UPDATE: change some router
All checks were successful
Build and Release / release (push) Successful in 1m6s
All checks were successful
Build and Release / release (push) Successful in 1m6s
This commit is contained in:
@@ -179,7 +179,7 @@ func (h *UserController) GetVerificationByUserID(c fiber.Ctx) error {
|
||||
// @Success 200 {object} response.CommonResponse
|
||||
// @Failure 400 {object} response.CommonResponse
|
||||
// @Failure 500 {object} response.CommonResponse
|
||||
// @Router /users/{id} [put]
|
||||
// @Router /users/current [put]
|
||||
func (h *UserController) UpdateProfile(c fiber.Ctx) error {
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
||||
defer cancel()
|
||||
@@ -217,7 +217,7 @@ func (h *UserController) UpdateProfile(c fiber.Ctx) error {
|
||||
// @Success 200 {object} response.CommonResponse
|
||||
// @Failure 400 {object} response.CommonResponse
|
||||
// @Failure 500 {object} response.CommonResponse
|
||||
// @Router /users/{id}/password [patch]
|
||||
// @Router /users/current/password [patch]
|
||||
func (h *UserController) ChangePassword(c fiber.Ctx) error {
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
||||
defer cancel()
|
||||
@@ -336,8 +336,8 @@ func (h *UserController) ChangeRoleUser(c fiber.Ctx) error {
|
||||
Message: "Invalid user claims",
|
||||
})
|
||||
}
|
||||
|
||||
user, err := h.service.ChangeRoleUser(ctx, claims, dto)
|
||||
userId := c.Params("id")
|
||||
user, err := h.service.ChangeRoleUser(ctx, userId, claims, dto)
|
||||
if err != nil {
|
||||
return c.Status(fiber.StatusInternalServerError).JSON(response.CommonResponse{
|
||||
Status: false,
|
||||
|
||||
@@ -18,7 +18,6 @@ type ChangePasswordDto struct {
|
||||
}
|
||||
|
||||
type ChangeRoleDto struct {
|
||||
UserID string `json:"user_id" validate:"required,uuid"`
|
||||
Roles []string `json:"role_ids" validate:"required,min=1,dive,required,uuid"`
|
||||
}
|
||||
|
||||
|
||||
@@ -18,6 +18,12 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
|
||||
controller.GetUserCurrent,
|
||||
)
|
||||
|
||||
route.Put(
|
||||
"/current",
|
||||
middlewares.JwtAccess(userRepo),
|
||||
controller.UpdateProfile,
|
||||
)
|
||||
|
||||
route.Get(
|
||||
"/current/media",
|
||||
middlewares.JwtAccess(userRepo),
|
||||
@@ -30,6 +36,12 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
|
||||
controller.GetUserApplication,
|
||||
)
|
||||
|
||||
route.Patch(
|
||||
"/current/password",
|
||||
middlewares.JwtAccess(userRepo),
|
||||
controller.ChangePassword,
|
||||
)
|
||||
|
||||
route.Get(
|
||||
"/:id",
|
||||
middlewares.JwtAccess(userRepo),
|
||||
@@ -37,12 +49,6 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
|
||||
controller.GetUserById,
|
||||
)
|
||||
|
||||
route.Put(
|
||||
"/:id",
|
||||
middlewares.JwtAccess(userRepo),
|
||||
controller.UpdateProfile,
|
||||
)
|
||||
|
||||
route.Delete(
|
||||
"/:id",
|
||||
middlewares.JwtAccess(userRepo),
|
||||
@@ -74,16 +80,10 @@ func UserRoutes(app *fiber.App, controller *controllers.UserController, userRepo
|
||||
route.Patch(
|
||||
"/:id/role",
|
||||
middlewares.JwtAccess(userRepo),
|
||||
middlewares.RequireAnyRole(constants.ADMIN),
|
||||
middlewares.RequireAnyRole(constants.ADMIN, constants.MOD),
|
||||
controller.ChangeRoleUser,
|
||||
)
|
||||
|
||||
route.Patch(
|
||||
"/:id/password",
|
||||
middlewares.JwtAccess(userRepo),
|
||||
controller.ChangePassword,
|
||||
)
|
||||
|
||||
route.Get(
|
||||
"/",
|
||||
middlewares.JwtAccess(userRepo),
|
||||
|
||||
@@ -27,7 +27,7 @@ type UserService interface {
|
||||
|
||||
//admin
|
||||
DeleteUser(ctx context.Context, userId string) error
|
||||
ChangeRoleUser(ctx context.Context, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error)
|
||||
ChangeRoleUser(ctx context.Context, userId string, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error)
|
||||
RestoreUser(ctx context.Context, userId string) (*response.UserResponse, error)
|
||||
GetUserByID(ctx context.Context, userId string) (*response.UserResponse, error)
|
||||
SearchUser(ctx context.Context, dto *request.SearchUserDto) (*response.PaginatedResponse, error)
|
||||
@@ -84,13 +84,13 @@ func (u *userService) ChangePassword(ctx context.Context, userId string, dto *re
|
||||
return nil
|
||||
}
|
||||
|
||||
func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error) {
|
||||
userId, err := convert.StringToUUID(dto.UserID)
|
||||
func (u *userService) ChangeRoleUser(ctx context.Context, userId string, claims *response.JWTClaims, dto *request.ChangeRoleDto) (*response.UserResponse, error) {
|
||||
userUUID, err := convert.StringToUUID(userId)
|
||||
if err != nil {
|
||||
return nil, fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||
}
|
||||
|
||||
user, err := u.userRepo.GetByID(ctx, userId)
|
||||
user, err := u.userRepo.GetByID(ctx, userUUID)
|
||||
if err != nil {
|
||||
return nil, fiber.NewError(fiber.StatusNotFound, err.Error())
|
||||
}
|
||||
@@ -132,11 +132,11 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
|
||||
return nil, fiber.NewError(fiber.StatusForbidden, "MOD cannot assign ADMIN role to any user")
|
||||
}
|
||||
|
||||
if dto.UserID == claims.UId && !hasModRole {
|
||||
if userId == claims.UId && !hasModRole {
|
||||
return nil, fiber.NewError(fiber.StatusForbidden, "You can't remove MOD role of yourself")
|
||||
}
|
||||
|
||||
if dto.UserID == claims.UId && hasBannedRole {
|
||||
if userId == claims.UId && hasBannedRole {
|
||||
return nil, fiber.NewError(fiber.StatusForbidden, "You can't assign BANNED role to yourself")
|
||||
}
|
||||
isTargetAdminOrMod := false
|
||||
@@ -152,11 +152,11 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
|
||||
}
|
||||
|
||||
if slices.Contains(claims.Roles, constants.ADMIN) {
|
||||
if dto.UserID == claims.UId && hasBannedRole {
|
||||
if userId == claims.UId && hasBannedRole {
|
||||
return nil, fiber.NewError(fiber.StatusForbidden, "You can't assign BANNED role to yourself")
|
||||
}
|
||||
|
||||
if dto.UserID == claims.UId && !hasAdminRole {
|
||||
if userId == claims.UId && !hasAdminRole {
|
||||
return nil, fiber.NewError(fiber.StatusForbidden, "You can't remove ADMIN role of yourself")
|
||||
}
|
||||
}
|
||||
@@ -172,13 +172,13 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
|
||||
user.Roles = append(user.Roles, role.ToRoleSimple())
|
||||
}
|
||||
|
||||
err = u.roleRepo.BulkDeleteRolesFromUser(ctx, userId)
|
||||
err = u.roleRepo.BulkDeleteRolesFromUser(ctx, userUUID)
|
||||
if err != nil {
|
||||
return nil, fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||
}
|
||||
|
||||
err = u.roleRepo.CreateUserRole(ctx, sqlc.CreateUserRoleParams{
|
||||
UserID: userId,
|
||||
UserID: userUUID,
|
||||
Column2: roleIdList,
|
||||
})
|
||||
if err != nil {
|
||||
@@ -186,7 +186,7 @@ func (u *userService) ChangeRoleUser(ctx context.Context, claims *response.JWTCl
|
||||
}
|
||||
|
||||
err = u.userRepo.UpdateTokenVersion(ctx, sqlc.UpdateTokenVersionParams{
|
||||
ID: userId,
|
||||
ID: userUUID,
|
||||
TokenVersion: user.TokenVersion + 1,
|
||||
})
|
||||
if err != nil {
|
||||
|
||||
Reference in New Issue
Block a user