Skip to content

Commit

Permalink
wrapped routes with perms (#258)
Browse files Browse the repository at this point in the history
  • Loading branch information
DOOduneye authored Feb 22, 2024
1 parent 0849ee9 commit 2adeb65
Show file tree
Hide file tree
Showing 36 changed files with 560 additions and 236 deletions.
118 changes: 63 additions & 55 deletions backend/src/auth/permissions.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,82 +5,90 @@ import "github.com/GenerateNU/sac/backend/src/models"
type Permission string

const (
UserReadAll Permission = "user:readAll"
UserRead Permission = "user:read"
UserWrite Permission = "user:write"
UserDelete Permission = "user:delete"
// User Management
UserRead Permission = "user:read"
UserWrite Permission = "user:write"
UserDelete Permission = "user:delete"
UserManageProfile Permission = "user:manage_profile"
UserReadAll Permission = "user:read_all"

TagReadAll Permission = "tag:readAll"
TagRead Permission = "tag:read"
TagWrite Permission = "tag:write"
TagCreate Permission = "tag:create"
TagDelete Permission = "tag:delete"
// Tag Management
TagRead Permission = "tag:read"
TagCreate Permission = "tag:create"
TagWrite Permission = "tag:write"
TagDelete Permission = "tag:delete"

ClubReadAll Permission = "club:readAll"
ClubRead Permission = "club:read"
ClubWrite Permission = "club:write"
ClubCreate Permission = "club:create"
ClubDelete Permission = "club:delete"
// Club Management
ClubRead Permission = "club:read"
ClubCreate Permission = "club:create"
ClubWrite Permission = "club:write"
ClubDelete Permission = "club:delete"
ClubManageMembers Permission = "club:manage_members"
ClubManageFollowers Permission = "club:manage_followers"

PointOfContactReadAll Permission = "pointOfContact:readAll"
PointOfContactRead Permission = "pointOfContact:read"
PointOfContactCreate Permission = "pointOfContact:create"
PointOfContactWrite Permission = "pointOfContact:write"
PointOfContactDelete Permission = "pointOfContact:delete"
// Point of Contact Management
PointOfContactRead Permission = "pointOfContact:read"
PointOfContactCreate Permission = "pointOfContact:create"
PointOfContactWrite Permission = "pointOfContact:write"
PointOfContactDelete Permission = "pointOfContact:delete"

CommentReadAll Permission = "comment:readAll"
CommentRead Permission = "comment:read"
CommentCreate Permission = "comment:create"
CommentWrite Permission = "comment:write"
CommentDelete Permission = "comment:delete"
// Comment Management
CommentRead Permission = "comment:read"
CommentCreate Permission = "comment:create"
CommentWrite Permission = "comment:write"
CommentDelete Permission = "comment:delete"

EventReadAll Permission = "event:readAll"
EventRead Permission = "event:read"
EventWrite Permission = "event:write"
EventCreate Permission = "event:create"
EventDelete Permission = "event:delete"
// Event Management
EventRead Permission = "event:read"
EventCreate Permission = "event:create"
EventWrite Permission = "event:write"
EventDelete Permission = "event:delete"
EventManageRSVPs Permission = "event:manage_rsvps"

ContactReadAll Permission = "contact:readAll"
ContactRead Permission = "contact:read"
ContactWrite Permission = "contact:write"
ContactCreate Permission = "contact:create"
ContactDelete Permission = "contact:delete"
// Contact Management
ContactRead Permission = "contact:read"
ContactCreate Permission = "contact:create"
ContactWrite Permission = "contact:write"
ContactDelete Permission = "contact:delete"

CategoryReadAll Permission = "category:readAll"
CategoryRead Permission = "category:read"
CategoryWrite Permission = "category:write"
CategoryCreate Permission = "category:create"
CategoryDelete Permission = "category:delete"
// Category Management
CategoryRead Permission = "category:read"
CategoryCreate Permission = "category:create"
CategoryWrite Permission = "category:write"
CategoryDelete Permission = "category:delete"

NotificationReadAll Permission = "notification:readAll"
NotificationRead Permission = "notification:read"
NotificationWrite Permission = "notification:write"
NotificationCreate Permission = "notification:create"
NotificationDelete Permission = "notification:delete"
// Notification Management
NotificationRead Permission = "notification:read"
NotificationCreate Permission = "notification:create"
NotificationWrite Permission = "notification:write"
NotificationDelete Permission = "notification:delete"

// Global Permissions (for convenience)
ReadAll Permission = "all:read"
CreateAll Permission = "all:create"
WriteAll Permission = "all:write"
DeleteAll Permission = "all:delete"
)

var rolePermissions = map[models.UserRole][]Permission{
models.Super: {
UserRead, UserReadAll, UserWrite, UserDelete,
UserRead, UserWrite, UserDelete, UserManageProfile, UserReadAll,
TagRead, TagCreate, TagWrite, TagDelete,
ClubRead, ClubCreate, ClubWrite, ClubDelete,
ClubRead, ClubCreate, ClubWrite, ClubDelete, ClubManageMembers, ClubManageFollowers,
PointOfContactRead, PointOfContactCreate, PointOfContactWrite, PointOfContactDelete,
CommentRead, CommentCreate, CommentWrite, CommentDelete,
EventRead, EventCreate, EventWrite, EventDelete,
EventRead, EventCreate, EventWrite, EventDelete, EventManageRSVPs,
ContactRead, ContactCreate, ContactWrite, ContactDelete,
CategoryRead, CategoryCreate, CategoryWrite, CategoryDelete,
NotificationRead, NotificationCreate, NotificationWrite, NotificationDelete,
UserReadAll, TagReadAll, ClubReadAll, PointOfContactReadAll, CommentReadAll, EventReadAll, ContactReadAll, CategoryReadAll, NotificationReadAll,
ReadAll, CreateAll, WriteAll, DeleteAll,
},
models.Student: {
UserRead,
UserRead, UserManageProfile,
TagRead,
ClubRead,
PointOfContactRead,
CommentRead,
EventRead,
ContactRead,
CategoryRead,
ClubRead, EventRead,
CommentRead, CommentCreate,
ContactRead, PointOfContactRead,
NotificationRead,
},
}
Expand Down
21 changes: 8 additions & 13 deletions backend/src/controllers/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ func (a *AuthController) Me(c *fiber.Ctx) error {
return err.FiberError(c)
}

return c.JSON(user)
return c.Status(fiber.StatusOK).JSON(user)
}

// Login godoc
Expand Down Expand Up @@ -76,7 +76,7 @@ func (a *AuthController) Login(c *fiber.Ctx) error {

accessToken, refreshToken, err := auth.CreateTokenPair(user.ID.String(), string(user.Role), a.AuthSettings)
if err != nil {
return err.FiberError(c)
return errors.Unauthorized.FiberError(c)
}

// Set the tokens in the response
Expand Down Expand Up @@ -106,17 +106,17 @@ func (a *AuthController) Refresh(c *fiber.Ctx) error {
// Extract id from refresh token
claims, err := auth.ExtractRefreshClaims(refreshTokenValue, a.AuthSettings.RefreshKey)
if err != nil {
return err.FiberError(c)
return errors.Unauthorized.FiberError(c)
}

role, err := a.authService.GetRole(claims.Issuer)
if err != nil {
return err.FiberError(c)
return errors.Unauthorized.FiberError(c)
}

accessToken, err := auth.RefreshAccessToken(refreshTokenValue, string(*role), a.AuthSettings.RefreshKey, a.AuthSettings.AccessTokenExpiry, a.AuthSettings.AccessKey)
if err != nil {
return err.FiberError(c)
return errors.Unauthorized.FiberError(c)
}

// Set the access token in the response (e.g., in a cookie or JSON response)
Expand Down Expand Up @@ -165,21 +165,16 @@ func (a *AuthController) Logout(c *fiber.Ctx) error {
// @Failure 401 {object} errors.Error
// @Failure 404 {object} errors.Error
// @Failure 500 {object} errors.Error
// @Router /auth/update-password [post]
// @Failure 429 {object}
// @Router /auth/update-password/:userID [post]
func (a *AuthController) UpdatePassword(c *fiber.Ctx) error {
var userBody models.UpdatePasswordRequestBody

if err := c.BodyParser(&userBody); err != nil {
return errors.FailedToParseRequestBody.FiberError(c)
}

claims, err := auth.From(c)
if err != nil {
return err.FiberError(c)
}

err = a.authService.UpdatePassword(claims.Issuer, userBody)
if err != nil {
if err := a.authService.UpdatePassword(c.Params("userID"), userBody); err != nil {
return err.FiberError(c)
}

Expand Down
2 changes: 1 addition & 1 deletion backend/src/controllers/category.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ func (cat *CategoryController) CreateCategory(c *fiber.Ctx) error {
// @Failure 404 {string} errors.Error
// @Failure 500 {string} errors.Error
// @Router /category/ [get]
func (cat *CategoryController) GetCategories(c *fiber.Ctx) error {
func (cat *CategoryController) GetAllCategories(c *fiber.Ctx) error {
defaultLimit := 10
defaultPage := 1

Expand Down
4 changes: 2 additions & 2 deletions backend/src/controllers/club.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ func NewClubController(clubService services.ClubServiceInterface) *ClubControlle
return &ClubController{clubService: clubService}
}

// GetAllClubs godoc
// GetClubs godoc
//
// @Summary Retrieve all clubs
// @Description Retrieves all clubs
Expand All @@ -28,7 +28,7 @@ func NewClubController(clubService services.ClubServiceInterface) *ClubControlle
// @Failure 400 {object} errors.Error
// @Failure 500 {object} errors.Error
// @Router /club/ [get]
func (cl *ClubController) GetAllClubs(c *fiber.Ctx) error {
func (cl *ClubController) GetClubs(c *fiber.Ctx) error {
var queryParams models.ClubQueryParams

queryParams.Limit = 10 // default limit
Expand Down
40 changes: 33 additions & 7 deletions backend/src/controllers/tag.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
package controllers

import (
"strconv"

"github.com/GenerateNU/sac/backend/src/errors"
"github.com/GenerateNU/sac/backend/src/models"
"github.com/GenerateNU/sac/backend/src/services"
Expand All @@ -16,9 +18,7 @@ func NewTagController(tagService services.TagServiceInterface) *TagController {
return &TagController{tagService: tagService}
}

// GetAllTags godoc

// CreateTag creates a new tag.
// GetTags godoc
//
// @Summary Retrieve all tags
// @Description Retrieves all tags
Expand All @@ -29,12 +29,38 @@ func NewTagController(tagService services.TagServiceInterface) *TagController {
// @Param page query int false "Page"
// @Success 200 {object} []models.Tag
// @Failure 400 {object} errors.Error
// @Failure 401 {object} errors.Error
// @Failure 404 {object} errors.Error
// @Failure 500 {object} errors.Error
// @Router /tags [get]
func (t *TagController) GetTags(c *fiber.Ctx) error {
defaultLimit := 10
defaultPage := 1

tags, err := t.tagService.GetTags(c.Query("limit", strconv.Itoa(defaultLimit)), c.Query("page", strconv.Itoa(defaultPage)))
if err != nil {
return err.FiberError(c)
}

return c.Status(fiber.StatusOK).JSON(&tags)
}

// CreateTag godoc
//
// @Summary Create a tag
// @Description Creates a tag
// @ID create-tag
// @Tags tag
// @Accept json
// @Produce json
// @Param tagBody body models.CreateTagRequestBody true "Tag Body"
// @Success 201 {object} models.Tag
// @Failure 400 {object} errors.Error
// @Failure 401 {object} errors.Error
// @Failure 404 {object} errors.Error
// @Failure 500 {object} errors.Error
// @Router /tags/ [post]
func (t *TagController) CreateTag(c *fiber.Ctx) error {
var tagBody models.TagRequestBody
var tagBody models.CreateTagRequestBody

if err := c.BodyParser(&tagBody); err != nil {
return errors.FailedToParseRequestBody.FiberError(c)
Expand Down Expand Up @@ -79,15 +105,15 @@ func (t *TagController) GetTag(c *fiber.Ctx) error {
// @Accept json
// @Produce json
// @Param tagID path string true "Tag ID"
// @Param tag body models.TagRequestBody true "Tag"
// @Param tag body models.UpdateTagRequestBody true "Tag"
// @Success 200 {object} models.Tag
// @Failure 400 {object} errors.Error
// @Failure 401 {object} errors.Error
// @Failure 404 {object} errors.Error
// @Failure 500 {object} errors.Error
// @Router /tags/{tagID} [put]
func (t *TagController) UpdateTag(c *fiber.Ctx) error {
var tagBody models.TagRequestBody
var tagBody models.UpdateTagRequestBody

if err := c.BodyParser(&tagBody); err != nil {
return errors.FailedToParseRequestBody.FiberError(c)
Expand Down
Loading

0 comments on commit 2adeb65

Please sign in to comment.