package admin import ( "net/http" "github.com/gin-gonic/gin" "github.com/metarare/metarare_api/common" "github.com/metarare/metarare_api/helpers/gauth" "github.com/metarare/metarare_api/helpers/gerror" "github.com/metarare/metarare_api/models" "github.com/metarare/metarare_api/view" "gorm.io/gorm" ) type AdminAdministratorV1Router struct { group *gin.RouterGroup mDB *gorm.DB rDB *gorm.DB } func NewAdminAdministratorV1Router(r common.Router, basePath string) AdminAdministratorV1Router { a := AdminAdministratorV1Router{ group: r.Version.Group(basePath), mDB: r.Db.MasterDB, rDB: r.Db.ReadDB, } a.group.GET("", a.getAdministorList) a.group.PATCH("status", a.updateAdministratorStatus) a.group.POST("", a.registerAdministor) a.group.PATCH("permission", a.updatePermission) return a } // getAdministorList godoc // @Summary get administrator list // @Description 관리자 리스트 가져오기 // @Schemes // @security ApiKeyAuth // @Tags admin // @Accept json // @Produce json // @Success 200 {object} view.AdministratorList // @Router /admin/administrator [get] func (a AdminAdministratorV1Router) getAdministorList(c *gin.Context) { admin, err := gauth.ConfirmAdminInfo(c, a.rDB) if err != nil || admin.ID == 0 { gerror.IntegratedResponseToRequest(c, http.StatusUnauthorized, gerror.Unauthorized, nil, err) return } if admin.AdminPermission.Admin == 0 { gerror.IntegratedResponseToRequest(c, http.StatusUnauthorized, gerror.PermissionNotFound, nil, err) return } response := []view.AdministratorList{} if err := view.GetAdministorList(a.rDB).Find(&response).Error; err != nil { gerror.IntegratedResponseToRequest(c, http.StatusInternalServerError, gerror.MysqlContextError, nil, err) return } gerror.IntegratedResponseToRequest(c, http.StatusOK, gerror.OK, response, nil) return } // updateAdministratorStatus godoc // @Summary update administrator status // @Description 관리자 상태값 변경 // @Schemes // @security ApiKeyAuth // @Tags admin // @Accept json // @Produce json // @Param UpdateStatus body UpdateStatus true "selected target data" // @Success 200 {string} OK // @Router /admin/administrator/status [patch] func (a AdminAdministratorV1Router) updateAdministratorStatus(c *gin.Context) { admin, err := gauth.ConfirmAdminInfo(c, a.rDB) if err != nil || admin.ID == 0 { gerror.IntegratedResponseToRequest(c, http.StatusUnauthorized, gerror.Unauthorized, nil, err) return } if admin.AdminPermission.Admin == 0 { gerror.IntegratedResponseToRequest(c, http.StatusUnauthorized, gerror.PermissionNotFound, nil, err) return } request := UpdateStatus{} if err := c.ShouldBindJSON(&request); err != nil { gerror.IntegratedResponseToRequest(c, http.StatusBadRequest, gerror.InvalidParameterValue, nil, err) return } if request.Status != "stable" && request.Status != "blocked" { gerror.IntegratedResponseToRequest(c, http.StatusBadRequest, gerror.InvalidParameterValue, nil, err) return } _admin := models.Admin{} if err := a.rDB.Where("id = ?", request.ID).Find(&_admin).Error; err != nil { gerror.IntegratedResponseToRequest(c, http.StatusInternalServerError, gerror.MysqlContextError, nil, err) return } else if _admin.ID == 0 { gerror.IntegratedResponseToRequest(c, http.StatusBadRequest, gerror.NotFoundRecord, nil, err) return } tx := a.mDB.Begin() defer common.DBTransaction(tx) //SECTION admin log log := Log{ DB: tx, ActionType: "admin", SubActionType: "modified", Admin: admin, TargetID: request.ID, To: request.Status, From: _admin.Status, Target: "status", } _admin.Status = request.Status if err := tx.Save(&_admin).Error; err != nil { gerror.IntegratedResponseToRequest(c, http.StatusInternalServerError, gerror.MysqlSaveError, nil, err) return } if err = StackLog(log); err != nil { gerror.IntegratedResponseToRequest(c, http.StatusInternalServerError, gerror.LogTrackingError, nil, err) tx.Rollback() return } if err := tx.Commit().Error; err != nil { gerror.IntegratedResponseToRequest(c, http.StatusInternalServerError, gerror.MysqlSaveError, nil, err) tx.Rollback() return } gerror.IntegratedResponseToRequest(c, http.StatusOK, gerror.OK, nil, nil) return } // registerAdministor godoc // @Summary create administrator // @Description 관리자 등록 // @Schemes // @security ApiKeyAuth // @Tags admin // @Accept json // @Produce json // @Param RegisterAdministratorData body RegisterAdministratorData true "body struct" // @Success 200 {number} _admin.ID // @Router /admin/administrator [post] func (a AdminAdministratorV1Router) registerAdministor(c *gin.Context) { admin, err := gauth.ConfirmAdminInfo(c, a.rDB) if err != nil || admin.ID == 0 { gerror.IntegratedResponseToRequest(c, http.StatusUnauthorized, gerror.Unauthorized, nil, err) return } if admin.AdminPermission.Admin == 0 { gerror.IntegratedResponseToRequest(c, http.StatusUnauthorized, gerror.PermissionNotFound, nil, err) return } request := RegisterAdministratorData{} if err := c.ShouldBindJSON(&request); err != nil { gerror.IntegratedResponseToRequest(c, http.StatusBadRequest, gerror.InvalidParameterValue, nil, err) return } tx := a.mDB.Begin() defer common.DBTransaction(tx) _admin := models.Admin{ Name: request.Name, Status: "stable", Email: request.Email, Password: request.Password, Phone: request.Phone, Position: request.Position, Chargeof: request.Chargeof, Team: request.Team, } if err := a.mDB.Save(&_admin).Error; err != nil { gerror.IntegratedResponseToRequest(c, http.StatusBadRequest, gerror.MysqlSaveError, nil, err) tx.Rollback() return } permission := models.AdminPermission{ AdminID: _admin.ID, } if err := a.mDB.Save(&permission).Error; err != nil { gerror.IntegratedResponseToRequest(c, http.StatusBadRequest, gerror.MysqlSaveError, nil, err) tx.Rollback() return } //SECTION admin log log := Log{ DB: tx, ActionType: "admin", SubActionType: "created", Admin: admin, TargetID: _admin.ID, } if err = StackLog(log); err != nil { gerror.IntegratedResponseToRequest(c, http.StatusInternalServerError, gerror.LogTrackingError, nil, err) tx.Rollback() return } if err := tx.Commit().Error; err != nil { gerror.IntegratedResponseToRequest(c, http.StatusInternalServerError, gerror.MysqlSaveError, nil, err) tx.Rollback() return } gerror.IntegratedResponseToRequest(c, http.StatusOK, gerror.OK, _admin.ID, nil) return } // updatePermission godoc // @Summary update administrator permmsion // @Description 관리자 권한 변경 // @Schemes // @security ApiKeyAuth // @Tags admin // @Accept json // @Produce json // @Param UpdatePermission body UpdatePermission true "selected target data" // @Success 200 {string} OK // @Router /admin/administrator/permission [patch] func (a AdminAdministratorV1Router) updatePermission(c *gin.Context) { admin, err := gauth.ConfirmAdminInfo(c, a.rDB) if err != nil || admin.ID == 0 { gerror.IntegratedResponseToRequest(c, http.StatusUnauthorized, gerror.Unauthorized, nil, err) return } if admin.AdminPermission.Admin == 0 { gerror.IntegratedResponseToRequest(c, http.StatusUnauthorized, gerror.PermissionNotFound, nil, err) return } request := UpdatePermission{} if err := c.ShouldBindJSON(&request); err != nil { gerror.IntegratedResponseToRequest(c, http.StatusBadRequest, gerror.InvalidParameterValue, nil, err) return } permission := models.AdminPermission{} if err := a.rDB.Where("admin_id = ?", request.AdminID).Find(&permission).Error; err != nil { gerror.IntegratedResponseToRequest(c, http.StatusBadRequest, gerror.InvalidParameterValue, nil, err) return } else if permission.ID == 0 { gerror.IntegratedResponseToRequest(c, http.StatusNotFound, gerror.NotFoundRecord, nil, err) return } if request.UserPermission { permission.User = 1 } else { permission.User = 0 } if request.CollectionPermission { permission.Collection = 1 } else { permission.Collection = 0 } if request.SystemPermission { permission.System = 1 } else { permission.System = 0 } if request.AdminPermission { permission.Admin = 1 } else { permission.Admin = 0 } if request.LogPermission { permission.Log = 1 } else { permission.Log = 0 } tx := a.mDB.Begin() defer common.DBTransaction(tx) //SECTION admin log log := Log{ DB: tx, ActionType: "admin", SubActionType: "modified", Admin: admin, TargetID: request.AdminID, Target: "permission", } if err := tx.Save(&permission).Error; err != nil { gerror.IntegratedResponseToRequest(c, http.StatusBadRequest, gerror.InvalidParameterValue, nil, err) tx.Rollback() return } if err = StackLog(log); err != nil { gerror.IntegratedResponseToRequest(c, http.StatusInternalServerError, gerror.LogTrackingError, nil, err) tx.Rollback() return } if err := tx.Commit().Error; err != nil { gerror.IntegratedResponseToRequest(c, http.StatusInternalServerError, gerror.MysqlSaveError, nil, err) tx.Rollback() return } gerror.IntegratedResponseToRequest(c, http.StatusOK, gerror.OK, nil, err) return }