add notification retrieval endpoint; refactor middleware for company role validation
This commit is contained in:
KidusAlemayehu
parent
9a7d0c834b
commit
4a2ae14a64
|
|
@ -1,5 +1,3 @@
|
|||
version: '3.9'
|
||||
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:16-alpine
|
||||
|
|
@ -16,6 +14,8 @@ services:
|
|||
interval: 5s
|
||||
timeout: 3s
|
||||
retries: 5
|
||||
volumes:
|
||||
- postgres_data:/var/lib/postgresql/data
|
||||
|
||||
migrate:
|
||||
image: migrate/migrate
|
||||
|
|
@ -66,3 +66,6 @@ services:
|
|||
networks:
|
||||
app:
|
||||
driver: bridge
|
||||
|
||||
volumes:
|
||||
postgres_data:
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ import (
|
|||
"encoding/json"
|
||||
"net"
|
||||
"net/http"
|
||||
"strconv"
|
||||
|
||||
"github.com/SamuelTariku/FortuneBet-Backend/internal/domain"
|
||||
"github.com/SamuelTariku/FortuneBet-Backend/internal/web_server/ws"
|
||||
|
|
@ -143,18 +144,18 @@ func (h *Handler) CreateAndSendNotification(c *fiber.Ctx) error {
|
|||
return fiber.NewError(fiber.StatusBadRequest, "Invalid request body")
|
||||
}
|
||||
|
||||
userID, ok := c.Locals("userID").(int64)
|
||||
if !ok || userID == 0 {
|
||||
h.logger.Error("[NotificationSvc.CreateAndSendNotification] Invalid user ID in context")
|
||||
return fiber.NewError(fiber.StatusUnauthorized, "Invalid user identification")
|
||||
}
|
||||
// userID, ok := c.Locals("userID").(int64)
|
||||
// if !ok || userID == 0 {
|
||||
// h.logger.Error("[NotificationSvc.CreateAndSendNotification] Invalid user ID in context")
|
||||
// return fiber.NewError(fiber.StatusUnauthorized, "Invalid user identification")
|
||||
// }
|
||||
|
||||
switch req.DeliveryScheme {
|
||||
case domain.NotificationDeliverySchemeSingle:
|
||||
if req.Reciever == domain.NotificationRecieverSideCustomer && req.RecipientID != userID {
|
||||
h.logger.Warn("[NotificationSvc.CreateAndSendNotification] Unauthorized attempt to send notification", "userID", userID, "recipientID", req.RecipientID)
|
||||
return fiber.NewError(fiber.StatusForbidden, "Unauthorized to send notification to this recipient")
|
||||
}
|
||||
// if req.Reciever == domain.NotificationRecieverSideCustomer {
|
||||
// h.logger.Warn("[NotificationSvc.CreateAndSendNotification] Unauthorized attempt to send notification", "recipientID", req.RecipientID)
|
||||
// return fiber.NewError(fiber.StatusForbidden, "Unauthorized to send notification to this recipient")
|
||||
// }
|
||||
|
||||
notification := &domain.Notification{
|
||||
ID: "",
|
||||
|
|
@ -223,6 +224,42 @@ func (h *Handler) CreateAndSendNotification(c *fiber.Ctx) error {
|
|||
}
|
||||
}
|
||||
|
||||
func (h *Handler) GetNotifications(c *fiber.Ctx) error {
|
||||
limitStr := c.Query("limit", "10")
|
||||
offsetStr := c.Query("offset", "0")
|
||||
|
||||
// Convert limit and offset to integers
|
||||
limit, err := strconv.Atoi(limitStr)
|
||||
if err != nil || limit <= 0 {
|
||||
h.logger.Error("[NotificationSvc.GetNotifications] Invalid limit value", "error", err)
|
||||
return fiber.NewError(fiber.StatusBadRequest, "Invalid limit value")
|
||||
}
|
||||
offset, err := strconv.Atoi(offsetStr)
|
||||
if err != nil || offset < 0 {
|
||||
h.logger.Error("[NotificationSvc.GetNotifications] Invalid offset value", "error", err)
|
||||
return fiber.NewError(fiber.StatusBadRequest, "Invalid offset value")
|
||||
}
|
||||
|
||||
userID, ok := c.Locals("user_id").(int64)
|
||||
if !ok || userID == 0 {
|
||||
h.logger.Error("[NotificationSvc.GetNotifications] Invalid user ID in context")
|
||||
return fiber.NewError(fiber.StatusUnauthorized, "Invalid user identification")
|
||||
}
|
||||
|
||||
notifications, err := h.notificationSvc.ListNotifications(context.Background(), userID, limit, offset)
|
||||
if err != nil {
|
||||
h.logger.Error("[NotificationSvc.GetNotifications] Failed to fetch notifications", "error", err)
|
||||
return fiber.NewError(fiber.StatusInternalServerError, "Failed to fetch notifications")
|
||||
}
|
||||
|
||||
return c.Status(fiber.StatusOK).JSON(fiber.Map{
|
||||
"notifications": notifications,
|
||||
"total_count": len(notifications),
|
||||
"limit": limit,
|
||||
"offset": offset,
|
||||
})
|
||||
}
|
||||
|
||||
func (h *Handler) getAllRecipientIDs(ctx context.Context, receiver domain.NotificationRecieverSide) ([]int64, error) {
|
||||
return h.notificationSvc.ListRecipientIDs(ctx, receiver)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ func (a *App) authMiddleware(c *fiber.Ctx) error {
|
|||
|
||||
}
|
||||
// Asserting to make sure that there is no company role without a valid company id
|
||||
if claim.Role != domain.RoleSuperAdmin && !claim.CompanyID.Valid {
|
||||
if claim.Role != domain.RoleSuperAdmin && claim.Role != domain.RoleCustomer && !claim.CompanyID.Valid {
|
||||
fmt.Println("Company Role without Company ID")
|
||||
return fiber.NewError(fiber.StatusInternalServerError, "Company Role without Company ID")
|
||||
}
|
||||
|
|
|
|||
|
|
@ -170,6 +170,7 @@ func (a *App) initAppRoutes() {
|
|||
|
||||
// Notification Routes
|
||||
a.fiber.Get("/ws/connect", a.WebsocketAuthMiddleware, h.ConnectSocket)
|
||||
a.fiber.Get("/notifications", a.authMiddleware, h.GetNotifications)
|
||||
a.fiber.Post("/notifications/mark-as-read", h.MarkNotificationAsRead)
|
||||
a.fiber.Post("/notifications/create", h.CreateAndSendNotification)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user