feat/BE/US-304/TASK-307,306-adjustment middleware check if user have permission,create all permission in modules lti

internal/modules/master/areas/route.go

@@ -15,9 +15,9 @@ func AreaRoutes(v1 fiber.Router, u user.UserService, s area.AreaService) {
 	route := v1.Group("/areas")
 	route.Use(m.Auth(u))
 
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_AreaGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_AreaCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_AreaGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_AreaUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_AreaDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/banks/route.go

@@ -14,10 +14,9 @@ func BankRoutes(v1 fiber.Router, u user.UserService, s bank.BankService) {
 
 	route := v1.Group("/banks")
 	route.Use(m.Auth(u))
-
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_BanksGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_BanksCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_BanksGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_BanksUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_BanksDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/customers/route.go

@@ -15,9 +15,9 @@ func CustomerRoutes(v1 fiber.Router, u user.UserService, s customer.CustomerServ
 	route := v1.Group("/customers")
 	route.Use(m.Auth(u))
 
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_CustomerGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_CustomerCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_CustomerGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_CustomerUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_CustomerDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/fcrs/route.go

@@ -15,9 +15,9 @@ func FcrRoutes(v1 fiber.Router, u user.UserService, s fcr.FcrService) {
 	route := v1.Group("/fcrs")
 	route.Use(m.Auth(u))
 
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_FcrGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_FcrCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_FcrGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_FcrUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_FcrDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/flocks/route.go

@@ -15,9 +15,9 @@ func FlockRoutes(v1 fiber.Router, u user.UserService, s flock.FlockService) {
 	route := v1.Group("/flocks")
 	route.Use(m.Auth(u))
 
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_FlocksGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_FlocksCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_FlocksGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_FlocksUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_FlocksDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/kandangs/route.go

@@ -15,9 +15,9 @@ func KandangRoutes(v1 fiber.Router, u user.UserService, s kandang.KandangService
 	route := v1.Group("/kandangs")
 	route.Use(m.Auth(u))
 
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_KandangsGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_KandangsCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_KandangsGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_KandangsUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_KandangsDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/locations/route.go

@@ -15,9 +15,9 @@ func LocationRoutes(v1 fiber.Router, u user.UserService, s location.LocationServ
 	route := v1.Group("/locations")
 	route.Use(m.Auth(u))
 
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_LocationsGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_LocationsCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_LocationsGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_LocationsUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_LocationsDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/nonstocks/route.go

@@ -15,9 +15,9 @@ func NonstockRoutes(v1 fiber.Router, u user.UserService, s nonstock.NonstockServ
 	route := v1.Group("/nonstocks")
 	route.Use(m.Auth(u))
 
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_NonstocksGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_NonstocksCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_NonstocksGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_NonstocksUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_NonstocksDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/product-categories/route.go

@@ -15,9 +15,9 @@ func ProductCategoryRoutes(v1 fiber.Router, u user.UserService, s productCategor
 	route := v1.Group("/product-categories")
 	route.Use(m.Auth(u))
 
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_ProductCategoriesGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_ProductCategoriesCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_ProductCategoriesGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_ProductCategoriesUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_ProductCategoriesDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/products/route.go

@@ -15,9 +15,9 @@ func ProductRoutes(v1 fiber.Router, u user.UserService, s product.ProductService
 	route := v1.Group("/products")
 	route.Use(m.Auth(u))
 
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_ProductsGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_ProductsCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_ProductsGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_ProductsUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_ProductsDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/suppliers/route.go

@@ -15,9 +15,9 @@ func SupplierRoutes(v1 fiber.Router, u user.UserService, s supplier.SupplierServ
 	route := v1.Group("/suppliers")
 	route.Use(m.Auth(u))
 
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_SuppliersGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_SuppliersCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_SuppliersGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_SuppliersUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_SuppliersDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/uoms/route.go

@@ -20,4 +20,10 @@ func UomRoutes(v1 fiber.Router, u user.UserService, s uom.UomService) {
 	route.Get("/:id", ctrl.GetOne)
 	route.Patch("/:id", ctrl.UpdateOne)
 	route.Delete("/:id", ctrl.DeleteOne)
+
+	route.Get("/",m.RequirePermissions(m.P_AreaGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_AreaCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_AreaGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_AreaUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_AreaDeleteOne), ctrl.DeleteOne)
 }

internal/modules/master/warehouses/route.go

@@ -15,9 +15,9 @@ func WarehouseRoutes(v1 fiber.Router, u user.UserService, s warehouse.WarehouseS
 	route := v1.Group("/warehouses")
 	route.Use(m.Auth(u))
 
-	route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_WarehousesGetAll), ctrl.GetAll)
+	route.Post("/",m.RequirePermissions(m.P_WarehousesCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_WarehousesGetOne), ctrl.GetOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_WarehousesUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_WarehousesDeleteOne), ctrl.DeleteOne)
 }