diff --git a/api/acl_admin/handle.go b/api/acl_admin/handle.go new file mode 100644 index 0000000..b5cc14f --- /dev/null +++ b/api/acl_admin/handle.go @@ -0,0 +1,122 @@ +package api_acladmin + +import ( + "encoding/json" + "net/http" + + "git.oblat.lv/alex/triggerssmith/internal/acl" + "git.oblat.lv/alex/triggerssmith/internal/auth" + "git.oblat.lv/alex/triggerssmith/internal/config" + "git.oblat.lv/alex/triggerssmith/internal/server" + "github.com/go-chi/chi/v5" +) + +type aclAdminHandler struct { + cfg *config.Config + a *acl.Service + auth *auth.Service +} + +func MustRoute(config *config.Config, aclService *acl.Service, authService *auth.Service) func(chi.Router) { + if config == nil { + panic("config is nil") + } + if aclService == nil { + panic("aclService is nil") + } + if authService == nil { + panic("authService is nil") + } + h := &aclAdminHandler{ + cfg: config, + a: aclService, + auth: authService, + } + return func(r chi.Router) { + r.Get("/roles", h.getRoles) + r.Post("/create-role", h.createRole) + r.Post("/assign-role", h.assignRoleToUser) + r.Get("/user-roles", h.getUserRoles) + r.Post("/remove-role", h.removeRoleFromUser) + + r.Get("/resources", h.getResources) + r.Post("/create-resource", h.createResource) + r.Post("/assign-resource", h.assignResourceToRole) + r.Get("/role-resources", h.getRoleResources) + r.Post("/remove-resource", h.removeResourceFromRole) + + r.Get("/permissions", h.getResources) // legacy support + r.Post("/create-permissions", h.createResource) // legacy support + r.Post("/assign-permissions", h.assignResourceToRole) // legacy support + r.Get("/role-permissions", h.getRoleResources) // legacy support + r.Post("/remove-permissions", h.removeResourceFromRole) // legacy support + } +} + +type rolesResponse []struct { + ID uint `json:"id"` + Name string `json:"name"` +} + +func (h *aclAdminHandler) getRoles(w http.ResponseWriter, r *http.Request) { + roles, err := h.a.GetRoles() + if err != nil { + http.Error(w, "Internal server error", http.StatusInternalServerError) + return + } + w.Header().Set("Content-Type", "application/json") + err = json.NewEncoder(w).Encode(func() rolesResponse { + // Transform acl.Role to rolesResponse + resp := make(rolesResponse, 0, len(roles)) + for _, role := range roles { + resp = append(resp, struct { + ID uint `json:"id"` + Name string `json:"name"` + }{ + ID: role.ID, + Name: role.Name, + }) + } + return resp + }()) + if err != nil { + http.Error(w, "Failed to encode response", http.StatusInternalServerError) + return + } +} + +func (h *aclAdminHandler) createRole(w http.ResponseWriter, r *http.Request) { + server.NotImplemented(w) +} + +func (h *aclAdminHandler) assignRoleToUser(w http.ResponseWriter, r *http.Request) { + server.NotImplemented(w) +} + +func (h *aclAdminHandler) getUserRoles(w http.ResponseWriter, r *http.Request) { + server.NotImplemented(w) +} + +func (h *aclAdminHandler) removeRoleFromUser(w http.ResponseWriter, r *http.Request) { + server.NotImplemented(w) +} + +func (h *aclAdminHandler) getResources(w http.ResponseWriter, r *http.Request) { + server.NotImplemented(w) +} + +func (h *aclAdminHandler) createResource(w http.ResponseWriter, r *http.Request) { + server.NotImplemented(w) +} + +func (h *aclAdminHandler) assignResourceToRole(w http.ResponseWriter, r *http.Request) { + server.NotImplemented(w) +} + +func (h *aclAdminHandler) getRoleResources(w http.ResponseWriter, r *http.Request) { + server.NotImplemented(w) +} + +func (h *aclAdminHandler) removeResourceFromRole(w http.ResponseWriter, r *http.Request) { + server.NotImplemented(w) +}