feat: add API getallorders and getorder by id

This commit is contained in:
2026-06-23 14:09:32 +03:00
parent 93a08c7d13
commit 1d226d9aaf
3 changed files with 28 additions and 1 deletions
+26
View File
@@ -95,3 +95,29 @@ func GetUserOrders(c *gin.Context) {
c.JSON(http.StatusOK, orders)
}
func GetOrder(c *gin.Context) {
userID := getUserID(c)
orderID := c.Param("id")
var order models.Order
if err := database.DB.Preload("Items.Item").Where("id = ? AND user_id = ? ", orderID, userID).First(&order).Error; err != nil {
c.JSON(http.StatusNotFound, gin.H{"error": "Заказ не найден"})
return
}
c.JSON(http.StatusOK, order)
}
func GetAllOrders(c *gin.Context) {
var orders models.Order
if err := database.DB.Preload("Items.Item").Find(&orders).Error; err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Не удалось вывести заказы"})
return
}
c.JSON(http.StatusOK, orders)
}
+2
View File
@@ -54,12 +54,14 @@ func main() {
protected.DELETE("/cart/:id", handlers.RemoveFromCart)
protected.POST("/orders/", handlers.CreateOrder)
protected.GET("/orders", handlers.GetUserOrders)
protected.GET("/orders/:id", handlers.GetOrder)
}
admin := protected.Group("/")
admin.Use(middleware.AdminOnly())
{
admin.POST("/register", handlers.Register)
admin.GET("/admin/orders", handlers.GetAllOrders)
}
}
-1
View File
@@ -52,7 +52,6 @@ func AuthRequired() gin.HandlerFunc {
func AdminOnly() gin.HandlerFunc {
return func(c *gin.Context) {
role, exists := c.Get("role")
if !exists || role != "Админ" {
c.JSON(http.StatusForbidden, gin.H{"error": "Доступ ограничен"})
c.Abort()