diff options
| author | Vidhu Kant Sharma <vidhukant@vidhukant.com> | 2025-10-11 20:55:48 +0530 |
|---|---|---|
| committer | Vidhu Kant Sharma <vidhukant@vidhukant.com> | 2025-10-11 20:55:48 +0530 |
| commit | bc154857fb5569d7c1fa9785cc891cb927a6a156 (patch) | |
| tree | 590c9f6a00a1b97b2ee45cfa5a767558089affe0 /invoice/controller.go | |
| parent | 8a47978ca17d2f251d67d12b0e34fa26bb1e4ace (diff) | |
removed per-user itemsv0.17.0
Diffstat (limited to 'invoice/controller.go')
| -rw-r--r-- | invoice/controller.go | 229 |
1 files changed, 22 insertions, 207 deletions
diff --git a/invoice/controller.go b/invoice/controller.go index ad6df3e..b03ec22 100644 --- a/invoice/controller.go +++ b/invoice/controller.go @@ -32,17 +32,7 @@ func handleGetSingleInvoice (ctx *gin.Context) { return } - uId, ok := ctx.Get("UserID") - if !ok { - ctx.Error(e.ErrUnauthorized) - ctx.Abort() - return - } - - userId := uId.(uint) - var invoice Invoice - err = getInvoice(&invoice, uint(id)) if err != nil { ctx.Error(err) @@ -50,85 +40,36 @@ func handleGetSingleInvoice (ctx *gin.Context) { return } - if invoice.UserID != userId { - ctx.Error(e.ErrForbidden) - ctx.Abort() - return - } - ctx.JSON(http.StatusOK, gin.H{ - "message": "success", "data": invoice, }) } -func handleGetInvoices (ctx *gin.Context) { - var invoices []Invoice - - uId, ok := ctx.Get("UserID") - if !ok { - ctx.Error(e.ErrUnauthorized) - ctx.Abort() - return - } - - userId := uId.(uint) - - err := getInvoices(&invoices, userId, false) - if err != nil { - ctx.Error(err) - ctx.Abort() - return - } - - ctx.JSON(http.StatusOK, gin.H{ - "message": "success", - "data": invoices, - }) -} - -func handleGetDrafts (ctx *gin.Context) { - var invoices []Invoice - - uId, ok := ctx.Get("UserID") - if !ok { - ctx.Error(e.ErrUnauthorized) - ctx.Abort() - return - } +func handleGetInvoices(getDrafts bool) func(*gin.Context) { + return func(ctx *gin.Context) { + var invoices []Invoice - userId := uId.(uint) + err := getInvoices(&invoices, getDrafts) + if err != nil { + ctx.Error(err) + ctx.Abort() + return + } - err := getInvoices(&invoices, userId, true) - if err != nil { - ctx.Error(err) - ctx.Abort() - return + ctx.JSON(http.StatusOK, gin.H{ + "data": invoices, + }) } - - ctx.JSON(http.StatusOK, gin.H{ - "message": "success", - "data": invoices, - }) } func handleSaveInvoice (ctx *gin.Context) { var invoice Invoice ctx.Bind(&invoice) - uId, ok := ctx.Get("UserID") - if !ok { - ctx.Error(e.ErrUnauthorized) - ctx.Abort() - return - } - - userId := uId.(uint) - invoice.UserID = userId - // if invoice number is 0, generate one! + // (maybe the client didn't give us one) if invoice.InvoiceNumber == 0 { - n, err := getNewInvoiceNumber(invoice.UserID) + n, err := getNewInvoiceNumber() if err != nil { ctx.Error(err) @@ -147,12 +88,12 @@ func handleSaveInvoice (ctx *gin.Context) { } ctx.JSON(http.StatusOK, gin.H{ - "message": "success", "data": invoice, }) } func handleDelInvoice (ctx *gin.Context) { + // TODO: only drafts can be deleted, non-drafts should be "cancelled" id, err := strconv.ParseUint(ctx.Param("id"), 10, 64) if err != nil { ctx.Error(e.ErrInvalidID) @@ -163,23 +104,6 @@ func handleDelInvoice (ctx *gin.Context) { var invoice Invoice invoice.ID = uint(id) - uId, ok := ctx.Get("UserID") - if !ok { - ctx.Error(e.ErrUnauthorized) - ctx.Abort() - return - } - - userId := uId.(uint) - invoice.UserID = userId - - err = checkInvoiceOwnership(invoice.ID, invoice.UserID) - if err != nil { - ctx.Error(err) - ctx.Abort() - return - } - err = invoice.del() if err != nil { ctx.Error(err) @@ -187,9 +111,7 @@ func handleDelInvoice (ctx *gin.Context) { return } - ctx.JSON(http.StatusOK, gin.H{ - "message": "success", - }) + ctx.JSON(http.StatusOK, nil) } // get items belonging to a certain invoice @@ -201,22 +123,6 @@ func handleGetInvoiceItems (ctx *gin.Context) { return } - uId, ok := ctx.Get("UserID") - if !ok { - ctx.Error(e.ErrUnauthorized) - ctx.Abort() - return - } - - userId := uId.(uint) - - err = checkInvoiceOwnership(uint(id), userId) - if err != nil { - ctx.Error(err) - ctx.Abort() - return - } - var items []InvoiceItem err = getInvoiceItems(&items, uint(id)) if err != nil { @@ -226,12 +132,12 @@ func handleGetInvoiceItems (ctx *gin.Context) { } ctx.JSON(http.StatusOK, gin.H{ - "message": "success", "data": items, }) } func addItem (ctx *gin.Context) { + // TODO: only drafts can be edited id, err := strconv.ParseUint(ctx.Param("id"), 10, 64) if err != nil { ctx.Error(e.ErrInvalidID) @@ -239,27 +145,11 @@ func addItem (ctx *gin.Context) { return } - uId, ok := ctx.Get("UserID") - if !ok { - ctx.Error(e.ErrUnauthorized) - ctx.Abort() - return - } - - userId := uId.(uint) - var item InvoiceItem ctx.Bind(&item) item.InvoiceID = uint(id) - err = checkInvoiceOwnership(item.InvoiceID, userId) - if err != nil { - ctx.Error(err) - ctx.Abort() - return - } - err = item.upsert() if err != nil { ctx.Error(err) @@ -267,13 +157,11 @@ func addItem (ctx *gin.Context) { return } - ctx.JSON(http.StatusOK, gin.H{ - "message": "success", - "data": item, - }) + ctx.JSON(http.StatusOK, nil) } func removeItem (ctx *gin.Context) { + // TODO: only drafts can be edited id, err := strconv.ParseUint(ctx.Param("id"), 10, 64) if err != nil { ctx.Error(e.ErrInvalidID) @@ -281,27 +169,9 @@ func removeItem (ctx *gin.Context) { return } - uId, ok := ctx.Get("UserID") - if !ok { - ctx.Error(e.ErrUnauthorized) - ctx.Abort() - return - } - - userId := uId.(uint) - var item InvoiceItem item.ID = uint(id) - invoiceId, err := getItemInvoice(item.ID, userId) - if err != nil { - ctx.Error(err) - ctx.Abort() - return - } - - item.InvoiceID = invoiceId - err = item.del() if err != nil { ctx.Error(err) @@ -309,10 +179,7 @@ func removeItem (ctx *gin.Context) { return } - ctx.JSON(http.StatusOK, gin.H{ - "message": "success", - "data": item, - }) + ctx.JSON(http.StatusOK, nil) } // get custom fields belonging to a certain invoice @@ -324,22 +191,6 @@ func handleGetInvoiceCustomFields (ctx *gin.Context) { return } - uId, ok := ctx.Get("UserID") - if !ok { - ctx.Error(e.ErrUnauthorized) - ctx.Abort() - return - } - - userId := uId.(uint) - - err = checkInvoiceOwnership(uint(id), userId) - if err != nil { - ctx.Error(err) - ctx.Abort() - return - } - var cf []CustomField err = getInvoiceCustomFields(&cf, uint(id)) if err != nil { @@ -349,12 +200,12 @@ func handleGetInvoiceCustomFields (ctx *gin.Context) { } ctx.JSON(http.StatusOK, gin.H{ - "message": "success", "data": cf, }) } func addCustomField (ctx *gin.Context) { + // TODO: only drafts can be edited id, err := strconv.ParseUint(ctx.Param("id"), 10, 64) if err != nil { ctx.Error(e.ErrInvalidID) @@ -362,27 +213,10 @@ func addCustomField (ctx *gin.Context) { return } - uId, ok := ctx.Get("UserID") - if !ok { - ctx.Error(e.ErrUnauthorized) - ctx.Abort() - return - } - - userId := uId.(uint) - var cf CustomField ctx.Bind(&cf) - cf.InvoiceID = uint(id) - err = checkInvoiceOwnership(cf.InvoiceID, userId) - if err != nil { - ctx.Error(err) - ctx.Abort() - return - } - err = cf.upsert() if err != nil { ctx.Error(err) @@ -391,12 +225,12 @@ func addCustomField (ctx *gin.Context) { } ctx.JSON(http.StatusOK, gin.H{ - "message": "success", "data": cf, }) } func removeCustomField (ctx *gin.Context) { + // TODO: only drafts can be edited id, err := strconv.ParseUint(ctx.Param("id"), 10, 64) if err != nil { ctx.Error(e.ErrInvalidID) @@ -404,27 +238,9 @@ func removeCustomField (ctx *gin.Context) { return } - uId, ok := ctx.Get("UserID") - if !ok { - ctx.Error(e.ErrUnauthorized) - ctx.Abort() - return - } - - userId := uId.(uint) - var cf CustomField cf.ID = uint(id) - invoiceId, err := getCustomFieldInvoice(cf.ID, userId) - if err != nil { - ctx.Error(err) - ctx.Abort() - return - } - - cf.InvoiceID = invoiceId - err = cf.del() if err != nil { ctx.Error(err) @@ -433,7 +249,6 @@ func removeCustomField (ctx *gin.Context) { } ctx.JSON(http.StatusOK, gin.H{ - "message": "success", "data": cf, }) } |