feat: restrict permission roles
This commit is contained in:
+3
-3
@@ -80,7 +80,7 @@ func SetupAPIRoutes(r *gin.RouterGroup) {
|
||||
|
||||
usersRoutes := r.Group("/users")
|
||||
{
|
||||
usersRoutes.GET("/assignable", middleware.JWTAuthMiddleware(), middleware.TechnicianMiddleware(), usersController.FindAssignable)
|
||||
usersRoutes.GET("/assignable", middleware.JWTAuthMiddleware(), middleware.AdminMiddleware(), usersController.FindAssignable)
|
||||
}
|
||||
|
||||
// 售后工单路由
|
||||
@@ -93,7 +93,7 @@ func SetupAPIRoutes(r *gin.RouterGroup) {
|
||||
aftersalesRoutes.POST("/:serialNumber/confirm", aftersalesController.CustomerConfirm)
|
||||
|
||||
// 技术员 + 管理员
|
||||
aftersalesRoutes.POST("", middleware.JWTAuthMiddleware(), middleware.TechnicianMiddleware(), aftersalesController.Create)
|
||||
aftersalesRoutes.POST("", middleware.JWTAuthMiddleware(), middleware.AdminMiddleware(), aftersalesController.Create)
|
||||
aftersalesRoutes.GET("", middleware.JWTAuthMiddleware(), middleware.TechnicianMiddleware(), aftersalesController.FindAll)
|
||||
aftersalesRoutes.GET("/:serialNumber", middleware.JWTAuthMiddleware(), middleware.TechnicianMiddleware(), aftersalesController.FindOne)
|
||||
aftersalesRoutes.PATCH("/:serialNumber", middleware.JWTAuthMiddleware(), middleware.TechnicianMiddleware(), aftersalesController.Update)
|
||||
@@ -116,7 +116,7 @@ func SetupAPIRoutes(r *gin.RouterGroup) {
|
||||
projectOrdersRoutes.POST("/:serialNumber/complete", projectOrdersController.EngineerComplete)
|
||||
|
||||
// 技术员 + 管理员
|
||||
projectOrdersRoutes.POST("", middleware.JWTAuthMiddleware(), middleware.TechnicianMiddleware(), projectOrdersController.Create)
|
||||
projectOrdersRoutes.POST("", middleware.JWTAuthMiddleware(), middleware.AdminMiddleware(), projectOrdersController.Create)
|
||||
projectOrdersRoutes.GET("", middleware.JWTAuthMiddleware(), middleware.TechnicianMiddleware(), projectOrdersController.FindAll)
|
||||
projectOrdersRoutes.GET("/:serialNumber", middleware.JWTAuthMiddleware(), middleware.TechnicianMiddleware(), projectOrdersController.FindOne)
|
||||
projectOrdersRoutes.PATCH("/:serialNumber", middleware.JWTAuthMiddleware(), middleware.TechnicianMiddleware(), projectOrdersController.Update)
|
||||
|
||||
Reference in New Issue
Block a user