feat/BE/US-304/TASK-307,306-adjustment middleware check if user have permission,create all permission in modules lti

2026-05-20 21:41:55 +00:00 · 2025-12-10 08:53:09 +07:00
parent e6094528b5
commit 2effa08648
29 changed files with 289 additions and 136 deletions
@@ -16,9 +16,9 @@ func ChickinRoutes(v1 fiber.Router, u user.UserService, s chickin.ChickinService
 	route.Use(m.Auth(u))

 	// route.Get("/", ctrl.GetAll)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
+	route.Post("/",m.RequirePermissions(m.P_ChickinsCreateOne), ctrl.CreateOne)
+	route.Get("/:id",m.RequirePermissions(m.P_ChickinsGetOne), ctrl.GetOne)
 	// route.Patch("/:id", ctrl.UpdateOne)
 	// route.Delete("/:id", ctrl.DeleteOne)
-	route.Post("/approvals", ctrl.Approval)
+	route.Post("/approvals",m.RequirePermissions(m.P_ChickinsApproval), ctrl.Approval)
 }
@@ -14,12 +14,6 @@ func ProjectFlockKandangRoutes(v1 fiber.Router, u user.UserService, s projectFlo

 	route := v1.Group("/project-flock-kandangs")
 	route.Use(m.Auth(u))
-	// route.Get("/", m.Auth(u), ctrl.GetAll)
-	// route.Post("/", m.Auth(u), ctrl.CreateOne)
-	// route.Get("/:id", m.Auth(u), ctrl.GetOne)
-	// route.Patch("/:id", m.Auth(u), ctrl.UpdateOne)
-	// route.Delete("/:id", m.Auth(u), ctrl.DeleteOne)
-
 	route.Get("/",m.RequirePermissions(m.P_ProjectFlockKandangsGetAll), ctrl.GetAll)
 	route.Get("/:id",m.RequirePermissions(m.P_ProjectFlockKandangsGetOne), ctrl.GetOne)

@@ -15,11 +15,11 @@ func RecordingRoutes(v1 fiber.Router, u user.UserService, s recording.RecordingS
 	route := v1.Group("/recordings")
 	route.Use(m.Auth(u))

-	route.Get("/", ctrl.GetAll)
-	route.Get("/next-day", ctrl.GetNextDay)
-	route.Post("/", ctrl.CreateOne)
-	route.Get("/:id", ctrl.GetOne)
-	route.Patch("/:id", ctrl.UpdateOne)
-	route.Post("/approvals", ctrl.Approve)
-	route.Delete("/:id", ctrl.DeleteOne)
+	route.Get("/",m.RequirePermissions(m.P_RecordingGetAll), ctrl.GetAll)
+	route.Get("/:id",m.RequirePermissions(m.P_RecordingGetOne), ctrl.GetOne)
+	route.Post("/",m.RequirePermissions(m.P_RecordingCreateOne), ctrl.CreateOne)
+	route.Patch("/:id",m.RequirePermissions(m.P_RecordingUpdateOne), ctrl.UpdateOne)
+	route.Delete("/:id",m.RequirePermissions(m.P_RecordingDeleteOne), ctrl.DeleteOne)
+	route.Get("/next-day",m.RequirePermissions(m.P_RecordingNextDay), ctrl.GetNextDay)
+	route.Post("/approvals",m.RequirePermissions(m.P_RecordingApproval), ctrl.Approve)
 }