// Copyright (c) 2025 Nikolai Papin // // This file is part of Easywish // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See // the GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with this program. If not, see . package controllers import ( "easywish/internal/dto" "easywish/internal/services" "easywish/internal/utils/enums" "easywish/internal/validation" "fmt" "net/http" "os" "path/filepath" "github.com/gin-gonic/gin" "github.com/google/uuid" "go.uber.org/zap" ) var ( GET = "GET" POST = "POST" PUT = "PUT" PATCH = "PATCH" DELETE = "DELETE" ) type ControllerMethod struct { HttpMethod string Path string Authorization enums.Role Middleware []gin.HandlerFunc Function func (c *gin.Context) } type controllerImpl struct { Path string Middleware []gin.HandlerFunc Methods []ControllerMethod } type Controller interface { Setup(group *gin.RouterGroup, log *zap.Logger, auth services.AuthService) } func (ctrl *controllerImpl) Setup(group *gin.RouterGroup, log *zap.Logger, auth services.AuthService) { ctrlGroup := group.Group(ctrl.Path) ctrlGroup.Use(ctrl.Middleware...) for _, method := range ctrl.Methods { ctrlGroup.Handle( method.HttpMethod, method.Path, append( method.Middleware, gin.HandlerFunc(func(c *gin.Context) { clientInfo, _ := c.Get("client_info") if clientInfo.(dto.ClientInfo).Role < method.Authorization { c.AbortWithStatusJSON( http.StatusForbidden, gin.H{"error": "Insufficient authorization for this method"}) return } }), method.Function)..., ) } } func GetFile(c *gin.Context, name string, maxSize int64, allowedTypes map[string]bool) (*string, error) { file, err := c.FormFile(name); if err != nil { c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("File '%s': not provided", name)}) return nil, err } if file.Size > int64(maxSize) { c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("File '%s': file too large", name)}) return nil, fmt.Errorf("File too large") } fileType := file.Header.Get("Content-Type") if len(allowedTypes) > 0 && !allowedTypes[fileType] { c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("File '%s': forbidden file type: %s", name, fileType)}) return nil, fmt.Errorf("Wrong file type") } folderPath := "/tmp/uploads" if _, err := os.Stat(folderPath); os.IsNotExist(err) { os.MkdirAll(folderPath, 0700) } filePath := fmt.Sprintf("%s/%s-%s", folderPath, uuid.New().String(), filepath.Base(file.Filename)) if err := c.SaveUploadedFile(file, filePath); err != nil { c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{"error": "Error saving file"}) return nil, err } return &filePath, nil } func GetRequest[ModelT any](c *gin.Context) (*dto.Request[ModelT], error) { var body ModelT if err := c.ShouldBindJSON(&body); err != nil { c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": err.Error()}) return nil, err } // TODO: Think hard on a singleton for better performance validate := validation.NewValidator() if err := validate.Struct(body); err != nil { c.AbortWithStatusJSON( http.StatusBadRequest, gin.H{"error": err.Error()}) return nil, err } cinfo := GetClientInfo(c) return &dto.Request[ModelT]{ Body: body, User: cinfo, }, nil } func GetClientInfo(c * gin.Context) (dto.ClientInfo) { cinfoFromCtx, ok := c.Get("client_info"); if !ok { c.AbortWithStatusJSON( http.StatusInternalServerError, gin.H{"error": "Client info was not found"}) panic("No client_info found in gin context. Does the handler use AuthMiddleware?") } cinfo := cinfoFromCtx.(dto.ClientInfo) return cinfo }