feat: add API getallorders and getorder by id
This commit is contained in:
@@ -95,3 +95,29 @@ func GetUserOrders(c *gin.Context) {
|
||||
|
||||
c.JSON(http.StatusOK, orders)
|
||||
}
|
||||
|
||||
func GetOrder(c *gin.Context) {
|
||||
userID := getUserID(c)
|
||||
|
||||
orderID := c.Param("id")
|
||||
|
||||
var order models.Order
|
||||
|
||||
if err := database.DB.Preload("Items.Item").Where("id = ? AND user_id = ? ", orderID, userID).First(&order).Error; err != nil {
|
||||
c.JSON(http.StatusNotFound, gin.H{"error": "Заказ не найден"})
|
||||
return
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, order)
|
||||
}
|
||||
|
||||
func GetAllOrders(c *gin.Context) {
|
||||
var orders models.Order
|
||||
|
||||
if err := database.DB.Preload("Items.Item").Find(&orders).Error; err != nil {
|
||||
c.JSON(http.StatusInternalServerError, gin.H{"error": "Не удалось вывести заказы"})
|
||||
return
|
||||
}
|
||||
|
||||
c.JSON(http.StatusOK, orders)
|
||||
}
|
||||
|
||||
@@ -54,12 +54,14 @@ func main() {
|
||||
protected.DELETE("/cart/:id", handlers.RemoveFromCart)
|
||||
protected.POST("/orders/", handlers.CreateOrder)
|
||||
protected.GET("/orders", handlers.GetUserOrders)
|
||||
protected.GET("/orders/:id", handlers.GetOrder)
|
||||
}
|
||||
|
||||
admin := protected.Group("/")
|
||||
admin.Use(middleware.AdminOnly())
|
||||
{
|
||||
admin.POST("/register", handlers.Register)
|
||||
admin.GET("/admin/orders", handlers.GetAllOrders)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -52,7 +52,6 @@ func AuthRequired() gin.HandlerFunc {
|
||||
func AdminOnly() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
role, exists := c.Get("role")
|
||||
|
||||
if !exists || role != "Админ" {
|
||||
c.JSON(http.StatusForbidden, gin.H{"error": "Доступ ограничен"})
|
||||
c.Abort()
|
||||
|
||||
Reference in New Issue
Block a user