UPDATE: change some router

internal/controllers/userController.go

@@ -179,7 +179,7 @@ func (h *UserController) GetVerificationByUserID(c fiber.Ctx) error {
 // @Success 200 {object} response.CommonResponse
 // @Failure 400 {object} response.CommonResponse
 // @Failure 500 {object} response.CommonResponse
-// @Router /users/{id} [put]
+// @Router /users/current [put]
 func (h *UserController) UpdateProfile(c fiber.Ctx) error {
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancel()
@@ -187,7 +187,7 @@ func (h *UserController) UpdateProfile(c fiber.Ctx) error {
 	dto := &request.UpdateProfileDto{}
 	if err := validator.ValidateBodyDto(c, dto); err != nil {
 		return c.Status(fiber.StatusBadRequest).JSON(response.CommonResponse{
-			Status:  false,
+			Status: false,
 			Errors: err,
 		})
 	}
@@ -217,14 +217,14 @@ func (h *UserController) UpdateProfile(c fiber.Ctx) error {
 // @Success 200 {object} response.CommonResponse
 // @Failure 400 {object} response.CommonResponse
 // @Failure 500 {object} response.CommonResponse
-// @Router /users/{id}/password [patch]
+// @Router /users/current/password [patch]
 func (h *UserController) ChangePassword(c fiber.Ctx) error {
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancel()
 	dto := &request.ChangePasswordDto{}
 	if err := validator.ValidateBodyDto(c, dto); err != nil {
 		return c.Status(fiber.StatusBadRequest).JSON(response.CommonResponse{
-			Status:  false,
+			Status: false,
 			Errors: err,
 		})
 	}
@@ -317,7 +317,7 @@ func (h *UserController) ChangeRoleUser(c fiber.Ctx) error {
 	dto := &request.ChangeRoleDto{}
 	if err := validator.ValidateBodyDto(c, dto); err != nil {
 		return c.Status(fiber.StatusBadRequest).JSON(response.CommonResponse{
-			Status:  false,
+			Status: false,
 			Errors: err,
 		})
 	}
@@ -336,8 +336,8 @@ func (h *UserController) ChangeRoleUser(c fiber.Ctx) error {
 			Message: "Invalid user claims",
 		})
 	}
-
+	userId := c.Params("id")
-	user, err := h.service.ChangeRoleUser(ctx, claims, dto)
+	user, err := h.service.ChangeRoleUser(ctx, userId, claims, dto)
 	if err != nil {
 		return c.Status(fiber.StatusInternalServerError).JSON(response.CommonResponse{
 			Status:  false,
@@ -397,7 +397,7 @@ func (h *UserController) SearchUser(c fiber.Ctx) error {
 	dto := &request.SearchUserDto{}
 	if err := validator.ValidateQueryDto(c, dto); err != nil {
 		return c.Status(fiber.StatusBadRequest).JSON(response.CommonResponse{
-			Status:  false,
+			Status: false,
 			Errors: err,
 		})
 	}

internal/dtos/request/user.go

@@ -18,7 +18,6 @@ type ChangePasswordDto struct {
 }
 
 type ChangeRoleDto struct {
-	UserID string   `json:"user_id" validate:"required,uuid"`
 	Roles  []string `json:"role_ids" validate:"required,min=1,dive,required,uuid"`
 }
 

internal/routes/userRoute.go

@@ -17,6 +17,12 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
 		middlewares.JwtAccess(userRepo),
 		controller.GetUserCurrent,
 	)
+	
+	route.Put(
+		"/current",
+		middlewares.JwtAccess(userRepo),
+		controller.UpdateProfile,
+	)
 
 	route.Get(
 		"/current/media",
@@ -30,6 +36,12 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
 		controller.GetUserApplication,
 	)
 
+	route.Patch(
+		"/current/password",
+		middlewares.JwtAccess(userRepo),
+		controller.ChangePassword,
+	)
+
 	route.Get(
 		"/:id",
 		middlewares.JwtAccess(userRepo),
@@ -37,12 +49,6 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
 		controller.GetUserById,
 	)
 
-	route.Put(
-		"/:id",
-		middlewares.JwtAccess(userRepo),
-		controller.UpdateProfile,
-	)
-
 	route.Delete(
 		"/:id",
 		middlewares.JwtAccess(userRepo),
@@ -74,16 +80,10 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
 	route.Patch(
 		"/:id/role",
 		middlewares.JwtAccess(userRepo),
-		middlewares.RequireAnyRole(constants.ADMIN),
+		middlewares.RequireAnyRole(constants.ADMIN, constants.MOD),
 		controller.ChangeRoleUser,
 	)
 
-	route.Patch(
-		"/:id/password",
-		middlewares.JwtAccess(userRepo),
-		controller.ChangePassword,
-	)
-
 	route.Get(
 		"/",
 		middlewares.JwtAccess(userRepo),

internal/services/userService.go

@@ -27,7 +27,7 @@ type UserService interface {
 
 	//admin
 	DeleteUser(ctx context.Context, userId string) error
-	ChangeRoleUser(ctx context.Context, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error)
+	ChangeRoleUser(ctx context.Context, userId string, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error)
 	RestoreUser(ctx context.Context, userId string) (*response.UserResponse, error)
 	GetUserByID(ctx context.Context, userId string) (*response.UserResponse, error)
 	SearchUser(ctx context.Context, dto *request.SearchUserDto) (*response.PaginatedResponse, error)
@@ -84,13 +84,13 @@ func (u *userService) ChangePassword(ctx context.Context, userId string, dto *re
 	return nil
 }
 
-func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error) {
+func (u *userService) ChangeRoleUser(ctx context.Context, userId string, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error) {
-	userId, err := convert.StringToUUID(dto.UserID)
+	userUUID, err := convert.StringToUUID(userId)
 	if err != nil {
 		return nil, fiber.NewError(fiber.StatusInternalServerError, err.Error())
 	}
 
-	user, err := u.userRepo.GetByID(ctx, userId)
+	user, err := u.userRepo.GetByID(ctx, userUUID)
 	if err != nil {
 		return nil, fiber.NewError(fiber.StatusNotFound, err.Error())
 	}
@@ -132,11 +132,11 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
 			return nil, fiber.NewError(fiber.StatusForbidden, "MOD cannot assign ADMIN role to any user")
 		}
 
-		if dto.UserID == claims.UId && !hasModRole {
+		if userId == claims.UId && !hasModRole {
 			return nil, fiber.NewError(fiber.StatusForbidden, "You can't remove MOD role of yourself")
 		}
 
-		if dto.UserID == claims.UId && hasBannedRole {
+		if userId == claims.UId && hasBannedRole {
 			return nil, fiber.NewError(fiber.StatusForbidden, "You can't assign BANNED role to yourself")
 		}
 		isTargetAdminOrMod := false
@@ -152,11 +152,11 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
 	}
 
 	if slices.Contains(claims.Roles, constants.ADMIN) {
-		if dto.UserID == claims.UId && hasBannedRole {
+		if userId == claims.UId && hasBannedRole {
 			return nil, fiber.NewError(fiber.StatusForbidden, "You can't assign BANNED role to yourself")
 		}
 
-		if dto.UserID == claims.UId && !hasAdminRole {
+		if userId == claims.UId && !hasAdminRole {
 			return nil, fiber.NewError(fiber.StatusForbidden, "You can't remove ADMIN role of yourself")
 		}
 	}
@@ -172,13 +172,13 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
 		user.Roles = append(user.Roles, role.ToRoleSimple())
 	}
 
-	err = u.roleRepo.BulkDeleteRolesFromUser(ctx, userId)
+	err = u.roleRepo.BulkDeleteRolesFromUser(ctx, userUUID)
 	if err != nil {
 		return nil, fiber.NewError(fiber.StatusInternalServerError, err.Error())
 	}
 
 	err = u.roleRepo.CreateUserRole(ctx, sqlc.CreateUserRoleParams{
-		UserID:  userId,
+		UserID:  userUUID,
 		Column2: roleIdList,
 	})
 	if err != nil {
@@ -186,7 +186,7 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
 	}
 
 	err = u.userRepo.UpdateTokenVersion(ctx, sqlc.UpdateTokenVersionParams{
-		ID:           userId,
+		ID:           userUUID,
 		TokenVersion: user.TokenVersion + 1,
 	})
 	if err != nil {