From 2a74aa1b8ea25e672be7a107489a17fb1fcea511 Mon Sep 17 00:00:00 2001
From: Hoang <lequanghoang99@outlook.com>
Date: Wed, 10 Nov 2021 16:53:31 +0700
Subject: [PATCH] add isPermissionMethod

---
 action.go      |  9 +++++++--
 user/db.go     | 15 +++++++++++++++
 user/handle.go | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 73 insertions(+), 2 deletions(-)

diff --git a/action.go b/action.go
index 122ba1d..ca773c8 100644
--- a/action.go
+++ b/action.go
@@ -33,8 +33,8 @@ func (s Service) ChangeUserStatus(userID, newStatus string) error {
 	return user.ChangeUserStatus(userID, newStatus)
 }
 
-// GetAllUser ...
-func (s Service) GetAllUser(query model.UserAllQuery) model.UserAll {
+// GetAllUsers ...
+func (s Service) GetAllUsers(query model.UserAllQuery) model.UserAll {
 	return user.All(query)
 }
 
@@ -48,6 +48,11 @@ func (s Service) LoginWithEmailAndPassword(email, password string) (model.User,
 	return user.LoginWithEmailAndPassword(email, password)
 }
 
+// IsPermission ...
+func (s Service) IsPermission(userID, permission string) bool {
+	return user.IsPermission(userID, permission)
+}
+
 //
 // Role
 //
diff --git a/user/db.go b/user/db.go
index d6f9aa4..1c2fccb 100644
--- a/user/db.go
+++ b/user/db.go
@@ -66,6 +66,21 @@ func roleFindByID(ctx context.Context, id primitive.ObjectID) (model.DBRole, err
 	return doc, err
 }
 
+// permissionCountByCondition ...
+func permissionCountByCondition(ctx context.Context, cond interface{}) int64 {
+	var (
+		col = database.GetPermissionCol()
+	)
+	total, err := col.CountDocuments(ctx, cond)
+	if err != nil {
+		logger.Error("usermngmt - Permission - CountDocuments", logger.LogData{
+			"err":  err.Error(),
+			"cond": cond,
+		})
+	}
+	return total
+}
+
 func create(ctx context.Context, doc model.DBUser) error {
 	var (
 		col = database.GetUserCol()
diff --git a/user/handle.go b/user/handle.go
index fc5831c..503689d 100644
--- a/user/handle.go
+++ b/user/handle.go
@@ -319,3 +319,54 @@ func LoginWithEmailAndPassword(email, password string) (result model.User, err e
 	result = getResponse(ctx, user)
 	return
 }
+
+// IsPermission ...
+func IsPermission(userID, permission string) (result bool) {
+	var (
+		ctx = context.Background()
+	)
+
+	// Validate userID, permission
+	if userID == "" || permission == "" {
+		logger.Error("usermngmt - IsPermission: email or password cannot be empty", logger.LogData{
+			"userID":     userID,
+			"permission": permission,
+		})
+		return
+	}
+	id, isValid := mongodb.NewIDFromString(userID)
+	if !isValid {
+		logger.Error("usermngmt - IsPermission: invalid user id", logger.LogData{
+			"userID":     userID,
+			"permission": permission,
+		})
+		return
+	}
+
+	// Find user
+	user, _ := findByID(ctx, id)
+	if user.ID.IsZero() {
+		logger.Error("usermngmt - IsPermission: user not found", logger.LogData{
+			"userID":     userID,
+			"permission": permission,
+		})
+		return
+	}
+
+	// Check isAdmin
+	if role, _ := roleFindByID(ctx, user.RoleID); role.IsAdmin {
+		result = true
+		return
+	}
+
+	// Check permission
+	if total := permissionCountByCondition(ctx, bson.M{
+		"roleId": user.RoleID,
+		"code":   permission,
+	}); total > 0 {
+		result = true
+		return
+	}
+
+	return
+}