[FIX/BE-US]add feature restrict by location and areas in roles

2026-05-20 13:31:56 +00:00 · 2026-01-14 13:27:52 +07:00
parent 1847e5590a
commit dff9e73ab1
30 changed files with 1258 additions and 37 deletions
@@ -47,10 +47,21 @@ func (s locationService) GetAll(c *fiber.Ctx, params *validation.Query) ([]entit
 		return nil, 0, err
 	}

+	scope, err := m.ResolveLocationScope(c, s.Repository.DB())
+	if err != nil {
+		return nil, 0, err
+	}
+
 	offset := (params.Page - 1) * params.Limit

 	locations, total, err := s.Repository.GetAll(c.Context(), offset, params.Limit, func(db *gorm.DB) *gorm.DB {
 		db = s.withRelations(db)
+		if scope.Restrict {
+			if len(scope.IDs) == 0 {
+				return db.Where("1 = 0")
+			}
+			db = db.Where("id IN ?", scope.IDs)
+		}
 		if params.Search != "" {
 			db = db.Where("name ILIKE ?", "%"+params.Search+"%")
 		}
@@ -68,7 +79,21 @@ func (s locationService) GetAll(c *fiber.Ctx, params *validation.Query) ([]entit
 }

 func (s locationService) GetOne(c *fiber.Ctx, id uint) (*entity.Location, error) {
-	location, err := s.Repository.GetByID(c.Context(), id, s.withRelations)
+	scope, err := m.ResolveLocationScope(c, s.Repository.DB())
+	if err != nil {
+		return nil, err
+	}
+
+	location, err := s.Repository.GetByID(c.Context(), id, func(db *gorm.DB) *gorm.DB {
+		db = s.withRelations(db)
+		if scope.Restrict {
+			if len(scope.IDs) == 0 {
+				return db.Where("1 = 0")
+			}
+			db = db.Where("id IN ?", scope.IDs)
+		}
+		return db
+	})
 	if errors.Is(err, gorm.ErrRecordNotFound) {
 		return nil, fiber.NewError(fiber.StatusNotFound, "Location not found")
 	}