From 420cfd5c9de84a05c705800bc62a958a5c2a0099 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?William=20Bouzour=C3=A8ne?= <william@bouzourene.ch>
Date: Fri, 3 Jan 2025 16:13:41 +0100
Subject: [PATCH] Gestion des permissions

---
 controllers/users.go        | 97 +++++++++++++++++++++++++++++++++++++
 helpers/database.go         |  2 +-
 main.go                     |  2 +
 models/users.go             |  2 +-
 views/user.html             | 24 +++++++++
 views/user_permissions.html | 86 ++++++++++++++++++++++++++++++++
 6 files changed, 211 insertions(+), 2 deletions(-)
 create mode 100644 views/user_permissions.html

diff --git a/controllers/users.go b/controllers/users.go
index e71f2ac..37841d3 100644
--- a/controllers/users.go
+++ b/controllers/users.go
@@ -61,9 +61,15 @@ func UserShow(c *fiber.Ctx) error {
 		user.Name,
 	)
 
+	var userRoles []models.UserRole
+	db.Joins("Role").Joins("Section").Order("Section__name collate nocase asc").Find(
+		&userRoles, "user_id = ?", id,
+	)
+
 	return c.Render("user", fiber.Map{
 		"PageTitle": title,
 		"User":      user,
+		"UserRoles": userRoles,
 	})
 }
 
@@ -231,6 +237,97 @@ func UserEdit(c *fiber.Ctx) error {
 	})
 }
 
+func UserPermissions(c *fiber.Ctx) error {
+	id := c.Params("id")
+
+	db, err := helpers.GetDatabase()
+	if err != nil {
+		return err
+	}
+
+	var user models.User
+	result := db.Find(&user, "id = ?", id)
+
+	if errors.Is(result.Error, gorm.ErrRecordNotFound) {
+		return fiber.NewError(fiber.StatusNotFound, "Not found")
+	}
+
+	if result.Error != nil {
+		return result.Error
+	}
+
+	title := fmt.Sprintf(
+		"%s | Permissions utilisateur",
+		user.Name,
+	)
+
+	var roles []models.Role
+	db.Order("name collate nocase asc").Find(&roles)
+
+	var sections []models.Section
+	db.Order("name collate nocase asc").Find(&sections)
+
+	var errors []string
+	if c.Method() == "POST" {
+		var newUserRoles []models.UserRole
+
+		for _, section := range sections {
+			key := fmt.Sprintf("section-%d", section.ID)
+			value := c.FormValue(key, "0")
+
+			valueInt, err := strconv.ParseUint(value, 10, 0)
+			if err == nil && valueInt > 0 {
+				roleID := uint(valueInt)
+				roleFound := false
+
+				for _, role := range roles {
+					if role.ID == roleID {
+						roleFound = true
+						break
+					}
+				}
+
+				if roleFound {
+					newUserRoles = append(newUserRoles, models.UserRole{
+						UserID:    user.ID,
+						RoleID:    roleID,
+						SectionID: section.ID,
+					})
+				}
+			}
+		}
+
+		db.Delete(&models.UserRole{}, "user_id = ?", id)
+		for _, newUserRole := range newUserRoles {
+			db.Create(&newUserRole)
+		}
+
+		if len(errors) == 0 {
+			result2 := db.Save(&user)
+			if result2.Error != nil {
+				return result2.Error
+			} else {
+				c.Redirect(fmt.Sprintf(
+					"/admin/users/%d",
+					user.ID,
+				))
+			}
+		}
+	}
+
+	var userRoles []models.UserRole
+	db.Find(&userRoles, "user_id = ?", id)
+
+	return c.Render("user_permissions", fiber.Map{
+		"PageTitle": title,
+		"User":      user,
+		"Roles":     roles,
+		"Sections":  sections,
+		"UserRoles": userRoles,
+		"Errors":    errors,
+	})
+}
+
 func UserDelete(c *fiber.Ctx) error {
 	id := c.Params("id")
 
diff --git a/helpers/database.go b/helpers/database.go
index 5be5534..05095e1 100644
--- a/helpers/database.go
+++ b/helpers/database.go
@@ -39,7 +39,7 @@ func connectDatabase() (*gorm.DB, error) {
 		&models.User{},
 		&models.Section{},
 		&models.Role{},
-		&models.UserRoles{},
+		&models.UserRole{},
 		&models.Person{},
 		&models.List{},
 		&models.ListItem{},
diff --git a/main.go b/main.go
index 2603c2c..e05e658 100644
--- a/main.go
+++ b/main.go
@@ -142,6 +142,8 @@ func main() {
 	app.Post("/admin/users/add", controllers.UserAdd)
 	app.Get("/admin/users/:id<int;min(0)>/edit", controllers.UserEdit)
 	app.Post("/admin/users/:id<int;min(0)>/edit", controllers.UserEdit)
+	app.Get("/admin/users/:id<int;min(0)>/permissions", controllers.UserPermissions)
+	app.Post("/admin/users/:id<int;min(0)>/permissions", controllers.UserPermissions)
 	app.Post("/admin/users/:id<int;min(0)>/delete", controllers.UserDelete)
 
 	// Admin: Roles
diff --git a/models/users.go b/models/users.go
index 501709e..b71743c 100644
--- a/models/users.go
+++ b/models/users.go
@@ -16,7 +16,7 @@ type User struct {
 	SkipWelcome bool
 }
 
-type UserRoles struct {
+type UserRole struct {
 	gorm.Model
 	UserID    uint
 	User      User
diff --git a/views/user.html b/views/user.html
index 0769c43..ac8dc54 100644
--- a/views/user.html
+++ b/views/user.html
@@ -51,11 +51,35 @@
 		{% endif %}
 	</div>
 
+	{% if UserRoles %}		
+	<div class="mb-4">
+		<div class="mb-3">
+			<b>Permissions</b>
+		</div>
+		<div style="max-width: 500px;">
+			<table class="table table-bordered">
+				<tbody>
+					{% for UserRole in UserRoles %}
+					<tr>
+						<td>{{ UserRole.Section.Name }}</td>
+						<td>{{ UserRole.Role.Name }}</td>
+					</tr>
+					{% endfor %}
+				</tbody>
+			</table>
+		</div>
+	</div>
+	{% endif %}
+
 	<div class="mt-3">
 		<a class="btn btn-md btn-primary" href="/admin/users/{{ User.ID }}/edit">
 			<i class="feather" data-feather="edit-2"></i>
 			Modifier
 		</a>
+		<a class="btn btn-md btn-primary" href="/admin/users/{{ User.ID }}/permissions">
+			<i class="feather" data-feather="lock"></i>
+			Permissions
+		</a>
 
 		{% if User.ID != Globals.UserID %}
 		<form
diff --git a/views/user_permissions.html b/views/user_permissions.html
new file mode 100644
index 0000000..2943aa3
--- /dev/null
+++ b/views/user_permissions.html
@@ -0,0 +1,86 @@
+{% extends "layouts/main.html" %}
+
+{% block main %}
+<div class="container mt-4">
+	<div class="mb-4">
+		<nav>
+			<ol class="breadcrumb">
+				<li class="breadcrumb-item"><a href="/">Accueil</a></li>
+				<li class="breadcrumb-item"><a href="/admin">Administration</a></li>
+				<li class="breadcrumb-item"><a href="/admin/users">Utilisateurs</a></li>
+				<li class="breadcrumb-item"><a href="/admin/users/{{ User.ID }}">{{ User.Name }}</a></li>
+				<li class="breadcrumb-item active">Permissions</li>
+			</ol>
+		</nav>
+		<hr>
+	</div>
+
+	{% if Errors %}
+	<div class="alert alert-danger">
+		<ul class="m-0">
+			{% for Error in Errors %}
+				<li>{{ Error }}</li>
+			{% endfor %}
+		</ul>
+	</div>
+	{% endif %}
+	
+	<form id="user" method="post">
+
+		<div class="table-responsive">
+			<table class="table">
+				<thead>
+					<tr>
+						<th>Section</th>
+						<th>Rôle</th>
+					</tr>
+				</thead>
+				<tbody>
+					{% for Section in Sections %}
+					<tr>
+						<td>
+							<input
+								type="text"
+								class="form-control"
+								readonly
+								value="{{ Section.Name }}"
+							>
+						</td>
+						<td>
+							<select
+								class="form-control"
+								name="section-{{ Section.ID }}"
+								id="section-{{ Section.ID }}"
+							>
+								<option value="0">--- Aucun ---</option>
+								{% for Role in Roles %}
+									<option
+										value="{{ Role.ID }}"
+
+										{% for UserRole in UserRoles %}
+											{% if Section.ID == UserRole.SectionID and Role.ID == UserRole.RoleID %}
+												selected
+											{% endif %}
+										{% endfor %}
+									>
+										{{ Role.Name }}
+									</option>
+								{% endfor %}
+							</select>
+						</td>
+					</tr>
+					{% endfor %}
+				</tbody>
+			</table>
+		</div>
+
+		<div class="mt-3">
+			<button class="btn btn-primary" type="submit">
+				<i class="me-1" data-feather="save"></i>
+				Enregistrer
+			</button>
+		</div>
+	</form>
+
+</div>
+{% endblock %}