implement endpoint /roles

2025-12-19 14:27:17 +02:00
parent 69281f3337
commit 78a8e46b3e
1 changed files with 122 additions and 0 deletions
--- a/api/acl_admin/handle.go
+++ b/api/acl_admin/handle.go
@@ -0,0 +1,122 @@
+package api_acladmin
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"git.oblat.lv/alex/triggerssmith/internal/acl"
+	"git.oblat.lv/alex/triggerssmith/internal/auth"
+	"git.oblat.lv/alex/triggerssmith/internal/config"
+	"git.oblat.lv/alex/triggerssmith/internal/server"
+	"github.com/go-chi/chi/v5"
+)
+
+type aclAdminHandler struct {
+	cfg  *config.Config
+	a    *acl.Service
+	auth *auth.Service
+}
+
+func MustRoute(config *config.Config, aclService *acl.Service, authService *auth.Service) func(chi.Router) {
+	if config == nil {
+		panic("config is nil")
+	}
+	if aclService == nil {
+		panic("aclService is nil")
+	}
+	if authService == nil {
+		panic("authService is nil")
+	}
+	h := &aclAdminHandler{
+		cfg:  config,
+		a:    aclService,
+		auth: authService,
+	}
+	return func(r chi.Router) {
+		r.Get("/roles", h.getRoles)
+		r.Post("/create-role", h.createRole)
+		r.Post("/assign-role", h.assignRoleToUser)
+		r.Get("/user-roles", h.getUserRoles)
+		r.Post("/remove-role", h.removeRoleFromUser)
+
+		r.Get("/resources", h.getResources)
+		r.Post("/create-resource", h.createResource)
+		r.Post("/assign-resource", h.assignResourceToRole)
+		r.Get("/role-resources", h.getRoleResources)
+		r.Post("/remove-resource", h.removeResourceFromRole)
+
+		r.Get("/permissions", h.getResources)                   // legacy support
+		r.Post("/create-permissions", h.createResource)         // legacy support
+		r.Post("/assign-permissions", h.assignResourceToRole)   // legacy support
+		r.Get("/role-permissions", h.getRoleResources)          // legacy support
+		r.Post("/remove-permissions", h.removeResourceFromRole) // legacy support
+	}
+}
+
+type rolesResponse []struct {
+	ID        uint          `json:"id"`
+	Name      string        `json:"name"`
+}
+
+func (h *aclAdminHandler) getRoles(w http.ResponseWriter, r *http.Request) {
+	roles, err := h.a.GetRoles()
+	if err != nil {
+		http.Error(w, "Internal server error", http.StatusInternalServerError)
+		return
+	}
+	w.Header().Set("Content-Type", "application/json")
+	err = json.NewEncoder(w).Encode(func() rolesResponse {
+		// Transform acl.Role to rolesResponse
+		resp := make(rolesResponse, 0, len(roles))
+		for _, role := range roles {
+			resp = append(resp, struct {
+				ID        uint          `json:"id"`
+				Name      string        `json:"name"`
+			}{
+				ID:   role.ID,
+				Name: role.Name,
+			})
+		}
+		return resp
+	}())
+	if err != nil {
+		http.Error(w, "Failed to encode response", http.StatusInternalServerError)
+		return
+	}
+}
+
+func (h *aclAdminHandler) createRole(w http.ResponseWriter, r *http.Request) {
+	server.NotImplemented(w)
+}
+
+func (h *aclAdminHandler) assignRoleToUser(w http.ResponseWriter, r *http.Request) {
+	server.NotImplemented(w)
+}
+
+func (h *aclAdminHandler) getUserRoles(w http.ResponseWriter, r *http.Request) {
+	server.NotImplemented(w)
+}
+
+func (h *aclAdminHandler) removeRoleFromUser(w http.ResponseWriter, r *http.Request) {
+	server.NotImplemented(w)
+}
+
+func (h *aclAdminHandler) getResources(w http.ResponseWriter, r *http.Request) {
+	server.NotImplemented(w)
+}
+
+func (h *aclAdminHandler) createResource(w http.ResponseWriter, r *http.Request) {
+	server.NotImplemented(w)
+}
+
+func (h *aclAdminHandler) assignResourceToRole(w http.ResponseWriter, r *http.Request) {
+	server.NotImplemented(w)
+}
+
+func (h *aclAdminHandler) getRoleResources(w http.ResponseWriter, r *http.Request) {
+	server.NotImplemented(w)
+}
+
+func (h *aclAdminHandler) removeResourceFromRole(w http.ResponseWriter, r *http.Request) {
+	server.NotImplemented(w)
+}