From ed255a7a4ada86e06afda3b01246ea489e9220c0 Mon Sep 17 00:00:00 2001
From: Toby Yan <me@tobyan.com>
Date: Wed, 10 Jul 2019 15:01:44 +0800
Subject: [PATCH] upgrade framework

Signed-off-by: Toby Yan <me@tobyan.com>
---
 .env.example.json                         | 10 ++--
 app/http/controllers/login.go             | 14 ++---
 app/http/controllers/register.go          | 13 ++---
 app/http/controllers/user.go              | 66 +++++++++++-----------
 app/http/controllers/user_affiliation.go  |  8 +--
 app/http/middleware/example.go            | 12 ++--
 app/models/failed_queue.go                |  5 +-
 app/models/user.go                        | 19 ++++++-
 app/models/user_affiliation.go            |  4 +-
 app/policies/user_policy.go               | 61 ++++++++++++++++++++
 bootstrap/app.go                          |  2 +-
 config/auth.go                            |  2 +
 config/kernel.go                          | 14 +++--
 config/sentry.go                          | 17 ++++++
 go.mod                                    |  7 +--
 main.go                                   | 21 +++----
 resources/views/kernel.go                 |  5 +-
 resources/views/user_affiliation.nodes.go | 68 -----------------------
 routes/groups/auth.go                     | 12 ++--
 routes/groups/user.go                     | 22 ++++----
 routes/groups/user_affiliation.go         | 11 +---
 routes/provider.go                        |  9 +--
 routes/versions/v1.go                     | 40 ++++---------
 23 files changed, 215 insertions(+), 227 deletions(-)
 create mode 100755 app/policies/user_policy.go
 create mode 100755 config/sentry.go
 mode change 100644 => 100755 routes/groups/auth.go
 mode change 100644 => 100755 routes/groups/user.go
 mode change 100644 => 100755 routes/groups/user_affiliation.go
 mode change 100644 => 100755 routes/provider.go
 mode change 100644 => 100755 routes/versions/v1.go

diff --git a/.env.example.json b/.env.example.json
index d217ace..909f2a5 100644
--- a/.env.example.json
+++ b/.env.example.json
@@ -4,14 +4,14 @@
   "APP_DEBUG": true,
   "APP_PORT": 8080,
   "APP_LOCALE": "en",
-  "APP_KEY": "ajwklefjklwjelkflkwefwef",
+  "APP_KEY": "YOUR-APP-KEY",
 
   "DB_CONNECTION": "mysql",
   "DB_HOST": "127.0.0.1",
   "DB_PORT": "3306",
-  "DB_DATABASE": "wallet",
-  "DB_USERNAME": "root",
-  "DB_PASSWORD": "eznOiMjtLXWugdDl9MLm",
+  "DB_DATABASE": "YOUR-DATABASE-NAME",
+  "DB_USERNAME": "YOUR-DATABASE-USER",
+  "DB_PASSWORD": "YOUR-DATABASE-USER-PASSWORD",
   "DB_PREFIX": "prefix_",
 
   "CACHE_DRIVER": "memory",
@@ -21,7 +21,7 @@
   "REDIS_DB": 0,
   "REDIS_CACHE_DB": 1,
 
-  "AUTH_SIGN_KEY": "klasdjflksdjfklsdkljf",
+  "AUTH_SIGN_KEY": "YOUR-AUTH-SIGN-KEY",
 
   "QUEUE_CONNECTION": "nsq",
   "QUEUE_NSQD_TCP_HOST": "127.0.0.1",
diff --git a/app/http/controllers/login.go b/app/http/controllers/login.go
index 0ae34ee..1d9d427 100644
--- a/app/http/controllers/login.go
+++ b/app/http/controllers/login.go
@@ -3,12 +3,12 @@ package controllers
 import (
 	"net/http"
 
-	"github.com/gin-gonic/gin"
-
 	"github.com/totoval/framework/config"
 	"github.com/totoval/framework/helpers"
 	"github.com/totoval/framework/helpers/m"
+	"github.com/totoval/framework/helpers/toto"
 	"github.com/totoval/framework/http/controller"
+	"github.com/totoval/framework/request"
 	"github.com/totoval/framework/utils/crypt"
 	"github.com/totoval/framework/utils/jwt"
 
@@ -20,7 +20,7 @@ type Login struct {
 	controller.BaseController
 }
 
-func (l *Login) Login(c *gin.Context) {
+func (l *Login) Login(c *request.Context) {
 	// validate and assign requestData
 	var requestData requests.UserLogin
 	if !l.Validate(c, &requestData, true) {
@@ -31,12 +31,12 @@ func (l *Login) Login(c *gin.Context) {
 		Email: &requestData.Email,
 	}
 	if err := m.H().First(&user, false); err != nil {
-		c.JSON(http.StatusUnprocessableEntity, gin.H{"error": helpers.L(c, "auth.login.failed_not_exist")})
+		c.JSON(http.StatusUnprocessableEntity, toto.V{"error": helpers.L(c, "auth.login.failed_not_exist")})
 		return
 	}
 
 	if !crypt.BcryptCheck(*user.Password, requestData.Password) {
-		c.JSON(http.StatusUnprocessableEntity, gin.H{"error": helpers.L(c, "auth.login.failed_wrong_password")})
+		c.JSON(http.StatusUnprocessableEntity, toto.V{"error": helpers.L(c, "auth.login.failed_wrong_password")})
 		return
 	}
 
@@ -47,10 +47,10 @@ func (l *Login) Login(c *gin.Context) {
 		username = *user.Name
 	}
 	if token, err := newJwt.CreateToken(string(*user.ID), username); err == nil {
-		c.JSON(http.StatusOK, gin.H{"token": token})
+		c.JSON(http.StatusOK, toto.V{"token": token})
 		return
 	}
 
-	c.JSON(http.StatusOK, gin.H{"error": helpers.L(c, "auth.login.failed_token_generate_error")})
+	c.JSON(http.StatusOK, toto.V{"error": helpers.L(c, "auth.login.failed_token_generate_error")})
 	return
 }
diff --git a/app/http/controllers/register.go b/app/http/controllers/register.go
index 87cbb4f..8354afe 100644
--- a/app/http/controllers/register.go
+++ b/app/http/controllers/register.go
@@ -5,9 +5,8 @@ import (
 	"net/http"
 
 	"github.com/totoval/framework/helpers/log"
-	"github.com/totoval/framework/logs"
-
-	"github.com/gin-gonic/gin"
+	"github.com/totoval/framework/helpers/toto"
+	"github.com/totoval/framework/request"
 
 	"github.com/totoval/framework/hub"
 
@@ -29,7 +28,7 @@ type Register struct {
 	controller.BaseController
 }
 
-func (r *Register) Register(c *gin.Context) {
+func (r *Register) Register(c *request.Context) {
 	// validate and assign requestData
 	var requestData requests.UserRegister
 	if !r.Validate(c, &requestData, true) {
@@ -40,7 +39,7 @@ func (r *Register) Register(c *gin.Context) {
 		if err := recover(); err != nil {
 			responseErr, ok := err.(error)
 			if ok {
-				c.JSON(http.StatusUnprocessableEntity, gin.H{"error": responseErr.Error()})
+				c.JSON(http.StatusUnprocessableEntity, toto.V{"error": responseErr.Error()})
 				return
 			}
 			panic(err)
@@ -92,9 +91,9 @@ func (r *Register) Register(c *gin.Context) {
 	}
 	ur.SetParam(param)
 	if errs := hub.Emit(&ur); errs != nil {
-		log.Info("user registered event emit failed", logs.Field{"event": ur, "errors": errs})
+		log.Info("user registered event emit failed", toto.V{"event": ur, "errors": errs})
 	}
 
-	c.JSON(http.StatusOK, gin.H{"token": token})
+	c.JSON(http.StatusOK, toto.V{"token": token})
 	return
 }
diff --git a/app/http/controllers/user.go b/app/http/controllers/user.go
index 708ca59..732a2d7 100644
--- a/app/http/controllers/user.go
+++ b/app/http/controllers/user.go
@@ -3,78 +3,78 @@ package controllers
 import (
 	"net/http"
 
-	"github.com/gin-gonic/gin"
-
 	"github.com/totoval/framework/helpers/m"
 	"github.com/totoval/framework/helpers/ptr"
+	"github.com/totoval/framework/helpers/toto"
 	"github.com/totoval/framework/http/controller"
 	"github.com/totoval/framework/http/middleware"
 	"github.com/totoval/framework/model"
+	"github.com/totoval/framework/policy"
+	"github.com/totoval/framework/request"
 
 	"totoval/app/models"
+	"totoval/app/policies"
 )
 
 type User struct {
 	controller.BaseController
 }
 
-func (*User) LogOut(c *gin.Context) {
+func (*User) LogOut(c *request.Context) {
 	if err := middleware.Revoke(c); err != nil {
-		c.JSON(http.StatusUnprocessableEntity, gin.H{"error": err.Error()})
+		c.JSON(http.StatusUnprocessableEntity, toto.V{"error": err.Error()})
 		return
 	}
-	c.JSON(http.StatusOK, gin.H{})
+	c.JSON(http.StatusOK, toto.V{})
 	return
 }
 
-func (*User) Info(c *gin.Context) {
-	userID, isAbort := middleware.AuthClaimsID(c)
-	if isAbort {
+func (u *User) Info(c *request.Context) {
+	if u.Scan(c) {
 		return
 	}
-	user := models.User{
-		ID: &userID,
-	}
+	user := u.User().Value().(*models.User)
 
-	if err := m.H().First(&user, false); err != nil {
-		c.JSON(http.StatusUnprocessableEntity, gin.H{"error": err.Error()})
+	if permit, _ := u.Authorize(c, policies.NewUserPolicy(), policy.ActionView); !permit {
+		c.JSON(http.StatusForbidden, toto.V{"error": policy.UserNotPermitError{}.Error()})
 		return
 	}
+
 	user.Password = ptr.String("") // remove password value for response rendering
-	c.JSON(http.StatusOK, gin.H{"data": user})
+	c.JSON(http.StatusOK, toto.V{"data": user})
 	return
 }
 
-func (*User) AllUser(c *gin.Context) {
+func (*User) AllUser(c *request.Context) {
 	user := &models.User{}
 	outArr, err := user.ObjArr([]model.Filter{}, []model.Sort{}, 0, false)
 	if err != nil {
-		c.JSON(http.StatusUnprocessableEntity, gin.H{"error": err.Error()})
+		c.JSON(http.StatusUnprocessableEntity, toto.V{"error": err.Error()})
 		return
 	}
-	c.JSON(http.StatusOK, gin.H{"data": outArr.([]models.User)})
+	c.JSON(http.StatusOK, toto.V{"data": outArr.([]models.User)})
 	return
 }
 
-func (*User) PaginateUser(c *gin.Context) {
+func (*User) PaginateUser(c *request.Context) {
 	user := &models.User{}
 	pagination, err := user.ObjArrPaginate(c, 25, []model.Filter{}, []model.Sort{}, 0, false)
 	if err != nil {
-		c.JSON(http.StatusUnprocessableEntity, gin.H{"error": err.Error()})
+		c.JSON(http.StatusUnprocessableEntity, toto.V{"error": err.Error()})
 		return
 	}
-	c.JSON(http.StatusOK, gin.H{"data": gin.H{"item": pagination.ItemArr(), "totalPage": pagination.LastPage(), "currentPage": pagination.CurrentPage(), "count": pagination.Count(), "total": pagination.Total()}})
+	c.JSON(http.StatusOK, toto.V{"data": toto.V{"item": pagination.ItemArr(), "totalPage": pagination.LastPage(), "currentPage": pagination.CurrentPage(), "count": pagination.Count(), "total": pagination.Total()}})
 	return
 }
 
-func (*User) Update(c *gin.Context) {
+func (*User) Update(c *request.Context) {
 	var id uint
 	id = 14
 	user := models.User{
 		ID: &id,
 	}
 	if err := m.H().First(&user, false); err != nil {
-		c.JSON(http.StatusUnprocessableEntity, gin.H{"error": err.Error()})
+		c.JSON(http.StatusUnprocessableEntity, toto.V{"error": err.Error()})
 		return
 	}
 
@@ -83,10 +83,10 @@ func (*User) Update(c *gin.Context) {
 		Name: &name,
 	}
 	if err := m.H().Save(&user, modifyUser); err != nil {
-		c.JSON(http.StatusUnprocessableEntity, gin.H{"error": err})
+		c.JSON(http.StatusUnprocessableEntity, toto.V{"error": err})
 		return
 	}
-	c.JSON(http.StatusOK, gin.H{"data": user})
+	c.JSON(http.StatusOK, toto.V{"data": user})
 	return
 
 	// m.Transaction(func() {
@@ -94,23 +94,23 @@ func (*User) Update(c *gin.Context) {
 	// 	panic(123)
 	// }, 3)
 }
-func (*User) Delete(c *gin.Context) {
+func (*User) Delete(c *request.Context) {
 	var id uint
 	id = 14
 	user := models.User{
 		ID: &id,
 	}
 	if err := m.H().Delete(&user, false); err != nil {
-		c.JSON(http.StatusUnprocessableEntity, gin.H{"error": err})
+		c.JSON(http.StatusUnprocessableEntity, toto.V{"error": err})
 		return
 	}
-	c.JSON(http.StatusOK, gin.H{"data": true})
+	c.JSON(http.StatusOK, toto.V{"data": true})
 	return
 }
-func (*User) DeleteTransaction(c *gin.Context) {
+func (*User) DeleteTransaction(c *request.Context) {
 	defer func() { // handle transaction error
 		if err := recover(); err != nil {
-			c.JSON(http.StatusUnprocessableEntity, gin.H{"error": err.(error).Error()})
+			c.JSON(http.StatusUnprocessableEntity, toto.V{"error": err.(error).Error()})
 			return
 		}
 	}()
@@ -127,10 +127,10 @@ func (*User) DeleteTransaction(c *gin.Context) {
 		}
 	}, 1)
 
-	c.JSON(http.StatusOK, gin.H{"data": true})
+	c.JSON(http.StatusOK, toto.V{"data": true})
 	return
 }
-func (*User) Restore(c *gin.Context) {
+func (*User) Restore(c *request.Context) {
 	var id uint
 	id = 14
 	modifyUser := models.User{
@@ -138,9 +138,9 @@ func (*User) Restore(c *gin.Context) {
 	}
 
 	if err := m.H().Restore(&modifyUser); err != nil {
-		c.JSON(http.StatusUnprocessableEntity, gin.H{"error": err})
+		c.JSON(http.StatusUnprocessableEntity, toto.V{"error": err})
 		return
 	}
-	c.JSON(http.StatusOK, gin.H{"data": true})
+	c.JSON(http.StatusOK, toto.V{"data": true})
 	return
 }
diff --git a/app/http/controllers/user_affiliation.go b/app/http/controllers/user_affiliation.go
index 51f418d..5285ab2 100644
--- a/app/http/controllers/user_affiliation.go
+++ b/app/http/controllers/user_affiliation.go
@@ -3,9 +3,9 @@ package controllers
 import (
 	"net/http"
 
-	"github.com/gin-gonic/gin"
-
+	"github.com/totoval/framework/helpers/toto"
 	"github.com/totoval/framework/http/controller"
+	"github.com/totoval/framework/request"
 	"totoval/app/models"
 )
 
@@ -13,9 +13,9 @@ type UserAffiliation struct {
 	controller.BaseController
 }
 
-func (uaff *UserAffiliation) RenderAll(c *gin.Context) {
+func (uaff *UserAffiliation) RenderAll(c *request.Context) {
 	var u models.UserAffiliation
-	c.HTML(http.StatusOK, "user_affiliation.nodes", gin.H{
+	c.HTML(http.StatusOK, "user_affiliation.nodes", toto.V{
 		"data": u.All(),
 	})
 
diff --git a/app/http/middleware/example.go b/app/http/middleware/example.go
index 6e6bb7b..09a7de2 100644
--- a/app/http/middleware/example.go
+++ b/app/http/middleware/example.go
@@ -2,15 +2,11 @@ package middleware
 
 import (
 	"github.com/totoval/framework/helpers/log"
-	"github.com/totoval/framework/logs"
-
-	"github.com/gin-gonic/gin"
-
 	"github.com/totoval/framework/helpers/zone"
 )
 
-func Example() gin.HandlerFunc {
-	return func(c *gin.Context) {
+func Example() request.HandlerFunc {
+	return func(c *request.Context) {
 		t := zone.Now()
 
 		// Set example variable
@@ -22,10 +18,10 @@ func Example() gin.HandlerFunc {
 
 		// after request
 		latency := zone.Since(t)
-		log.Info("latency", logs.Field{"latency": latency})
+		log.Info("latency", toto.V{"latency": latency})
 
 		// access the status we are sending
 		status := c.Writer.Status()
-		log.Info("status", logs.Field{"status": status})
+		log.Info("status", toto.V{"status": status})
 	}
 }
diff --git a/app/models/failed_queue.go b/app/models/failed_queue.go
index 9013ae4..6f4e15b 100644
--- a/app/models/failed_queue.go
+++ b/app/models/failed_queue.go
@@ -1,9 +1,8 @@
 package models
 
 import (
-	"github.com/gin-gonic/gin"
-
 	"github.com/totoval/framework/helpers/zone"
+	"github.com/totoval/framework/request"
 
 	"github.com/totoval/framework/helpers/m"
 	"github.com/totoval/framework/helpers/pb"
@@ -123,7 +122,7 @@ func (fq *FailedQueue) ObjArr(filterArr []model.Filter, sortArr []model.Sort, li
 	}
 	return outArr, nil
 }
-func (fq *FailedQueue) ObjArrPaginate(c *gin.Context, perPage uint, filterArr []model.Filter, sortArr []model.Sort, limit int, withTrashed bool) (pagination model.Pagination, err error) {
+func (fq *FailedQueue) ObjArrPaginate(c *request.Context, perPage uint, filterArr []model.Filter, sortArr []model.Sort, limit int, withTrashed bool) (pagination model.Pagination, err error) {
 	var outArr []FailedQueue
 	filter := model.Model(*m.H().Q(filterArr, sortArr, limit, withTrashed))
 	return filter.Paginate(&outArr, c, perPage)
diff --git a/app/models/user.go b/app/models/user.go
index b9b6984..d54d50b 100644
--- a/app/models/user.go
+++ b/app/models/user.go
@@ -1,9 +1,8 @@
 package models
 
 import (
-	"github.com/gin-gonic/gin"
-
 	"github.com/totoval/framework/helpers/m"
+	"github.com/totoval/framework/helpers/ptr"
 	"github.com/totoval/framework/helpers/zone"
 	"github.com/totoval/framework/model"
 )
@@ -27,6 +26,20 @@ func (user *User) Default() interface{} {
 	return User{}
 }
 
+func (user *User) Scan(userId uint) error {
+	newUser := User{
+		ID: ptr.Uint(userId),
+	}
+	if err := m.H().First(&newUser, false); err != nil {
+		return err
+	}
+	*user = newUser
+	return nil
+}
+func (user *User) Value() interface{} {
+	return user
+}
+
 func (user *User) User() *User {
 	//model.DB().Where("user_id = ?", 1).Find(user)
 	return user
@@ -39,7 +52,7 @@ func (user *User) ObjArr(filterArr []model.Filter, sortArr []model.Sort, limit i
 	}
 	return outArr, nil
 }
-func (user *User) ObjArrPaginate(c *gin.Context, perPage uint, filterArr []model.Filter, sortArr []model.Sort, limit int, withTrashed bool) (pagination model.Pagination, err error) {
+func (user *User) ObjArrPaginate(c model.Context, perPage uint, filterArr []model.Filter, sortArr []model.Sort, limit int, withTrashed bool) (pagination model.Pagination, err error) {
 	var outArr []User
 	filter := model.Model(*m.H().Q(filterArr, sortArr, limit, withTrashed))
 	return filter.Paginate(&outArr, c, perPage)
diff --git a/app/models/user_affiliation.go b/app/models/user_affiliation.go
index 09bffa5..e6bab7b 100644
--- a/app/models/user_affiliation.go
+++ b/app/models/user_affiliation.go
@@ -5,13 +5,11 @@ import (
 	"fmt"
 	"math"
 
-	"github.com/gin-gonic/gin"
 	"github.com/jinzhu/gorm"
 
 	"github.com/totoval/framework/helpers/debug"
 	"github.com/totoval/framework/helpers/ptr"
 	"github.com/totoval/framework/helpers/zone"
-
 	"github.com/totoval/framework/model/helper"
 
 	"github.com/totoval/framework/helpers/m"
@@ -273,7 +271,7 @@ func (uaff *UserAffiliation) ObjArr(filterArr []model.Filter, sortArr []model.So
 	}
 	return outArr, nil
 }
-func (uaff *UserAffiliation) ObjArrPaginate(c *gin.Context, perPage uint, filterArr []model.Filter, sortArr []model.Sort, limit int, withTrashed bool) (pagination model.Pagination, err error) {
+func (uaff *UserAffiliation) ObjArrPaginate(c model.Context, perPage uint, filterArr []model.Filter, sortArr []model.Sort, limit int, withTrashed bool) (pagination model.Pagination, err error) {
 	var outArr []UserAffiliation
 	filter := model.Model(*m.H().Q(filterArr, sortArr, limit, withTrashed))
 	return filter.Paginate(&outArr, c, perPage)
diff --git a/app/policies/user_policy.go b/app/policies/user_policy.go
new file mode 100755
index 0000000..0263d35
--- /dev/null
+++ b/app/policies/user_policy.go
@@ -0,0 +1,61 @@
+package policies
+
+import (
+	"strconv"
+
+	"github.com/totoval/framework/auth"
+	"github.com/totoval/framework/helpers/debug"
+	"totoval/app/models"
+)
+
+type userPolicy struct {
+}
+
+func NewUserPolicy() *userPolicy {
+	return &userPolicy{}
+}
+
+func (up *userPolicy) Before(IUser auth.IUser, routeParamMap map[string]string) *bool {
+	return nil
+}
+func (up *userPolicy) Create(IUser auth.IUser, routeParamMap map[string]string) bool {
+	return false
+}
+func (up *userPolicy) Update(IUser auth.IUser, routeParamMap map[string]string) bool {
+	return true
+}
+func (up *userPolicy) Delete(IUser auth.IUser, routeParamMap map[string]string) bool {
+	return true
+}
+func (up *userPolicy) ForceDelete(IUser auth.IUser, routeParamMap map[string]string) bool {
+	return true
+}
+func (up *userPolicy) View(IUser auth.IUser, routeParamMap map[string]string) bool {
+	// get current user
+	currentUser := IUser.Value().(*models.User)
+	debug.Dump(currentUser, routeParamMap)
+
+	// if use Authorize func, routeParamMap is nil
+	if routeParamMap == nil {
+		return true
+	}
+
+	// get param user
+	userIdStr, ok := routeParamMap["userId"]
+	if !ok {
+		return false
+	}
+	userIdUint, err := strconv.ParseUint(userIdStr, 10, 64)
+	if err != nil {
+		return false
+	}
+
+	if *currentUser.ID != uint(userIdUint) {
+		return false
+	}
+
+	return true
+}
+func (up *userPolicy) Restore(IUser auth.IUser, routeParamMap map[string]string) bool {
+	return true
+}
diff --git a/bootstrap/app.go b/bootstrap/app.go
index 9e2544d..0b8745a 100644
--- a/bootstrap/app.go
+++ b/bootstrap/app.go
@@ -4,7 +4,7 @@ import (
 	"github.com/totoval/framework/cache"
 	"github.com/totoval/framework/helpers/zone"
 	"github.com/totoval/framework/logs"
-	"github.com/totoval/framework/utils/validator"
+	"github.com/totoval/framework/validator"
 	"github.com/totoval/framework/sentry"
 
 	"totoval/config"
diff --git a/config/auth.go b/config/auth.go
index 38b59c4..61843fa 100644
--- a/config/auth.go
+++ b/config/auth.go
@@ -2,12 +2,14 @@ package config
 
 import (
 	. "github.com/totoval/framework/config"
+	"totoval/app/models"
 )
 
 func init() {
 	auth := make(map[string]interface{})
 
 	auth["sign_key"] = Env("AUTH_SIGN_KEY", "sign key")
+	auth["model_ptr"] = &models.User{} // must be a pointer
 
 	Add("auth", auth)
 }
diff --git a/config/kernel.go b/config/kernel.go
index 1edd244..3321333 100644
--- a/config/kernel.go
+++ b/config/kernel.go
@@ -1,8 +1,7 @@
 package config
 
 import (
-	"github.com/gin-gonic/gin"
-
+	"github.com/totoval/framework/app"
 	"github.com/totoval/framework/config"
 )
 
@@ -11,7 +10,14 @@ func Initialize() {
 }
 
 func setAppMode() {
-	if config.GetString("app.env") == "production" {
-		gin.SetMode(gin.ReleaseMode)
+	switch config.GetString("app.env") {
+	case "production":
+		app.SetMode(app.ModeProduction)
+	case "develop":
+		app.SetMode(app.ModeDevelop)
+	case "test":
+		app.SetMode(app.ModeTest)
+	default:
+		app.SetMode(app.ModeDevelop)
 	}
 }
diff --git a/config/sentry.go b/config/sentry.go
new file mode 100755
index 0000000..0f490c4
--- /dev/null
+++ b/config/sentry.go
@@ -0,0 +1,17 @@
+package config
+
+import (
+	. "github.com/totoval/framework/config"
+)
+
+func init() {
+	sentry := make(map[string]interface{})
+
+	sentry["enable"] = Env("SENTRY_ENABLE", false)
+	sentry["host"] = Env("SENTRY_HOST", "app.getsentry.com")
+	sentry["key"] = Env("SENTRY_KEY", "YOUR-OWN-SENTRY-KEY")
+	sentry["secret"] = Env("SENTRY_SECRET", "YOUR-OWN-SENTRY-SECRET")
+	sentry["project"] = Env("SENTRY_PROJECT", "YOUR-OWN-SENTRY-PROJECT")
+
+	Add("sentry", sentry)
+}
diff --git a/go.mod b/go.mod
index a975dc4..71b5b8e 100644
--- a/go.mod
+++ b/go.mod
@@ -1,13 +1,8 @@
 module totoval
 
 require (
-	github.com/coreos/etcd v3.3.10+incompatible
-	github.com/gin-gonic/gin v1.4.0
-	github.com/go-playground/locales v0.12.1
-	github.com/go-playground/universal-translator v0.16.0
 	github.com/golang/protobuf v1.3.1
 	github.com/jinzhu/gorm v1.9.2
-	github.com/totoval/framework v0.7.10
+	github.com/totoval/framework v0.9.0
 	github.com/urfave/cli v1.20.0
-	gopkg.in/go-playground/validator.v9 v9.27.0
 )
diff --git a/main.go b/main.go
index 229c83e..ca02168 100644
--- a/main.go
+++ b/main.go
@@ -7,17 +7,14 @@ import (
 	"os/signal"
 	"syscall"
 
-	"github.com/gin-gonic/gin"
-
-	"github.com/totoval/framework/sentry"
-
 	c "github.com/totoval/framework/config"
 	"github.com/totoval/framework/graceful"
 	"github.com/totoval/framework/helpers/log"
+	"github.com/totoval/framework/helpers/toto"
 	"github.com/totoval/framework/helpers/zone"
 	"github.com/totoval/framework/http/middleware"
-	"github.com/totoval/framework/logs"
-
+	"github.com/totoval/framework/request"
+	"github.com/totoval/framework/sentry"
 	"totoval/bootstrap"
 	"totoval/resources/views"
 	"totoval/routes"
@@ -47,7 +44,7 @@ func main() {
 
 	go func() {
 		call := <-quit
-		log.Info("system call", logs.Field{"call": call})
+		log.Info("system call", toto.V{"call": call})
 		cancel()
 	}()
 
@@ -55,17 +52,17 @@ func main() {
 }
 
 func httpServe(ctx context.Context) {
-	r := gin.Default()
+	r := request.New()
 
-	sentry.Use(r, false)
+	sentry.Use(r.GinEngine(), false)
 
 	if c.GetBool("app.debug") {
 		r.Use(middleware.RequestLogger())
 	}
 
 	if c.GetString("app.env") == "production" {
-		r.Use(gin.Logger())
-		r.Use(gin.Recovery())
+		r.Use(middleware.Logger())
+		r.Use(middleware.Recovery())
 	}
 
 	r.Use(middleware.Locale())
@@ -98,7 +95,7 @@ func httpServe(ctx context.Context) {
 	defer cancel()
 
 	if err := s.Shutdown(_ctx); err != nil {
-		log.Fatal("Server Shutdown: ", logs.Field{"error": err})
+		log.Fatal("Server Shutdown: ", toto.V{"error": err})
 	}
 
 	// totoval framework shutdown
diff --git a/resources/views/kernel.go b/resources/views/kernel.go
index ee9483f..b678ea5 100644
--- a/resources/views/kernel.go
+++ b/resources/views/kernel.go
@@ -1,11 +1,10 @@
 package views
 
 import (
-	"github.com/gin-gonic/gin"
-
+	"github.com/totoval/framework/request"
 	"github.com/totoval/framework/view"
 )
 
-func Initialize(r *gin.Engine) {
+func Initialize(r *request.Engine) {
 	view.Initialize(r)
 }
diff --git a/resources/views/user_affiliation.nodes.go b/resources/views/user_affiliation.nodes.go
index a868a7d..b69cbd9 100644
--- a/resources/views/user_affiliation.nodes.go
+++ b/resources/views/user_affiliation.nodes.go
@@ -24,74 +24,6 @@ func init() {
 </script>
 <script>
     var myChart = echarts.init(document.getElementById('main'));
-    // var option = {
-    //     title: {
-    //         text: 'WORLD COFFEE RESEARCH SENSORY LEXICON',
-    //         subtext: 'Source: https://worldcoffeeresearch.org/work/sensory-lexicon/',
-    //         textStyle: {
-    //             fontSize: 14,
-    //             align: 'center'
-    //         },
-    //         subtextStyle: {
-    //             align: 'center'
-    //         },
-    //         sublink: 'https://worldcoffeeresearch.org/work/sensory-lexicon/'
-    //     },
-    //     series: {
-    //         type: 'sunburst',
-    //         highlightPolicy: 'ancestor',
-    //         data: data.children,
-    //         radius: [0, '95%'],
-    //         sort: null,
-    //         levels: [{}, {
-    //             r0: '15%',
-    //             r: '35%',
-    //             itemStyle: {
-    //                 borderWidth: 2
-    //             },
-    //             label: {
-    //                 rotate: 'tangential'
-    //             }
-    //         }, {
-    //             r0: '35%',
-    //             r: '70%',
-    //             label: {
-    //                 align: 'right'
-    //             }
-    //         }, {
-    //             r0: '70%',
-    //             r: '72%',
-    //             label: {
-    //                 position: 'outside',
-    //                 padding: 3,
-    //                 silent: false
-    //             },
-    //             itemStyle: {
-    //                 borderWidth: 3
-    //             }
-    //         }]
-    //     }
-    // };
-
-    // var option = {
-    //     series: {
-    //         radius: ['15%', '80%'],
-    //         type: 'sunburst',
-    //         sort: null,
-    //         highlightPolicy: 'ancestor',
-    //         data: data.children,
-    //         label: {
-    //             rotate: 'radial'
-    //         },
-    //         levels: [],
-    //         itemStyle: {
-    //             color: '#ddd',
-    //             borderWidth: 2
-    //         }
-    //     }
-    // };
-
-    //myChart.setOption(option);
 
     myChart.showLoading();
 
diff --git a/routes/groups/auth.go b/routes/groups/auth.go
old mode 100644
new mode 100755
index ff6cdd5..56f03c2
--- a/routes/groups/auth.go
+++ b/routes/groups/auth.go
@@ -1,7 +1,7 @@
 package groups
 
 import (
-	"github.com/gin-gonic/gin"
+	"github.com/totoval/framework/route"
 	"totoval/app/http/controllers"
 )
 
@@ -10,11 +10,7 @@ type AuthGroup struct {
 	RegisterController controllers.Register
 }
 
-func (ag *AuthGroup) Register(group *gin.RouterGroup) {
-	newGroup := group.Group("")
-	{
-		newGroup.POST("/login", ag.LoginController.Login)
-		newGroup.POST("/register", ag.RegisterController.Register)
-
-	}
+func (ag *AuthGroup) Group(group route.Grouper) {
+	group.POST("/login", ag.LoginController.Login)
+	group.POST("/register", ag.RegisterController.Register)
 }
diff --git a/routes/groups/user.go b/routes/groups/user.go
old mode 100644
new mode 100755
index a47ac5f..0f7c6b0
--- a/routes/groups/user.go
+++ b/routes/groups/user.go
@@ -1,24 +1,22 @@
 package groups
 
 import (
-	"github.com/gin-gonic/gin"
-
+	"github.com/totoval/framework/policy"
+	"github.com/totoval/framework/route"
 	"totoval/app/http/controllers"
+	"totoval/app/policies"
 )
 
 type UserGroup struct {
 	UserController controllers.User
 }
 
-func (ug *UserGroup) Register(group *gin.RouterGroup) {
-	newGroup := group.Group("/user")
-	{
-		newGroup.GET("/info", ug.UserController.Info)
+func (ug *UserGroup) Group(group route.Grouper) {
+	group.GET("/info/:userId", ug.UserController.Info).Can(policies.NewUserPolicy(), policy.ActionView)
 
-		newGroup.GET("/update", ug.UserController.Update)
-		newGroup.GET("/delete", ug.UserController.Delete)
-		newGroup.GET("/delete-transaction", ug.UserController.DeleteTransaction)
-		newGroup.GET("/logout", ug.UserController.LogOut)
-		newGroup.GET("/restore", ug.UserController.Restore)
-	}
+	group.GET("/update", ug.UserController.Update)
+	group.GET("/delete", ug.UserController.Delete)
+	group.GET("/delete-transaction", ug.UserController.DeleteTransaction)
+	group.GET("/logout", ug.UserController.LogOut)
+	group.GET("/restore", ug.UserController.Restore)
 }
diff --git a/routes/groups/user_affiliation.go b/routes/groups/user_affiliation.go
old mode 100644
new mode 100755
index 94c0035..68ee610
--- a/routes/groups/user_affiliation.go
+++ b/routes/groups/user_affiliation.go
@@ -1,8 +1,7 @@
 package groups
 
 import (
-	"github.com/gin-gonic/gin"
-
+	"github.com/totoval/framework/route"
 	"totoval/app/http/controllers"
 )
 
@@ -10,10 +9,6 @@ type UserAffiliationGroup struct {
 	UserAffiliationController controllers.UserAffiliation
 }
 
-func (uaffg *UserAffiliationGroup) Register(group *gin.RouterGroup) {
-
-	newGroup := group.Group("/user-affiliation")
-	{
-		newGroup.GET("/all", uaffg.UserAffiliationController.RenderAll)
-	}
+func (uaffg *UserAffiliationGroup) Group(group route.Grouper) {
+	group.GET("/all", uaffg.UserAffiliationController.RenderAll)
 }
diff --git a/routes/provider.go b/routes/provider.go
old mode 100644
new mode 100755
index b512e0a..262e677
--- a/routes/provider.go
+++ b/routes/provider.go
@@ -1,12 +1,13 @@
 package routes
 
 import (
-	"github.com/gin-gonic/gin"
+	"github.com/totoval/framework/request"
+	"github.com/totoval/framework/route"
 	"totoval/routes/versions"
 )
 
-func Register(router *gin.Engine) {
-	version := &versions.V1{Prefix: "v1"}
+func Register(router *request.Engine) {
+	defer route.Bind()
 
-	version.Register(router)
+	versions.NewV1(router)
 }
diff --git a/routes/versions/v1.go b/routes/versions/v1.go
old mode 100644
new mode 100755
index 27af628..908830d
--- a/routes/versions/v1.go
+++ b/routes/versions/v1.go
@@ -1,38 +1,22 @@
 package versions
 
 import (
-	"github.com/gin-gonic/gin"
-
-	"github.com/totoval/framework/http/middleware"
+	"github.com/totoval/framework/request"
 	"github.com/totoval/framework/route"
 	"totoval/routes/groups"
 )
 
-type V1 struct {
-	Prefix string
-}
-
-func (v1 *V1) Register(router *gin.Engine) {
-	version := router.Group(v1.Prefix)
-	{
-		v1.noAuth(version)
-		v1.auth(version)
-	}
-}
-
-func (v1 *V1) noAuth(group *gin.RouterGroup) {
-	noAuthGroup := group.Group("")
-
-	{
-		route.RegisterRouteGroup(&groups.AuthGroup{}, noAuthGroup)
-		route.RegisterRouteGroup(&groups.UserAffiliationGroup{}, noAuthGroup)
-	}
-}
+func NewV1(engine *request.Engine) {
+	ver := route.NewVersion(engine, "v1")
 
-func (v1 *V1) auth(group *gin.RouterGroup) {
-	authGroup := group.Group("", middleware.AuthRequired())
+	// auth routes
+	ver.Auth("", func(grp route.Grouper) {
+		grp.AddGroup("/user", &groups.UserGroup{})
+	})
 
-	{
-		route.RegisterRouteGroup(&groups.UserGroup{}, authGroup)
-	}
+	// no auth routes
+	ver.NoAuth("", func(grp route.Grouper) {
+		grp.AddGroup("", &groups.AuthGroup{})
+		grp.AddGroup("/user-affiliation", &groups.UserAffiliationGroup{})
+	})
 }