Skip to content

Commit

Permalink
Merge pull request #30 from fy23-gw-gackathon/fix/cors
Browse files Browse the repository at this point in the history
ref #28 fix cors
  • Loading branch information
gari8 committed May 12, 2023
2 parents c9284ed + fc24b25 commit dd84d15
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 12 deletions.
4 changes: 4 additions & 0 deletions controller/organization.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package controller

import (
"errors"
"github.com/fy23-gw-gackathon/reportify-backend/entity"
"github.com/gin-gonic/gin"
"net/http"
Expand Down Expand Up @@ -98,5 +99,8 @@ func (c *OrganizationController) UpdateOrganization(ctx *gin.Context) (interface
}
user, _ := ctx.Get(entity.ContextKeyUser)
oUser := user.(*entity.OrganizationUser)
if !oUser.IsAdmin {
return nil, entity.NewError(http.StatusForbidden, errors.New("you are not admin"))
}
return c.OrganizationUseCase.UpdateOrganization(ctx, oUser.OrganizationID, req.Name, req.Code, req.Mission, req.Vision, req.Value)
}
3 changes: 3 additions & 0 deletions infrastructure/middleware/cors.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ func Cors(cfg config.Config) gin.HandlerFunc {
conf := cors.DefaultConfig()
conf.AllowOrigins = cfg.AllowOrigins
conf.AllowCredentials = true
conf.AllowMethods = []string{
"GET", "POST", "PUT", "DELETE",
}
conf.AllowHeaders = append(conf.AllowHeaders, "Authorization")
return cors.New(conf)
}
24 changes: 12 additions & 12 deletions main.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,22 +50,22 @@ func main() {
})
app.GET("/users/me", handleResponse(userController.GetMe))
app.PUT("/reports/:reportId", handleResponse(reportController.ReviewReport, http.StatusNoContent))

orgs := app.Group("/organizations")
orgs.Use(middleware.Authentication(userPersistence, cfg))
orgs.GET("/", handleResponse(organizationController.GetOrganizations))
org := orgs.Group("/:organizationCode")
org.GET("/", handleResponse(organizationController.GetOrganization))
org.PUT("/", handleResponse(organizationController.UpdateOrganization))
{
orgs.GET("/", handleResponse(organizationController.GetOrganizations))
orgs.GET("/:organizationCode", handleResponse(organizationController.GetOrganization))
orgs.PUT("/:organizationCode", handleResponse(organizationController.UpdateOrganization))

org.GET("/reports", handleResponse(reportController.GetReports))
org.POST("/reports", handleResponse(reportController.CreateReport, http.StatusCreated))
org.GET("/reports/:reportId", handleResponse(reportController.GetReport))
orgs.GET("/:organizationCode/reports", handleResponse(reportController.GetReports))
orgs.POST("/:organizationCode/reports", handleResponse(reportController.CreateReport, http.StatusCreated))
orgs.GET("/:organizationCode/reports/:reportId", handleResponse(reportController.GetReport))

org.GET("/users", handleResponse(userController.GetUsers))
org.POST("/users", handleResponse(userController.InviteUser))
org.PUT("/users/:userId", handleResponse(userController.UpdateUserRole))
org.DELETE("/users/:userId", handleResponse(userController.DeleteUser))
orgs.GET("/:organizationCode/users", handleResponse(userController.GetUsers))
orgs.POST("/:organizationCode/users", handleResponse(userController.InviteUser))
orgs.PUT("/:organizationCode/users/:userId", handleResponse(userController.UpdateUserRole))
orgs.DELETE("/:organizationCode/users/:userId", handleResponse(userController.DeleteUser))
}

runApp(app, cfg.App.Port)
}
Expand Down

0 comments on commit dd84d15

Please sign in to comment.