jonas/go-playground
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: permissions, middleware authentication, migrations

Browse Source
This commit is contained in:
Jonas
2026-04-23 13:47:58 +02:00
parent 1017e0cb82
commit d629bd52eb
9 changed files with 190 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
projects/greenlight/internal/data/models.go
+8 -11
View File
@@ -12,21 +12,18 @@ var (
ErrEditConflict = errors.New("edit conflict")
)
// Models struct which wraps the MovieModel. We'll add other models to this,
// like a UserModel and PermissionModel, as our build progresses.
type Models struct {
Movies MovieModel
Tokens TokenModel // Add a new Tokens field.
Users UserModel
Movies MovieModel
Permissions PermissionModel // Add a new Permissions field.
Tokens TokenModel
Users UserModel
}
// NewModels For ease of use, we also add a New()
// method which returns a Models struct containing
// the initialized MovieModel.
func NewModels(db *sql.DB) Models {
return Models{
Movies: MovieModel{DB: db},
Tokens: TokenModel{DB: db}, // Initialize a new TokenModel instance.
Users: UserModel{DB: db},
Movies: MovieModel{DB: db},
Permissions: PermissionModel{DB: db}, // Initialize a new PermissionModel instance.
Tokens: TokenModel{DB: db},
Users: UserModel{DB: db},
}
}
projects/greenlight/internal/data/permissions.go
+66
View File
@@ -0,0 +1,66 @@
package data
import (
"context"
"database/sql"
"time"
)
// Define a Permissions slice, which we will use to will hold the permission codes (like
// "movies:read" and "movies:write") for a single user.
type Permissions []string
// Add a helper method to check whether the Permissions slice contains a specific
// permission code.
func (p Permissions) Include(code string) bool {
for i := range p {
if code == p[i] {
return true
}
}
return false
}
// PermissionModel type.
type PermissionModel struct {
DB *sql.DB
}
// GetAllForUser method returns all permission codes for a specific user in a
// Permissions slice. The code in this method should feel very familiar --- it uses the
// standard pattern that we've already seen before for retrieving multiple data rows in
// an SQL query.
func (m PermissionModel) GetAllForUser(userID int64) (Permissions, error) {
query := `
SELECT permissions.code
FROM permissions
INNER JOIN users_permissions ON users_permissions.permission_id = permissions.id
INNER JOIN users ON users_permissions.user_id = users.id
WHERE users.id = $1`
ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
defer cancel()
rows, err := m.DB.QueryContext(ctx, query, userID)
if err != nil {
return nil, err
}
defer rows.Close()
var permissions Permissions
for rows.Next() {
var permission string
err := rows.Scan(&permission)
if err != nil {
return nil, err
}
permissions = append(permissions, permission)
}
if err = rows.Err(); err != nil {
return nil, err
}
return permissions, nil
}