pronounss/backend/routes/mod/routes.go

package mod

import (
	"net/http"

	"codeberg.org/u1f320/pronouns.cc/backend/server"
	"github.com/go-chi/chi/v5"
	"github.com/go-chi/render"
	"github.com/prometheus/client_golang/prometheus/promhttp"
)

type Server struct {
	*server.Server
}

func Mount(srv *server.Server, r chi.Router) {
	s := &Server{Server: srv}

	r.With(MustAdmin).Route("/admin", func(r chi.Router) {
		r.Get("/reports", server.WrapHandler(s.getReports))
		r.Get("/reports/by-user/{id}", server.WrapHandler(s.getReportsByUser))
		r.Get("/reports/by-reporter/{id}", server.WrapHandler(s.getReportsByReporter))

		r.Patch("/reports/{id}", server.WrapHandler(s.resolveReport))
	})

	r.With(MustAdmin).Handle("/metrics", promhttp.Handler())

	r.With(server.MustAuth).Post("/users/{id}/reports", server.WrapHandler(s.createUserReport))
	r.With(server.MustAuth).Post("/members/{id}/reports", server.WrapHandler(s.createMemberReport))

	r.With(server.MustAuth).Get("/auth/warnings", server.WrapHandler(s.getWarnings))
	r.With(server.MustAuth).Post("/auth/warnings/{id}/ack", server.WrapHandler(s.ackWarning))
}

func MustAdmin(next http.Handler) http.Handler {
	fn := func(w http.ResponseWriter, r *http.Request) {
		claims, ok := server.ClaimsFromContext(r.Context())
		if !ok {
			render.Status(r, http.StatusForbidden)
			render.JSON(w, r, server.APIError{
				Code:    server.ErrForbidden,
				Message: "Forbidden",
			})
			return
		}

		if !claims.UserIsAdmin {
			render.Status(r, http.StatusForbidden)
			render.JSON(w, r, server.APIError{
				Code:    server.ErrForbidden,
				Message: "Forbidden",
			})
			return
		}

		next.ServeHTTP(w, r)
	}

	return http.HandlerFunc(fn)
}
start reports/moderation in backend 2023-03-19 16:14:09 +01:00			`package mod`

			`import (`
			`"net/http"`

			`"codeberg.org/u1f320/pronouns.cc/backend/server"`
			`"github.com/go-chi/chi/v5"`
			`"github.com/go-chi/render"`
feat: add prometheus metrics 2023-04-17 23:44:21 +02:00			`"github.com/prometheus/client_golang/prometheus/promhttp"`
start reports/moderation in backend 2023-03-19 16:14:09 +01:00			`)`

			`type Server struct {`
			`*server.Server`
			`}`

			`func Mount(srv *server.Server, r chi.Router) {`
			`s := &Server{Server: srv}`

			`r.With(MustAdmin).Route("/admin", func(r chi.Router) {`
			`r.Get("/reports", server.WrapHandler(s.getReports))`
feat: add list reports endpoints 2023-03-21 14:27:39 +01:00			`r.Get("/reports/by-user/{id}", server.WrapHandler(s.getReportsByUser))`
			`r.Get("/reports/by-reporter/{id}", server.WrapHandler(s.getReportsByReporter))`
start reports/moderation in backend 2023-03-19 16:14:09 +01:00
feat: backend for warnings, partial frontend for reports 2023-03-23 14:54:43 +01:00			`r.Patch("/reports/{id}", server.WrapHandler(s.resolveReport))`
start reports/moderation in backend 2023-03-19 16:14:09 +01:00			`})`
feat(backend): add create user report endpoint 2023-03-21 17:16:16 +01:00
feat: add prometheus metrics 2023-04-17 23:44:21 +02:00			`r.With(MustAdmin).Handle("/metrics", promhttp.Handler())`

feat(backend): add create user report endpoint 2023-03-21 17:16:16 +01:00			`r.With(server.MustAuth).Post("/users/{id}/reports", server.WrapHandler(s.createUserReport))`
feat(backend): add create member report endpoint 2023-03-22 15:53:20 +01:00			`r.With(server.MustAuth).Post("/members/{id}/reports", server.WrapHandler(s.createMemberReport))`
feat: backend for warnings, partial frontend for reports 2023-03-23 14:54:43 +01:00
			`r.With(server.MustAuth).Get("/auth/warnings", server.WrapHandler(s.getWarnings))`
			`r.With(server.MustAuth).Post("/auth/warnings/{id}/ack", server.WrapHandler(s.ackWarning))`
start reports/moderation in backend 2023-03-19 16:14:09 +01:00			`}`

			`func MustAdmin(next http.Handler) http.Handler {`
			`fn := func(w http.ResponseWriter, r *http.Request) {`
			`claims, ok := server.ClaimsFromContext(r.Context())`
			`if !ok {`
			`render.Status(r, http.StatusForbidden)`
			`render.JSON(w, r, server.APIError{`
			`Code: server.ErrForbidden,`
			`Message: "Forbidden",`
			`})`
			`return`
			`}`

			`if !claims.UserIsAdmin {`
			`render.Status(r, http.StatusForbidden)`
			`render.JSON(w, r, server.APIError{`
			`Code: server.ErrForbidden,`
			`Message: "Forbidden",`
			`})`
			`return`
			`}`

			`next.ServeHTTP(w, r)`
			`}`

			`return http.HandlerFunc(fn)`
			`}`