil, fiber.NewError(fiber.StatusForbidden, "MOD cannot assign ADMIN role to any user")
|
||||||
}
|
}
|
||||||
|
|
||||||
if dto.UserID == claims.UId && !hasModRole {
|
if userId == claims.UId && !hasModRole {
|
||||||
return nil, fiber.NewError(fiber.StatusForbidden, "You can't remove MOD role of yourself")
|
return nil, fiber.NewError(fiber.StatusForbidden, "You can't remove MOD role of yourself")
|
||||||
}
|
}
|
||||||
|
|
||||||
if dto.UserID == claims.UId && hasBannedRole {
|
if userId == claims.UId && hasBannedRole {
|
||||||
return nil, fiber.NewError(fiber.StatusForbidden, "You can't assign BANNED role to yourself")
|
return nil, fiber.NewError(fiber.StatusForbidden, "You can't assign BANNED role to yourself")
|
||||||
}
|
}
|
||||||
isTargetAdminOrMod := false
|
isTargetAdminOrMod := false
|
||||||
@@ -152,11 +152,11 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
|
|||||||
}
|
}
|
||||||
|
|
||||||
if slices.Contains(claims.Roles, constants.ADMIN) {
|
if slices.Contains(claims.Roles, constants.ADMIN) {
|
||||||
if dto.UserID == claims.UId && hasBannedRole {
|
if userId == claims.UId && hasBannedRole {
|
||||||
return nil, fiber.NewError(fiber.StatusForbidden, "You can't assign BANNED role to yourself")
|
return nil, fiber.NewError(fiber.StatusForbidden, "You can't assign BANNED role to yourself")
|
||||||
}
|
}
|
||||||
|
|
||||||
if dto.UserID == claims.UId && !hasAdminRole {
|
if userId == claims.UId && !hasAdminRole {
|
||||||
return nil, fiber.NewError(fiber.StatusForbidden, "You can't remove ADMIN role of yourself")
|
return nil, fiber.NewError(fiber.StatusForbidden, "You can't remove ADMIN role of yourself")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -172,13 +172,13 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
|
|||||||
user.Roles = append(user.Roles, role.ToRoleSimple())
|
user.Roles = append(user.Roles, role.ToRoleSimple())
|
||||||
}
|
}
|
||||||
|
|
||||||
err = u.roleRepo.BulkDeleteRolesFromUser(ctx, userId)
|
err = u.roleRepo.BulkDeleteRolesFromUser(ctx, userUUID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
return nil, fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
err = u.roleRepo.CreateUserRole(ctx, sqlc.CreateUserRoleParams{
|
err = u.roleRepo.CreateUserRole(ctx, sqlc.CreateUserRoleParams{
|
||||||
UserID: userId,
|
UserID: userUUID,
|
||||||
Column2: roleIdList,
|
Column2: roleIdList,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -186,7 +186,7 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
|
|||||||
}
|
}
|
||||||
|
|
||||||
err = u.userRepo.UpdateTokenVersion(ctx, sqlc.UpdateTokenVersionParams{
|
err = u.userRepo.UpdateTokenVersion(ctx, sqlc.UpdateTokenVersionParams{
|
||||||
ID: userId,
|
ID: userUUID,
|
||||||
TokenVersion: user.TokenVersion + 1,
|
TokenVersion: user.TokenVersion + 1,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
Reference in New Issue
Block a user