adding userId to the jwt and updated routes to use scope requirements

This commit is contained in:
James Tombleson 2024-05-07 19:14:37 -07:00
parent c539a20cc7
commit 471ef4fdd8
9 changed files with 176 additions and 127 deletions

View File

@ -1,5 +1,10 @@
package domain
type LoginFormRequest struct {
Username string `form:"username"`
Password string `form:"password"`
}
type GetSourceBySourceAndNameParamRequest struct {
Name string `query:"name"`
Source string `query:"source"`

View File

@ -2,7 +2,13 @@ package domain
const (
ScopeAll = "newsbot:all"
ScopeArticleRead = "newsbot:article:read"
ScopeArticleDisable = "newsbot:article:disable"
ScopeSourceRead = "newsbot:source:read"
ScopeSourceCreate = "newsbot:source:create"
ScopeDiscordWebHookCreate = "newsbot:discordwebhook:create"
ScopeDiscordWebhookRead = "newsbot:discordwebhook:read"
)

View File

@ -20,6 +20,8 @@ import (
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) listArticles(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeArticleRead)
resp := domain.ArticleResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
@ -51,6 +53,7 @@ func (s *Handler) listArticles(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) getArticle(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeArticleRead)
p := domain.ArticleResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
@ -86,13 +89,12 @@ func (s *Handler) getArticle(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) getArticleDetails(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeArticleRead)
p := domain.ArticleDetailedResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
},
Payload: domain.ArticleAndSourceModel{
},
Payload: domain.ArticleAndSourceModel{},
}
id, err := strconv.Atoi(c.Param("ID"))
@ -128,6 +130,7 @@ func (s *Handler) getArticleDetails(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) ListArticlesBySourceId(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeArticleRead)
p := domain.ArticleResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,

View File

@ -90,7 +90,7 @@ func (h *Handler) AuthLogin(c echo.Context) error {
// TODO think about moving this down some?
expiresAt := time.Now().Add(time.Hour * 48)
jwt, err := h.generateJwtWithExp(username, user.Scopes, h.config.ServerAddress, expiresAt)
jwt, err := h.generateJwtWithExp(username, user.Scopes, h.config.ServerAddress, user.ID, expiresAt)
if err != nil {
return h.InternalServerErrorResponse(c, err.Error())
}
@ -121,7 +121,7 @@ func (h *Handler) createAdminToken(c echo.Context, password string) error {
return h.UnauthorizedResponse(c, ErrUserNotFound)
}
token, err := h.generateJwt("admin", domain.ScopeAll, h.config.ServerAddress)
token, err := h.generateJwt("admin", domain.ScopeAll, h.config.ServerAddress, -1)
if err != nil {
return h.InternalServerErrorResponse(c, err.Error())
}
@ -163,7 +163,7 @@ func (h *Handler) RefreshJwtToken(c echo.Context) error {
return h.InternalServerErrorResponse(c, err.Error())
}
jwt, err := h.generateJwtWithExp(request.Username, user.Scopes, h.config.ServerAddress, time.Now().Add(time.Hour*48))
jwt, err := h.generateJwtWithExp(request.Username, user.Scopes, h.config.ServerAddress, user.ID, time.Now().Add(time.Hour*48))
if err != nil {
return h.InternalServerErrorResponse(c, err.Error())
}

View File

@ -18,7 +18,9 @@ import (
// @Success 200 {object} domain.DiscordWebhookResponse
// @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) ListDiscordWebHooks(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebhookRead)
p := domain.DiscordWebhookResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
@ -42,7 +44,9 @@ func (s *Handler) ListDiscordWebHooks(c echo.Context) error {
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
// @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) GetDiscordWebHooksById(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebhookRead)
p := domain.DiscordWebhookResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
@ -74,7 +78,9 @@ func (s *Handler) GetDiscordWebHooksById(c echo.Context) error {
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
// @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) GetDiscordWebHooksByServerAndChannel(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebhookRead)
p := domain.DiscordWebhookResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
@ -110,13 +116,9 @@ func (s *Handler) GetDiscordWebHooksByServerAndChannel(c echo.Context) error {
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
// @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) NewDiscordWebHook(c echo.Context) error {
token, err := s.getJwtToken(c)
if err != nil {
return c.JSON(http.StatusUnauthorized, domain.BaseResponse{
Message: ErrJwtMissing,
})
}
token := s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
_url := c.QueryParam("url")
_server := c.QueryParam("server")
@ -181,7 +183,9 @@ func (s *Handler) NewDiscordWebHook(c echo.Context) error {
// @Success 200 {object} domain.DiscordWebhookResponse "OK"
// @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) disableDiscordWebHook(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
id, err := strconv.Atoi(c.Param("ID"))
if err != nil {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
@ -190,11 +194,15 @@ func (s *Handler) disableDiscordWebHook(c echo.Context) error {
}
// Check to make sure we can find the record
_, err = s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
record, err := s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
if err != nil {
s.WriteError(c, err, http.StatusInternalServerError)
}
if record.UserID != s.GetUserIdFromJwtToken(c) {
s.WriteMessage(c, ErrYouDontOwnTheRecord, http.StatusBadRequest)
}
// flip the it
updated, err := s.repo.DiscordWebHooks.Disable(c.Request().Context(), int64(id))
if err != nil {
@ -226,18 +234,24 @@ func (s *Handler) disableDiscordWebHook(c echo.Context) error {
// @Param id path int true "id"
// @Tags DiscordWebhook
// @Router /v1/discord/webhooks/{ID}/enable [post]
// @Security Bearer
func (s *Handler) enableDiscordWebHook(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
id, err := strconv.Atoi(c.Param("ID"))
if err != nil {
s.WriteError(c, err, http.StatusBadRequest)
}
// Check to make sure we can find the record
_, err = s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
record, err := s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
if err != nil {
s.WriteError(c, err, http.StatusBadRequest)
}
if record.UserID != s.GetUserIdFromJwtToken(c) {
s.WriteMessage(c, ErrYouDontOwnTheRecord, http.StatusBadRequest)
}
updated, err := s.repo.DiscordWebHooks.Enable(c.Request().Context(), int64(id))
if err != nil {
s.WriteError(c, err, http.StatusInternalServerError)
@ -271,17 +285,22 @@ func (s *Handler) enableDiscordWebHook(c echo.Context) error {
// @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse
func (s *Handler) deleteDiscordWebHook(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeDiscordWebHookCreate)
id, err := strconv.Atoi(c.Param("ID"))
if err != nil {
return c.JSON(http.StatusBadRequest, err.Error())
}
// Check to make sure we can find the record
_, err = s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
record, err := s.repo.DiscordWebHooks.GetById(c.Request().Context(), int64(id))
if err != nil {
return c.JSON(http.StatusInternalServerError, err.Error())
}
if record.UserID != s.GetUserIdFromJwtToken(c) {
s.WriteMessage(c, ErrYouDontOwnTheRecord, http.StatusBadRequest)
}
// Soft delete the record
updated, err := s.repo.DiscordWebHooks.SoftDelete(c.Request().Context(), int64(id))
if err != nil {

View File

@ -12,14 +12,13 @@ import (
swagger "github.com/swaggo/echo-swagger"
_ "git.jamestombleson.com/jtom38/newsbot-api/docs"
"git.jamestombleson.com/jtom38/newsbot-api/internal/database"
"git.jamestombleson.com/jtom38/newsbot-api/internal/domain"
"git.jamestombleson.com/jtom38/newsbot-api/internal/services"
)
type Handler struct {
Router *echo.Echo
Db *database.Queries
//Db *database.Queries
config services.Configs
repo services.RepositoryService
}
@ -28,9 +27,13 @@ const (
ErrParameterIdMissing = "The requested parameter ID was not found."
ErrParameterMissing = "The requested parameter was not found found:"
ErrUnableToParseId = "Unable to parse the requested ID"
ErrRecordMissing = "The requested record was not found"
ErrFailedToCreateRecord = "The record was not created due to a database problem"
ErrFailedToUpdateRecord = "The requested record was not updated due to a database problem"
ErrUserUnknown = "User is unknown"
ErrYouDontOwnTheRecord = "The record requested does not belong to you"
ResponseMessageSuccess = "Success"
)
@ -170,3 +173,12 @@ func (s *Handler) ValidateJwtToken(c echo.Context, requiredScope string) JwtToke
return token
}
func (s *Handler) GetUserIdFromJwtToken(c echo.Context) int64 {
token, err := s.getJwtTokenFromContext(c)
if err != nil {
s.WriteMessage(c, ErrJwtMissing, http.StatusUnauthorized)
}
return token.GetUserId()
}

View File

@ -23,6 +23,7 @@ type JwtToken struct {
Iss string `json:"iss"`
Authorized bool `json:"authorized"`
UserName string `json:"username"`
UserId int64 `json:"userId"`
Scopes []string `json:"scopes"`
jwt.RegisteredClaims
}
@ -52,6 +53,10 @@ func (j JwtToken) GetUsername() string {
return j.UserName
}
func (j JwtToken) GetUserId() int64 {
return j.UserId
}
func (j JwtToken) hasExpired() error {
// Check to see if the token has expired
hasExpired := j.Exp.Compare(time.Now())
@ -77,11 +82,11 @@ func (j JwtToken) hasScope(scope string) error {
return errors.New(ErrJwtScopeMissing)
}
func (h *Handler) generateJwt(username, scopes, issuer string) (string, error) {
return h.generateJwtWithExp(username, scopes, issuer, time.Now().Add(10*time.Minute))
func (h *Handler) generateJwt(username, scopes, issuer string, userId int64) (string, error) {
return h.generateJwtWithExp(username, scopes, issuer, userId, time.Now().Add(10*time.Minute))
}
func (h *Handler) generateJwtWithExp(username, userScopes, issuer string, expiresAt time.Time) (string, error) {
func (h *Handler) generateJwtWithExp(username, userScopes, issuer string, userId int64, expiresAt time.Time) (string, error) {
secret := []byte(h.config.JwtSecret)
// Anyone who wants to decrypt the key needs to use the same method
@ -91,6 +96,7 @@ func (h *Handler) generateJwtWithExp(username, userScopes, issuer string, expire
claims["authorized"] = true
claims["username"] = username
claims["iss"] = issuer
claims["userId"] = userId
var scopes []string
scopes = append(scopes, domain.ScopeAll)

View File

@ -1,17 +1,13 @@
package v1
import (
"context"
"encoding/json"
"fmt"
"net/http"
"strconv"
"strings"
"git.jamestombleson.com/jtom38/newsbot-api/internal/database"
"git.jamestombleson.com/jtom38/newsbot-api/internal/domain"
"git.jamestombleson.com/jtom38/newsbot-api/internal/services"
"github.com/google/uuid"
"github.com/labstack/echo/v4"
)
@ -25,6 +21,7 @@ import (
// @Failure 400 {object} domain.BaseResponse "Unable to reach SQL or Data problems"
// @Security Bearer
func (s *Handler) listSources(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceRead)
resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
@ -58,6 +55,7 @@ func (s *Handler) listSources(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) listSourcesBySource(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceRead)
resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
@ -97,6 +95,7 @@ func (s *Handler) listSourcesBySource(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) getSource(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceRead)
resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
@ -133,6 +132,7 @@ func (s *Handler) getSource(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) GetSourceBySourceAndName(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceRead)
resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
@ -169,6 +169,8 @@ func (s *Handler) GetSourceBySourceAndName(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) newRedditSource(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
@ -178,20 +180,13 @@ func (s *Handler) newRedditSource(c echo.Context) error {
var param domain.NewSourceParamRequest
err := c.Bind(&param)
if err != nil {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
Message: err.Error(),
})
s.WriteError(c, err, http.StatusBadRequest)
}
if param.Url == "" {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
Message: "Url is missing a value",
})
s.WriteMessage(c, "url is missing", http.StatusBadRequest)
}
if !strings.Contains(param.Url, "reddit.com") {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
Message: "Invalid URL given",
})
s.WriteMessage(c, "invalid url", http.StatusBadRequest)
}
tags := fmt.Sprintf("twitch, %v, %s", param.Name, param.Tags)
@ -223,61 +218,54 @@ func (s *Handler) newRedditSource(c echo.Context) error {
// @Router /v1/sources/new/youtube [post]
// @Security Bearer
func (s *Handler) newYoutubeSource(c echo.Context) error {
// Validate the jwt
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
var param domain.NewSourceParamRequest
err := c.Bind(&param)
if err != nil {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
Message: err.Error(),
})
s.WriteError(c, err, http.StatusBadRequest)
}
//query := r.URL.Query()
//_name := query["name"][0]
//_url := query["url"][0]
////_tags := query["tags"][0]
if param.Url == "" {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
Message: "url is missing a value",
})
s.WriteMessage(c, "url is missing a value", http.StatusBadRequest)
}
if !strings.Contains(param.Url, "youtube.com") {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
Message: "Invalid URL",
})
s.WriteMessage(c, "invalid url", http.StatusBadRequest)
}
/*
if _tags == "" {
tags = fmt.Sprintf("twitch, %v", _name)
} else {
resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
},
}
*/
item, err := s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorYoutube, param.Name)
if err == nil {
var dto []domain.SourceDto
dto = append(dto, services.SourceToDto(item))
resp.Payload = dto
return c.JSON(http.StatusOK, resp)
}
tags := fmt.Sprintf("twitch, %v", param.Name)
params := database.CreateSourceParams{
ID: uuid.New(),
Site: "youtube",
Name: param.Name,
Source: "youtube",
Type: "feed",
Enabled: true,
Url: param.Url,
Tags: tags,
}
err = s.Db.CreateSource(context.Background(), params)
rows, err := s.repo.Sources.Create(c.Request().Context(), domain.SourceCollectorYoutube, param.Name, param.Url, tags, true)
if err != nil {
return c.JSON(http.StatusInternalServerError, err.Error())
}
bJson, err := json.Marshal(&params)
if err != nil {
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
Message: err.Error(),
})
if rows != 1 {
s.WriteMessage(c, ErrFailedToCreateRecord, http.StatusInternalServerError)
}
return c.JSON(http.StatusOK, bJson)
item, err = s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorYoutube, param.Name)
if err == nil {
var dto []domain.SourceDto
dto = append(dto, services.SourceToDto(item))
resp.Payload = dto
return c.JSON(http.StatusOK, resp)
}
return c.JSON(http.StatusOK, resp)
}
// NewTwitchSource
@ -287,6 +275,8 @@ func (s *Handler) newYoutubeSource(c echo.Context) error {
// @Router /v1/sources/new/twitch [post]
// @Security Bearer
func (s *Handler) newTwitchSource(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
var param domain.NewSourceParamRequest
err := c.Bind(&param)
if err != nil {
@ -295,37 +285,41 @@ func (s *Handler) newTwitchSource(c echo.Context) error {
})
}
//query := r.URL.Query()
//_name := query["name"][0]
resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
},
}
tags := fmt.Sprintf("twitch, %v", param.Name)
_url := fmt.Sprintf("https://twitch.tv/%v", param.Name)
url := fmt.Sprintf("https://twitch.tv/%v", param.Name)
params := database.CreateSourceParams{
ID: uuid.New(),
Site: "twitch",
Name: param.Name,
Source: "twitch",
Type: "api",
Enabled: true,
Url: _url,
Tags: tags,
// Check if the record already exists
item, err := s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorTwitch, param.Name)
if err == nil {
var dto []domain.SourceDto
dto = append(dto, services.SourceToDto(item))
resp.Payload = dto
return c.JSON(http.StatusOK, resp)
}
err = s.Db.CreateSource(c.Request().Context(), params)
rows, err := s.repo.Sources.Create(c.Request().Context(), domain.SourceCollectorTwitch, param.Name, url, tags, true)
if err != nil {
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
Message: err.Error(),
})
}
bJson, err := json.Marshal(&params)
if err != nil {
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
Message: err.Error(),
})
if rows != 1 {
s.WriteMessage(c, ErrFailedToCreateRecord, http.StatusInternalServerError)
}
return c.JSON(http.StatusOK, bJson)
item, err = s.repo.Sources.GetBySourceAndName(c.Request().Context(), domain.SourceCollectorTwitch, param.Name)
var dto []domain.SourceDto
dto = append(dto, services.SourceToDto(item))
resp.Payload = dto
return c.JSON(http.StatusOK, resp)
}
// NewRssSource
@ -339,6 +333,8 @@ func (s *Handler) newTwitchSource(c echo.Context) error {
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) newRssSource(c echo.Context) error {
s.ValidateJwtToken(c, domain.ScopeSourceCreate)
resp := domain.SourcesResponse{
BaseResponse: domain.BaseResponse{
Message: ResponseMessageSuccess,
@ -382,48 +378,50 @@ func (s *Handler) newRssSource(c echo.Context) error {
// DeleteSource
// @Summary Marks a source as deleted based on its ID value.
// @Param id path string true "id"
// @Param id path int true "id"
// @Tags Source
// @Router /v1/sources/{id} [POST]
// @Success 200 {object} domain.SourcesResponse "ok"
// @Failure 400 {object} domain.BaseResponse
// @Failure 500 {object} domain.BaseResponse
// @Security Bearer
func (s *Handler) deleteSources(c echo.Context) error {
id := c.Param("ID")
uuid, err := uuid.Parse(id)
s.ValidateJwtToken(c, domain.ScopeAll)
id, err := strconv.Atoi(c.Param("ID"))
if err != nil {
return c.JSON(http.StatusBadRequest, domain.BaseResponse{
Message: err.Error(),
})
s.WriteError(c, err, http.StatusBadRequest)
}
// Check to make sure we can find the record
_, err = s.Db.GetSourceByID(c.Request().Context(), uuid)
_, err = s.repo.Sources.GetById(c.Request().Context(), int64(id))
if err != nil {
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
Message: err.Error(),
})
s.WriteError(c, err, http.StatusInternalServerError)
}
// Delete the record
err = s.Db.DeleteSource(c.Request().Context(), uuid)
rows, err := s.repo.Sources.SoftDelete(c.Request().Context(), int64(id))
if err != nil {
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
Message: err.Error(),
})
s.WriteError(c, err, http.StatusInternalServerError)
}
if rows != 1 {
s.WriteMessage(c, ErrFailedToUpdateRecord, http.StatusInternalServerError)
}
p := ApiStatusModel{
// pull the record with its updated value
item, err := s.repo.Sources.GetById(c.Request().Context(), int64(id))
if err != nil {
s.WriteError(c, err, http.StatusInternalServerError)
}
var items []domain.SourceDto
items = append(items, services.SourceToDto(item))
return c.JSON(http.StatusOK, domain.SourcesResponse{
BaseResponse: domain.BaseResponse{
Message: "OK",
StatusCode: http.StatusOK,
}
b, err := json.Marshal(p)
if err != nil {
return c.JSON(http.StatusInternalServerError, domain.BaseResponse{
Message: err.Error(),
},
Payload: items,
})
}
return c.JSON(http.StatusOK, b)
}
// DisableSource

View File

@ -130,7 +130,7 @@ func (us UserService) Create(ctx context.Context, name, password, scope string)
return domain.UserEntity{}, err
}
us.repo.Create(ctx, name, password, domain.ScopeRead)
us.repo.Create(ctx, name, password, domain.ScopeArticleRead)
return domain.UserEntity{}, nil
}