diff --git a/app/module/articles/repository/articles.repository.go b/app/module/articles/repository/articles.repository.go index 924d9ee..3d5bc16 100644 --- a/app/module/articles/repository/articles.repository.go +++ b/app/module/articles/repository/articles.repository.go @@ -116,7 +116,7 @@ func (_i *articlesRepository) GetAll(clientId *uuid.UUID, userLevelId *uint, req if mode == "approver" { query = query.Where("articles.is_draft = ?", false) query = query.Joins("JOIN users acu ON acu.id = articles.created_by_id"). - Where("acu.user_level_id = ?", 2) + Where("acu.user_role_id = ?", 3) } } diff --git a/app/module/articles/request/articles.request.go b/app/module/articles/request/articles.request.go index 51d9897..0bdb994 100644 --- a/app/module/articles/request/articles.request.go +++ b/app/module/articles/request/articles.request.go @@ -30,7 +30,7 @@ type ArticlesQueryRequest struct { StartDate *time.Time `json:"startDate"` EndDate *time.Time `json:"endDate"` Pagination *paginator.Pagination `json:"pagination"` - // myContentMode: "own" = current user's articles (any level); "approver" = non-draft from contributors (level 2) for approver history + // myContentMode: "own" = current user's articles (any level); "approver" = non-draft from contributors (user_role_id 3) for approver history MyContentMode *string `json:"myContentMode"` } diff --git a/app/module/articles/service/articles.service.go b/app/module/articles/service/articles.service.go index 760de44..ec52f3a 100644 --- a/app/module/articles/service/articles.service.go +++ b/app/module/articles/service/articles.service.go @@ -120,7 +120,15 @@ func NewArticlesService( } } -const myContentApproverMinLevel = uint(3) +const ( + userRoleAdmin = uint(1) + userRoleApprover = uint(2) + userRoleContributor = uint(3) +) + +func canUseMyContentApproverMode(roleID uint) bool { + return roleID == userRoleApprover || roleID == userRoleAdmin +} // All implement interface of ArticlesService func (_i *articlesService) All(clientId *uuid.UUID, authToken string, req request.ArticlesQueryRequest) (articless []*response.ArticlesResponse, paging paginator.Pagination, err error) { @@ -139,8 +147,8 @@ func (_i *articlesService) All(clientId *uuid.UUID, authToken string, req reques userLevelId = nil _i.Log.Info().Uint("userId", user.ID).Msg("myContentMode=own: list own articles without level visibility filter") case "approver": - if user.UserLevelId != myContentApproverMinLevel { - return nil, paging, errors.New("myContentMode approver requires user level 3") + if !canUseMyContentApproverMode(user.UserRoleId) { + return nil, paging, errors.New("myContentMode approver requires approver or admin role") } userLevelId = nil _i.Log.Info().Msg("myContentMode=approver: list contributor non-draft articles") diff --git a/app/module/cms_content_submissions/service/cms_content_submissions.service.go b/app/module/cms_content_submissions/service/cms_content_submissions.service.go index c238682..c5d1125 100644 --- a/app/module/cms_content_submissions/service/cms_content_submissions.service.go +++ b/app/module/cms_content_submissions/service/cms_content_submissions.service.go @@ -33,13 +33,18 @@ import ( ) const ( - cmsSubmissionPending = "pending" - cmsSubmissionApproved = "approved" - cmsSubmissionRejected = "rejected" - userLevelContributor = uint(2) - userLevelApprover = uint(3) + cmsSubmissionPending = "pending" + cmsSubmissionApproved = "approved" + cmsSubmissionRejected = "rejected" + userRoleAdmin = uint(1) + userRoleApprover = uint(2) + userRoleContributor = uint(3) ) +func canApproveCmsSubmissions(roleID uint) bool { + return roleID == userRoleApprover || roleID == userRoleAdmin +} + type CmsContentSubmissionsService interface { Submit(clientID *uuid.UUID, user *users.Users, req *request.SubmitCmsContentSubmissionRequest) (*entity.CmsContentSubmission, error) List(clientID *uuid.UUID, user *users.Users, status string, mineOnly bool, p *paginator.Pagination) ([]response.CmsContentSubmissionListItem, *paginator.Pagination, error) @@ -102,8 +107,8 @@ func (_i *cmsContentSubmissionsService) Submit(clientID *uuid.UUID, user *users. if clientID == nil || user == nil { return nil, errors.New("unauthorized") } - if user.UserLevelId != userLevelContributor { - return nil, errors.New("only contributor (user level 2) can submit CMS drafts") + if user.UserRoleId != userRoleContributor { + return nil, errors.New("only contributor role can submit CMS drafts") } domain := strings.TrimSpace(strings.ToLower(req.Domain)) if domain == "" { @@ -141,7 +146,7 @@ func (_i *cmsContentSubmissionsService) List(clientID *uuid.UUID, user *users.Us var submittedBy *uint if mineOnly { submittedBy = &user.ID - } else if user.UserLevelId == userLevelContributor { + } else if user.UserRoleId == userRoleContributor { submittedBy = &user.ID } statusArg := status @@ -178,8 +183,8 @@ func (_i *cmsContentSubmissionsService) Approve(clientID *uuid.UUID, user *users if clientID == nil || user == nil { return errors.New("unauthorized") } - if user.UserLevelId != userLevelApprover { - return errors.New("only approver (user level 3) can approve CMS submissions") + if !canApproveCmsSubmissions(user.UserRoleId) { + return errors.New("only approver or admin role can approve CMS submissions") } row, err := _i.Repo.FindByID(*clientID, id) if err != nil { @@ -203,8 +208,8 @@ func (_i *cmsContentSubmissionsService) Reject(clientID *uuid.UUID, user *users. if clientID == nil || user == nil { return errors.New("unauthorized") } - if user.UserLevelId != userLevelApprover { - return errors.New("only approver (user level 3) can reject CMS submissions") + if !canApproveCmsSubmissions(user.UserRoleId) { + return errors.New("only approver or admin role can reject CMS submissions") } row, err := _i.Repo.FindByID(*clientID, id) if err != nil { diff --git a/config/toml/config.toml b/config/toml/config.toml index 7d6e3a2..a18d711 100644 --- a/config/toml/config.toml +++ b/config/toml/config.toml @@ -9,7 +9,7 @@ idle-timeout = 5 # As seconds print-routes = false prefork = false # false: CMS preview URLs use http://localhost + port above. true: use domain (e.g. https://qudo.id/api). -production = false +production = true body-limit = 1048576000 # "100 * 1024 * 1024" [db.postgres]