-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
60 lines (49 loc) · 2.66 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
package main
import (
"daily-api/handlers"
"daily-api/middleware"
"daily-api/models"
"github.com/gin-gonic/gin"
"gorm.io/driver/postgres"
"gorm.io/gorm"
)
var err error
func main() {
dsn := "host=localhost user=postgres password=1234 dbname=postgres port=5432 sslmode=disable"
models.DB, err = gorm.Open(postgres.Open(dsn), &gorm.Config{})
if err != nil {
panic("failed to connect to database")
}
// Migrate the schema
models.DB.AutoMigrate(&models.Customer{}, &models.Billing{}, &models.Payroll{}, &models.User{})
r := gin.Default()
// User routes
r.POST("/register", handlers.Register)
r.POST("/login", handlers.Login)
auth := r.Group("/")
auth.Use(middleware.AuthMiddleware())
// Customer routes with role-based access control
auth.POST("/customers", middleware.RoleMiddleware("sales"), handlers.CreateCustomer)
auth.GET("/customers", middleware.RoleMiddleware("sales", "account"), handlers.GetCustomers)
auth.GET("/customers/:id", middleware.RoleMiddleware("sales", "account"), handlers.GetCustomer)
auth.PUT("/customers/:id", middleware.RoleMiddleware("sales"), handlers.UpdateCustomer)
auth.DELETE("/customers/:id", middleware.RoleMiddleware("sales"), handlers.DeleteCustomer)
// Billing routes with role-based access control
auth.POST("/billings", middleware.RoleMiddleware("sales"), handlers.CreateBilling)
auth.GET("/billings", middleware.RoleMiddleware("sales", "account"), handlers.GetBillings)
auth.GET("/billings/:id", middleware.RoleMiddleware("sales", "account"), handlers.GetBilling)
auth.PUT("/billings/:id", middleware.RoleMiddleware("sales"), handlers.UpdateBilling)
auth.DELETE("/billings/:id", middleware.RoleMiddleware("sales"), handlers.DeleteBilling)
// Payroll routes with role-based access control
auth.POST("/payrolls", middleware.RoleMiddleware("hr"), handlers.CreatePayroll)
auth.GET("/payrolls", middleware.RoleMiddleware("hr", "account"), handlers.GetPayrolls)
auth.GET("/payrolls/:id", middleware.RoleMiddleware("hr", "account"), handlers.GetPayrolls)
auth.PUT("/payrolls/:id", middleware.RoleMiddleware("hr"), handlers.UpdatePayroll)
auth.DELETE("/payrolls/:id", middleware.RoleMiddleware("hr"), handlers.DeletePayroll)
// User routes with role-based access control
auth.GET("/users", middleware.RoleMiddleware("admin", "hr"), handlers.GetUsers)
auth.GET("/users/:id", middleware.RoleMiddleware("admin"), handlers.GetUser)
auth.PUT("/users/:id", middleware.RoleMiddleware("admin"), handlers.UpdateUser)
auth.DELETE("/users/:id", middleware.RoleMiddleware("admin"), handlers.DeleteUser)
r.Run(":8080")
}