user endpoints added

Author: nevzattalhaozcan

internal/handlers/server.go

@@ -88,6 +88,8 @@ func (s *Server) setupRoutes() {
 		protected.GET("/profile", userHandler.GetProfile)
 		protected.GET("/users/:id", middleware.AuthorizeSelf(), userHandler.GetUser)
 		protected.GET("/users", middleware.RestrictToRoles("admin", "superuser"), userHandler.GetAllUsers)
+		protected.PUT("/users/:id", middleware.AuthorizeSelf(), userHandler.UpdateUser)
+		protected.DELETE("/users/:id", middleware.AuthorizeSelf(), userHandler.DeleteUser)
 	}
 }
 

internal/handlers/user.go

@@ -156,4 +156,75 @@ func (h *UserHandler) GetAllUsers(c *gin.Context) {
 	}
 
 	c.JSON(http.StatusOK, gin.H{"users": users})
+}
+
+// @Summary Update user
+// @Description Update user information
+// @Tags Users
+// @Accept json
+// @Produce json
+// @Param id path int true "User ID"
+// @Param request body models.UpdateUserRequest true "Update user data"
+// @Success 200 {object} map[string]interface{} "User updated successfully"
+// @Failure 400 {object} map[string]string "Bad request"
+// @Failure 404 {object} map[string]string "User not found"
+// @Failure 500 {object} map[string]string "Internal server error"
+// @Security Bearer
+// @Router /api/v1/users/{id} [put]
+func (h *UserHandler) UpdateUser(c *gin.Context) {
+	var req models.UpdateUserRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	if err := h.validator.Struct(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	userID, exists := c.Get("user_id")
+	if !exists {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "user not found in context"})
+		return
+	}
+
+	user, err := h.userService.UpdateUser(userID.(uint), &req)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{
+		"message": "user updated successfully",
+		"user":    user,
+	})
+}
+
+// @Summary Delete user
+// @Description Delete a user by ID
+// @Tags Users
+// @Produce json
+// @Param id path int true "User ID"
+// @Success 204 {object} nil "User deleted successfully"
+// @Failure 400 {object} map[string]string "Bad request"
+// @Failure 404 {object} map[string]string "User not found"
+// @Failure 500 {object} map[string]string "Internal server error"
+// @Security Bearer
+// @Router /api/v1/users/{id} [delete]
+func (h *UserHandler) DeleteUser(c *gin.Context) {
+	idParam := c.Param("id")
+	id, err := strconv.ParseUint(idParam, 10, 32)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "invalid user ID"})
+		return
+	}
+
+	err = h.userService.DeleteUser(uint(id))
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+		return
+	}
+
+	c.JSON(http.StatusNoContent, nil)
 }

internal/models/user.go

@@ -20,9 +20,9 @@ type User struct {
 	AvatarURL      *string        `json:"avatar_url" gorm:"type:text"`
 	Location       *string        `json:"location" gorm:"size:255"`
 	FavoriteGenres pq.StringArray `json:"favorite_genres" gorm:"type:text[]"`
-	BooksRead      int            `json:"books_read" gorm:"default:0"`
 	Bio            *string        `json:"bio" gorm:"type:text"`
 	ReadingGoal    int            `json:"reading_goal" gorm:"default:0"`
+	BooksRead      int            `json:"books_read" gorm:"default:0"`
 	Badges         pq.StringArray `json:"badges" gorm:"type:text[]"`
 	IsOnline       bool           `json:"is_online" gorm:"default:false"`
 	LastSeen       *time.Time     `json:"last_seen"`

internal/services/user.go

@@ -124,4 +124,96 @@ func (s *UserService) GetAllUsers() ([]models.UserResponse, error) {
 	}
 
 	return responses, nil
+}
+
+func (s *UserService) UpdateUser(id uint, req *models.UpdateUserRequest) (*models.UserResponse, error) {
+	user, err := s.userRepo.GetByID(id)
+	if err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return nil, errors.New("user not found")
+		}
+		return nil, err
+	}
+
+	if req.Username != nil && *req.Username != user.Username {
+		existingUser, err := s.userRepo.GetByUsername(*req.Username)
+		if err == nil && existingUser.ID != user.ID {
+			return nil, errors.New("username already exists")
+		}
+		user.Username = *req.Username
+	}
+
+	if req.Email != nil && *req.Email != user.Email {
+		existingUser, err := s.userRepo.GetByEmail(*req.Email)
+		if err == nil && existingUser.ID != user.ID {
+			return nil, errors.New("email already exists")
+		}
+		user.Email = *req.Email
+	}
+
+	if req.Password != nil {
+		hashedPassword, err := utils.HashPassword(*req.Password)
+		if err != nil {
+			return nil, errors.New("failed to hash password")
+		}
+		user.PasswordHash = hashedPassword
+	}
+
+	if req.FirstName != nil {
+		user.FirstName = *req.FirstName
+	}
+
+	if req.LastName != nil {
+		user.LastName = *req.LastName
+	}
+
+	if req.Role != nil {
+		user.Role = *req.Role
+	}
+
+	if req.IsActive != nil {
+		user.IsActive = *req.IsActive
+	}
+
+	if req.AvatarURL != nil {
+		user.AvatarURL = req.AvatarURL
+	}
+
+	if req.Location != nil {
+		user.Location = req.Location
+	}
+
+	if req.FavoriteGenres != nil {
+		user.FavoriteGenres = *req.FavoriteGenres
+	}
+
+	if req.Bio != nil {
+		user.Bio = req.Bio
+	}
+
+	if req.ReadingGoal != nil {
+		user.ReadingGoal = *req.ReadingGoal
+	}
+
+	if err := s.userRepo.Update(user); err != nil {
+		return nil, errors.New("failed to update user")
+	}
+
+	response := user.ToResponse()
+	return &response, nil
+}
+
+func (s *UserService) DeleteUser(id uint) error {
+	err := s.userRepo.Delete(id)
+	if err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return errors.New("user not found")
+		}
+		return err
+	}
+
+	// decrement user count metric
+	metrics.IncrementUserCount(-1)
+
+	return nil
 }