Store configuration owner by MariaDB username

2026-02-04 12:20:41 +03:00
parent f42b850734
commit f4f92dea66
15 changed files with 281 additions and 223 deletions
--- a/internal/services/configuration.go
+++ b/internal/services/configuration.go
@@ -4,20 +4,20 @@ import (
 	"errors"
 	"time"

-	"github.com/google/uuid"
 	"git.mchus.pro/mchus/quoteforge/internal/models"
 	"git.mchus.pro/mchus/quoteforge/internal/repository"
+	"github.com/google/uuid"
 )

 var (
-	ErrConfigNotFound   = errors.New("configuration not found")
-	ErrConfigForbidden  = errors.New("access to configuration forbidden")
+	ErrConfigNotFound  = errors.New("configuration not found")
+	ErrConfigForbidden = errors.New("access to configuration forbidden")
 )

 // ConfigurationGetter is an interface for services that can retrieve configurations
 // Used by handlers to work with both ConfigurationService and LocalConfigurationService
 type ConfigurationGetter interface {
-	GetByUUID(uuid string, userID uint) (*models.Configuration, error)
+	GetByUUID(uuid string, ownerUsername string) (*models.Configuration, error)
 }

 type ConfigurationService struct {
@@ -39,15 +39,15 @@ func NewConfigurationService(
 }

 type CreateConfigRequest struct {
-	Name        string              `json:"name"`
-	Items       models.ConfigItems  `json:"items"`
-	CustomPrice *float64            `json:"custom_price"`
-	Notes       string              `json:"notes"`
-	IsTemplate  bool                `json:"is_template"`
-	ServerCount int                 `json:"server_count"`
+	Name        string             `json:"name"`
+	Items       models.ConfigItems `json:"items"`
+	CustomPrice *float64           `json:"custom_price"`
+	Notes       string             `json:"notes"`
+	IsTemplate  bool               `json:"is_template"`
+	ServerCount int                `json:"server_count"`
 }

-func (s *ConfigurationService) Create(userID uint, req *CreateConfigRequest) (*models.Configuration, error) {
+func (s *ConfigurationService) Create(ownerUsername string, req *CreateConfigRequest) (*models.Configuration, error) {
 	total := req.Items.Total()

 	// If server count is greater than 1, multiply the total by server count
@@ -56,15 +56,15 @@ func (s *ConfigurationService) Create(userID uint, req *CreateConfigRequest) (*m
 	}

 	config := &models.Configuration{
-		UUID:        uuid.New().String(),
-		UserID:      userID,
-		Name:        req.Name,
-		Items:       req.Items,
-		TotalPrice:  &total,
-		CustomPrice: req.CustomPrice,
-		Notes:       req.Notes,
-		IsTemplate:  req.IsTemplate,
-		ServerCount: req.ServerCount,
+		UUID:          uuid.New().String(),
+		OwnerUsername: ownerUsername,
+		Name:          req.Name,
+		Items:         req.Items,
+		TotalPrice:    &total,
+		CustomPrice:   req.CustomPrice,
+		Notes:         req.Notes,
+		IsTemplate:    req.IsTemplate,
+		ServerCount:   req.ServerCount,
 	}

 	if err := s.configRepo.Create(config); err != nil {
@@ -77,27 +77,27 @@ func (s *ConfigurationService) Create(userID uint, req *CreateConfigRequest) (*m
 	return config, nil
 }

-func (s *ConfigurationService) GetByUUID(uuid string, userID uint) (*models.Configuration, error) {
+func (s *ConfigurationService) GetByUUID(uuid string, ownerUsername string) (*models.Configuration, error) {
 	config, err := s.configRepo.GetByUUID(uuid)
 	if err != nil {
 		return nil, ErrConfigNotFound
 	}

 	// Allow access if user owns config or it's a template
-	if config.UserID != userID && !config.IsTemplate {
+	if !s.isOwner(config, ownerUsername) && !config.IsTemplate {
 		return nil, ErrConfigForbidden
 	}

 	return config, nil
 }

-func (s *ConfigurationService) Update(uuid string, userID uint, req *CreateConfigRequest) (*models.Configuration, error) {
+func (s *ConfigurationService) Update(uuid string, ownerUsername string, req *CreateConfigRequest) (*models.Configuration, error) {
 	config, err := s.configRepo.GetByUUID(uuid)
 	if err != nil {
 		return nil, ErrConfigNotFound
 	}

-	if config.UserID != userID {
+	if !s.isOwner(config, ownerUsername) {
 		return nil, ErrConfigForbidden
 	}

@@ -123,26 +123,26 @@ func (s *ConfigurationService) Update(uuid string, userID uint, req *CreateConfi
 	return config, nil
 }

-func (s *ConfigurationService) Delete(uuid string, userID uint) error {
+func (s *ConfigurationService) Delete(uuid string, ownerUsername string) error {
 	config, err := s.configRepo.GetByUUID(uuid)
 	if err != nil {
 		return ErrConfigNotFound
 	}

-	if config.UserID != userID {
+	if !s.isOwner(config, ownerUsername) {
 		return ErrConfigForbidden
 	}

 	return s.configRepo.Delete(config.ID)
 }

-func (s *ConfigurationService) Rename(uuid string, userID uint, newName string) (*models.Configuration, error) {
+func (s *ConfigurationService) Rename(uuid string, ownerUsername string, newName string) (*models.Configuration, error) {
 	config, err := s.configRepo.GetByUUID(uuid)
 	if err != nil {
 		return nil, ErrConfigNotFound
 	}

-	if config.UserID != userID {
+	if !s.isOwner(config, ownerUsername) {
 		return nil, ErrConfigForbidden
 	}

@@ -155,8 +155,8 @@ func (s *ConfigurationService) Rename(uuid string, userID uint, newName string)
 	return config, nil
 }

-func (s *ConfigurationService) Clone(configUUID string, userID uint, newName string) (*models.Configuration, error) {
-	original, err := s.GetByUUID(configUUID, userID)
+func (s *ConfigurationService) Clone(configUUID string, ownerUsername string, newName string) (*models.Configuration, error) {
+	original, err := s.GetByUUID(configUUID, ownerUsername)
 	if err != nil {
 		return nil, err
 	}
@@ -170,15 +170,15 @@ func (s *ConfigurationService) Clone(configUUID string, userID uint, newName str
 	}

 	clone := &models.Configuration{
-		UUID:        uuid.New().String(),
-		UserID:      userID,
-		Name:        newName,
-		Items:       original.Items,
-		TotalPrice:  &total,
-		CustomPrice: original.CustomPrice,
-		Notes:       original.Notes,
-		IsTemplate:  false, // Clone is never a template
-		ServerCount: original.ServerCount,
+		UUID:          uuid.New().String(),
+		OwnerUsername: ownerUsername,
+		Name:          newName,
+		Items:         original.Items,
+		TotalPrice:    &total,
+		CustomPrice:   original.CustomPrice,
+		Notes:         original.Notes,
+		IsTemplate:    false, // Clone is never a template
+		ServerCount:   original.ServerCount,
 	}

 	if err := s.configRepo.Create(clone); err != nil {
@@ -188,7 +188,7 @@ func (s *ConfigurationService) Clone(configUUID string, userID uint, newName str
 	return clone, nil
 }

-func (s *ConfigurationService) ListByUser(userID uint, page, perPage int) ([]models.Configuration, int64, error) {
+func (s *ConfigurationService) ListByUser(ownerUsername string, page, perPage int) ([]models.Configuration, int64, error) {
 	if page < 1 {
 		page = 1
 	}
@@ -197,7 +197,7 @@ func (s *ConfigurationService) ListByUser(userID uint, page, perPage int) ([]mod
 	}
 	offset := (page - 1) * perPage

-	return s.configRepo.ListByUser(userID, offset, perPage)
+	return s.configRepo.ListByUser(ownerUsername, offset, perPage)
 }

 // ListAll returns all configurations without user filter (for use when auth is disabled)
@@ -274,7 +274,7 @@ func (s *ConfigurationService) RenameNoAuth(uuid string, newName string) (*model
 }

 // CloneNoAuth clones configuration without ownership check
-func (s *ConfigurationService) CloneNoAuth(configUUID string, newName string, userID uint) (*models.Configuration, error) {
+func (s *ConfigurationService) CloneNoAuth(configUUID string, newName string, ownerUsername string) (*models.Configuration, error) {
 	original, err := s.configRepo.GetByUUID(configUUID)
 	if err != nil {
 		return nil, ErrConfigNotFound
@@ -286,15 +286,15 @@ func (s *ConfigurationService) CloneNoAuth(configUUID string, newName string, us
 	}

 	clone := &models.Configuration{
-		UUID:        uuid.New().String(),
-		UserID:      userID, // Use provided user ID
-		Name:        newName,
-		Items:       original.Items,
-		TotalPrice:  &total,
-		CustomPrice: original.CustomPrice,
-		Notes:       original.Notes,
-		IsTemplate:  false,
-		ServerCount: original.ServerCount,
+		UUID:          uuid.New().String(),
+		OwnerUsername: ownerUsername,
+		Name:          newName,
+		Items:         original.Items,
+		TotalPrice:    &total,
+		CustomPrice:   original.CustomPrice,
+		Notes:         original.Notes,
+		IsTemplate:    false,
+		ServerCount:   original.ServerCount,
 	}

 	if err := s.configRepo.Create(clone); err != nil {
@@ -356,13 +356,13 @@ func (s *ConfigurationService) ListTemplates(page, perPage int) ([]models.Config
 }

 // RefreshPrices updates all component prices in the configuration with current prices
-func (s *ConfigurationService) RefreshPrices(uuid string, userID uint) (*models.Configuration, error) {
+func (s *ConfigurationService) RefreshPrices(uuid string, ownerUsername string) (*models.Configuration, error) {
 	config, err := s.configRepo.GetByUUID(uuid)
 	if err != nil {
 		return nil, ErrConfigNotFound
 	}

-	if config.UserID != userID {
+	if !s.isOwner(config, ownerUsername) {
 		return nil, ErrConfigForbidden
 	}

@@ -407,6 +407,19 @@ func (s *ConfigurationService) RefreshPrices(uuid string, userID uint) (*models.
 	return config, nil
 }

+func (s *ConfigurationService) isOwner(config *models.Configuration, ownerUsername string) bool {
+	if config == nil || ownerUsername == "" {
+		return false
+	}
+	if config.OwnerUsername != "" {
+		return config.OwnerUsername == ownerUsername
+	}
+	if config.User != nil {
+		return config.User.Username == ownerUsername
+	}
+	return false
+}
+
 // // Export configuration as JSON
 // type ConfigExport struct {
 // 	Name  string             `json:"name"`