Moved lgoin from AccessHandler into Guard Service

2025-10-22 14:10:05 +02:00
parent e97b232207
commit 40a7d841b8
3 changed files with 57 additions and 34 deletions
--- a/src/internal/server/access_handler.go
+++ b/src/internal/server/access_handler.go
@@ -1,8 +1,6 @@
 package server

 import (
-	"fmt"
-
 	dto "git.ego.freeddns.org/egommerce/api-entities/identity/dto"
 	domain "git.ego.freeddns.org/egommerce/identity-service/domain/repository"
 	"git.ego.freeddns.org/egommerce/identity-service/internal/service"
@@ -14,36 +12,16 @@ func (s *Server) AccessHandlerFn(c *fiber.Ctx) error {
 	roleRepo := domain.NewRoleRepository(s.GetDatabase())
 	urlRepo := domain.NewURLAccessRepository(s.GetDatabase())
 	authSrv := service.NewAuthService(userRepo, s.GetCache())
+	guardSrv := service.NewGuardService(authSrv, userRepo, roleRepo, urlRepo)

 	url, srvName := c.Query("q"), c.Query("srv")
-
 	header := new(dto.AuthorizationHeaderDTO)
 	c.ReqHeaderParser(header)

-	token, err := authSrv.GetTokenFromAuthorizationHeader(header.Authorization)
-	if err != nil { // FIXME probably never get here cause of jwt parsing in middlewares
+	err := guardSrv.CheckUserPermissions(header, url, srvName)
+	if err != nil {
 		return s.Error(c, fiber.StatusNotFound, err.Error())
 	}

-	uid, _ := authSrv.GetUIDByAccesssToken(token)
-	user, err := userRepo.FindByID(uid)
-	if err != nil {
-		return s.Error(c, fiber.StatusNotFound, "user not found")
-	}
-
-	role := roleRepo.GetUserRole(user)
-
-	urlAcc, err := urlRepo.FindByURLAndServiceForRole(url, srvName, role.Name)
-	if err != nil {
-		return s.Error(c, fiber.StatusNotFound, "user has not required permission")
-	}
-
-	fmt.Printf("urlAcc: %#v", urlAcc)
-
-	// roles := urlRepo.FindForUser()
-	// guardSrv := service.NewGuardService()
-
-	// guard.CheckAccess("asd")
-
 	return c.SendStatus(fiber.StatusNoContent)
 }