-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathownership.go
More file actions
93 lines (78 loc) · 2.89 KB
/
ownership.go
File metadata and controls
93 lines (78 loc) · 2.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
package handler
import (
"errors"
"fmt"
"net/http"
"github.com/labstack/echo/v4"
"github.com/traPtitech/booQ-v3/domain"
"github.com/traPtitech/booQ-v3/handler/openapi"
"github.com/traPtitech/booQ-v3/middleware"
"github.com/traPtitech/booQ-v3/usecase"
)
func (h *handler) PostItemOwners(ctx echo.Context, itemId openapi.ItemIdInPath) error {
req := openapi.PostItemOwnersJSONRequestBody{}
if err := ctx.Bind(&req); err != nil {
return ctx.JSON(http.StatusBadRequest, fmt.Sprintf("invalid request body: %v", err))
}
userID, ok := middleware.GetUserID(ctx.Request().Context())
if !ok {
return ctx.JSON(http.StatusUnauthorized, "user ID not found in context")
}
if userID != req.UserId {
return ctx.JSON(http.StatusForbidden, "you cannot create ownership for another user")
}
ownership := &domain.Ownership{
ItemID: itemId,
UserID: req.UserId,
Rentable: req.Rentalable,
Memo: req.Memo,
}
created, err := h.ou.CreateOwnership(ownership)
if err != nil {
return ctx.JSON(http.StatusInternalServerError, fmt.Sprintf("failed to create ownership: %v", err))
}
return ctx.JSON(http.StatusCreated, toOpenAPIOwnership(created))
}
func (h *handler) EditItemOwners(ctx echo.Context, itemId openapi.ItemIdInPath, ownershipId openapi.OwnershipIdInPath) error {
req := openapi.EditItemOwnersJSONRequestBody{}
if err := ctx.Bind(&req); err != nil {
return ctx.JSON(http.StatusBadRequest, fmt.Sprintf("invalid request body: %v", err))
}
userID, ok := middleware.GetUserID(ctx.Request().Context())
if !ok {
return ctx.JSON(http.StatusUnauthorized, "user ID not found in context")
}
ownership := &domain.Ownership{
ID: ownershipId,
ItemID: itemId,
UserID: req.UserId,
Rentable: req.Rentalable,
Memo: req.Memo,
}
updated, err := h.ou.UpdateOwnership(ownership, userID)
if err != nil {
if errors.Is(err, domain.ErrNotFound) {
return ctx.NoContent(http.StatusNotFound)
} else if errors.Is(err, usecase.ErrForbidden) {
return ctx.JSON(http.StatusForbidden, "you cannot update this ownership")
}
return ctx.JSON(http.StatusInternalServerError, fmt.Sprintf("failed to update ownership: %v", err))
}
return ctx.JSON(http.StatusOK, toOpenAPIOwnership(updated))
}
func (h *handler) DeleteItemOwners(ctx echo.Context, itemId openapi.ItemIdInPath, ownershipId openapi.OwnershipIdInPath) error {
userID, ok := middleware.GetUserID(ctx.Request().Context())
if !ok {
return ctx.JSON(http.StatusUnauthorized, "user ID not found in context")
}
err := h.ou.DeleteOwnership(ownershipId, itemId, userID)
if err != nil {
if errors.Is(err, domain.ErrNotFound) {
return ctx.NoContent(http.StatusNotFound)
} else if errors.Is(err, usecase.ErrForbidden) {
return ctx.JSON(http.StatusForbidden, "you cannot delete this ownership")
}
return ctx.JSON(http.StatusInternalServerError, fmt.Sprintf("failed to delete ownership: %v", err))
}
return ctx.NoContent(http.StatusOK)
}