ms-auth/internal/services/user.go

132 lines
3.1 KiB
Go
Raw Normal View History

2024-07-14 21:26:34 +00:00
package services
import (
"context"
2024-08-14 15:24:57 +00:00
"git.sch9.ru/new_gate/ms-auth/internal/lib"
"git.sch9.ru/new_gate/ms-auth/internal/models"
2024-07-14 21:26:34 +00:00
)
2024-08-14 10:36:43 +00:00
type UserStorage interface {
CreateUser(ctx context.Context, user *models.User) (int32, error)
ReadUserByEmail(ctx context.Context, email string) (*models.User, error)
ReadUserByUsername(ctx context.Context, username string) (*models.User, error)
ReadUserById(ctx context.Context, id int32) (*models.User, error)
UpdateUser(ctx context.Context, user *models.User) error
2024-07-14 21:26:34 +00:00
DeleteUser(ctx context.Context, id int32) error
}
type UserService struct {
2024-08-14 10:36:43 +00:00
userProvider UserStorage
sessionProvider SessionProvider
cfg lib.Config
2024-07-14 21:26:34 +00:00
}
func NewUserService(
2024-08-14 10:36:43 +00:00
userProvider UserStorage,
2024-07-14 21:26:34 +00:00
sessionProvider SessionProvider,
2024-08-14 10:36:43 +00:00
cfg lib.Config,
2024-07-14 21:26:34 +00:00
) *UserService {
return &UserService{
2024-08-14 10:36:43 +00:00
userProvider: userProvider,
sessionProvider: sessionProvider,
cfg: cfg,
2024-07-14 21:26:34 +00:00
}
}
2024-08-14 10:36:43 +00:00
func (u *UserService) CreateUser(ctx context.Context, user *models.User) (int32, error) {
me := ctx.Value("user").(*models.User)
2024-07-14 21:26:34 +00:00
2024-08-14 10:36:43 +00:00
switch *me.Role {
case models.RoleAdmin:
break
case models.RoleModerator:
if !user.Role.AtMost(models.RoleParticipant) {
return 0, lib.ErrNoPermission
2024-07-14 21:26:34 +00:00
}
2024-08-14 10:36:43 +00:00
default:
return 0, lib.ErrNoPermission
2024-07-14 21:26:34 +00:00
}
2024-08-14 10:36:43 +00:00
return u.userProvider.CreateUser(ctx, user)
2024-07-14 21:26:34 +00:00
}
2024-08-14 10:36:43 +00:00
func (u *UserService) ReadUserBySessionToken(ctx context.Context, token string) (*models.User, error) {
2024-07-14 21:26:34 +00:00
session, err := u.sessionProvider.ReadSessionByToken(ctx, token)
if err != nil {
return nil, err
}
return u.userProvider.ReadUserById(ctx, *session.UserId)
}
2024-08-14 10:36:43 +00:00
func (u *UserService) ReadUser(ctx context.Context, id int32) (*models.User, error) {
2024-07-14 21:26:34 +00:00
return u.userProvider.ReadUserById(ctx, id)
}
2024-08-14 10:36:43 +00:00
func (u *UserService) ReadUserByEmail(ctx context.Context, email string) (*models.User, error) {
return u.userProvider.ReadUserByEmail(ctx, email)
}
func (u *UserService) ReadUserByUsername(ctx context.Context, username string) (*models.User, error) {
return u.userProvider.ReadUserByUsername(ctx, username)
}
func (u *UserService) UpdateUser(ctx context.Context, modifiedUser *models.User) error {
me := ctx.Value("user").(*models.User)
2024-07-14 21:26:34 +00:00
2024-08-14 10:36:43 +00:00
user, err := u.userProvider.ReadUserById(ctx, *modifiedUser.Id)
2024-07-14 21:26:34 +00:00
if err != nil {
return err
}
hasAccess := func() bool {
2024-08-14 10:36:43 +00:00
if me.Role.IsAdmin() {
return true
2024-07-14 21:26:34 +00:00
}
2024-08-14 10:36:43 +00:00
if me.Role.IsModerator() {
if !user.Role.AtMost(models.RoleParticipant) {
return false
}
2024-07-14 21:26:34 +00:00
return true
}
2024-08-14 10:36:43 +00:00
if me.Role.IsParticipant() {
if me.Id != user.Id {
return false
}
if modifiedUser.Username != nil {
return false
}
if modifiedUser.Email != nil {
return false
}
if modifiedUser.ExpiresAt != nil {
return false
}
if modifiedUser.Role != nil {
return false
}
2024-07-14 21:26:34 +00:00
return true
}
2024-08-14 10:36:43 +00:00
if me.Role.IsSpectator() {
return false
}
2024-07-14 21:26:34 +00:00
return false
}()
if !hasAccess {
return lib.ErrNoPermission
}
2024-08-14 10:36:43 +00:00
return u.userProvider.UpdateUser(ctx, user)
2024-07-14 21:26:34 +00:00
}
2024-08-14 10:36:43 +00:00
func (u *UserService) DeleteUser(ctx context.Context, id int32) error {
me := ctx.Value("user").(*models.User)
2024-07-14 21:26:34 +00:00
2024-08-14 10:36:43 +00:00
if *me.Id == id || !me.Role.IsAdmin() {
2024-07-14 21:26:34 +00:00
return lib.ErrNoPermission
}
return u.userProvider.DeleteUser(ctx, id)
}