jean/time-tracker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: jean/time-tracker:8785b86bfc1723d49571c5d4fadb01cbb8da708d
Branches Tags
jean/time-tracker:main jean/time-tracker:ja/feat/init jean/time-tracker:docu
...
compare: jean/time-tracker:main
Branches Tags
jean/time-tracker:main jean/time-tracker:ja/feat/init jean/time-tracker:docu

32 Commits
8785b86bfc ... main

Author SHA1 Message Date
jean 4b47da3673 refactor: improve handling of optional CustomerID in project models and DTOs
Gitea Actions Demo / Explore-Gitea-Actions (push) Has been cancelled
Details
2025-04-01 15:48:43 +00:00
jean a9c7598862 refactor: restructure database initialization and migration logic, moving to models package 2025-03-31 19:21:49 +00:00
jean bcc3aadb85 refactor: move JWTConfig to config package and update database initialization methods 2025-03-31 19:11:38 +00:00
jean fcdeedf7e9 wip 2025-03-31 19:07:30 +00:00
jean 21c9233058 test
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 44s
Details
2025-03-13 11:26:53 +00:00
jean b9c900578d refactor: remove repeating code etc 2025-03-12 13:52:34 +00:00
jean 294047a2b0 feat: Refactor activity and project handlers to use utility functions for ID parsing and response handling 2025-03-12 11:38:24 +00:00
jean 1198b326c1 refactor: moved and removed unused code 2025-03-12 11:09:00 +00:00
jean b47c29cf5a feat: Introduce Undefined function for Nullable type and refactor DTOs to use Nullable directly 2025-03-12 11:03:48 +00:00
jean 4170eb5fbd feat: Refactor DTOs to use types.ULID and update companyId fields to be optional 2025-03-12 09:32:29 +00:00
jean 233f3cdb5c feat: Introduce Nullable type for optional fields and update user DTOs accordingly 2025-03-12 08:56:44 +00:00
jean da115dc3f6 feat: Enhance user update handling and introduce NullString type for optional fields 2025-03-12 07:54:00 +00:00
jean 0379ea4ae4 feat: Add TypeScript type generation and update DTOs to use string for IDs 2025-03-12 06:38:41 +00:00
jean 016078c1c3 feat: Add example values to DTOs for improved API documentation 2025-03-12 06:29:10 +00:00
jean c3162756ad feat: Update .env file to comment out JWT configuration and add .gitignore for keys directory 2025-03-11 23:56:35 +00:00
jean 2e13d775fa feat: Implement RSA key generation and initialization for JWT authentication 2025-03-11 23:54:29 +00:00
jean b545392f27 feat: Add JWT configuration to environment and refactor JWT middleware to use new config structure 2025-03-11 23:37:15 +00:00
jean 9057adebdd feat: Update database models and DTOs to use bytea for ULIDWrapper and add JWT configuration to environment 2025-03-11 23:11:49 +00:00
jean c08da6fc92 feat: Add API key middleware and update configuration to support API key validation 2025-03-11 17:20:39 +00:00
jean 165432208c feat: Update JWT token generation to set cookie and modify authentication middleware to use cookie 2025-03-11 17:14:55 +00:00
jean 728258caa7 feat: Update project rules to enhance clarity and efficiency in development practices 2025-03-11 16:46:07 +00:00
jean e336ff3ba2 feat: Update models to use ULIDWrapper for ID handling and adjust related database operations 2025-03-11 16:37:05 +00:00
jean 2555143c0e feat: Load database configuration from a centralized config package and add pgAdmin service to Docker Compose 2025-03-11 15:11:20 +00:00
jean ec250570a6 feat: Refactor database configuration loading and seeding logic for improved clarity and maintainability 2025-03-11 12:35:04 +00:00
jean a0b0b98624 feat: Remove outdated Swagger documentation files and update database configuration handling 2025-03-11 11:21:15 +00:00
jean 09584efa39 feat: Add project rules and guidelines for architecture, coding practices, security, documentation, testing, frontend, devops, and development workflow 2025-03-11 10:36:34 +00:00
jean 78be762430 feat: Add database migration, seeding, and testing commands with Makefile integration 2025-03-11 09:10:35 +00:00
jean baf656c093 feat: Refactor API routes to separate public and protected endpoints for better organization 2025-03-10 22:54:54 +00:00
jean 460235b832 feat: Add user registration endpoint with JWT token generation and update API documentation 2025-03-10 22:44:16 +00:00
jean 9f8eab0fac feat: Update API routes and enhance Swagger documentation for activity handler 2025-03-10 22:40:10 +00:00
jean 4b98c1a9e5 feat: Add Swagger documentation for Time Tracker API with hello endpoint 2025-03-10 22:27:36 +00:00
jean dde2017ad1 feat: Add Docker Compose configuration for PostgreSQL and update database credentials in main.go 2025-03-10 22:25:03 +00:00
83 changed files with 16965 additions and 1891 deletions
Expand all files Collapse all files
.clinerules
+48
View File
@@ -0,0 +1,48 @@
# TimeTracker Project Rules (v2)
0. GENERAL
DONT OVERENGINEER.
USE IN LINE REPLACEMENTS IF POSSIBLE.
SOLVE TASKS AS FAST AS POSSIBLE. EACH REQUEST COSTS THE USER MONEY.
1. ARCHITECTURE
- Multi-tenancy enforced via company_id in all DB queries
2. CODING PRACTICES
- Type safety enforced (Go 1.21+ generics, TypeScript strict mode)
- Domain types must match across backend (Go) and frontend (TypeScript)
- All database access through repository interfaces
- API handlers must use DTOs for input/output
- Use tygo to generate TypeScript types after modifying Go types
3. SECURITY
- JWT authentication required for all API endpoints
- RBAC implemented in middleware/auth.go
- Input validation using github.com/go-playground/validator
- No raw SQL - use GORM query builder
4. DOCUMENTATION
- Architecture decisions recorded in docu/ARCHITECTURE.md
- Type relationships documented in docu/domain_types.md
5. TESTING
- 80%+ test coverage for domain logic
- Integration tests for API endpoints
- Model tests in backend/cmd/modeltest
6. FRONTEND
- Next.js App Router pattern required
8. DEVELOPMENT WORKFLOW
- Makefile commands are only available in the backend folder
- Common make commands:
- make generate: Run code generation (tygo, swagger, etc.)
- make test: Run all tests
- make build: Build the application
- make run: Start the development server
9. CUSTOM RULES
- Add custom rules to .clinerules if:
- Unexpected behavior is encountered
- Specific conditions require warnings
- New patterns emerge that need documentation
- DO NOT FIX UNUSED IMPORTS - this is the job of the linter
10.Implement a REST API update handling in Go using Gin that ensures the following behavior:
- The update request is received as JSON.
- If a field is present in the JSON and set to null, the corresponding value in the database should be removed.
- If a field is missing in the JSON, it should not be modified.
- If a field is present in the JSON and not null, it should be updated.
- Use either a struct or a map to handle the JSON data.
- Ensure the update logic is robust and does not unintentionally remove or overwrite fields.
- Optional: Handle error cases like invalid JSON and return appropriate HTTP status codes.
.gitea/workflows/demo.yaml
+19
View File
@@ -0,0 +1,19 @@
name: Gitea Actions Demo
run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀
on: [push]
jobs:
Explore-Gitea-Actions:
runs-on: ubuntu-latest
steps:
- run: echo "🎉 The job was automatically triggered by a ${{ gitea.event_name }} event."
- run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Gitea!"
- run: echo "🔎 The name of your branch is ${{ gitea.ref }} and your repository is ${{ gitea.repository }}."
- name: Check out repository code
uses: actions/checkout@v4
- run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
- run: echo "🖥️ The workflow is now ready to test your code on the runner."
- name: List files in the repository
run: |
ls ${{ gitea.workspace }}
- run: echo "🍏 This job's status is ${{ job.status }}."
backend/.env
+14
View File
@@ -0,0 +1,14 @@
DB_HOST=localhost
DB_PORT=5432
DB_USER=timetracker
DB_PASSWORD=password
DB_NAME=timetracker
DB_SSLMODE=disable
API_KEY=
# JWT Configuration
#JWT_SECRET=test
#JWT_KEY_DIR=keys
#JWT_KEY_GENERATE=true
JWT_TOKEN_DURATION=24h
ENVIRONMENT=production
backend/.gitignore
+1
View File
@@ -0,0 +1 @@
keys
backend/Makefile
+104
View File
@@ -0,0 +1,104 @@
# Time Tracker Backend Makefile
.PHONY: db-start db-stop db-test model-test run build clean migrate seed swagger help
# Default target
.DEFAULT_GOAL := help
# Variables
BINARY_NAME=timetracker
DB_CONTAINER=timetracker_db
# Help target
help:
@echo "Time Tracker Backend Makefile"
@echo ""
@echo "Usage:"
@echo " make db-start - Start the PostgreSQL database container"
@echo " make db-stop - Stop the PostgreSQL database container"
@echo " make db-test - Test the database connection"
@echo " make model-test - Test the database models"
@echo " make run - Run the application"
@echo " make build - Build the application"
@echo " make clean - Remove build artifacts"
@echo " make migrate - Run database migrations"
@echo " make seed - Seed the database with initial data"
@echo " make db-drop-users - Drop the users table"
@echo " make db-reinit - Re-initialize the database"
@echo " make swagger - Generate swagger documentation"
@echo " make help - Show this help message"
@echo "" make generate-ts - Generate TypeScript types
# Start the database
db-start:
@echo "Starting PostgreSQL database container..."
@cd .. && docker-compose up -d db
@echo "Database container started"
# Stop the database
db-stop:
@echo "Stopping PostgreSQL database container..."
@cd .. && docker-compose stop db
@echo "Database container stopped"
# Test the database connection
db-test:
@echo "Testing database connection..."
@go run cmd/dbtest/main.go
# Test the database models
model-test:
@echo "Testing database models..."
@go run cmd/modeltest/main.go
# Run the application
run:
@echo "Running the application..."
@go run cmd/api/main.go
# Build the application
build:
@echo "Building the application..."
@go build -o $(BINARY_NAME) cmd/api/main.go
@echo "Build complete: $(BINARY_NAME)"
# Clean build artifacts
clean:
@echo "Cleaning build artifacts..."
@rm -f $(BINARY_NAME)
@echo "Clean complete"
# Run database migrations
migrate:
@echo "Running database migrations..."
@go run -mod=mod cmd/migrate/main.go
@echo "Migrations complete"
# Seed the database with initial data
seed:
@echo "Seeding the database..."
@go run -mod=mod cmd/seed/main.go
@echo "Seeding complete"
# Drop the users table
db-drop-users:
@echo "Dropping the users table..."
@export PG_HOST=$(DB_HOST); export PG_PORT=$(DB_PORT); export PG_USER=$(DB_USER); export PG_PASSWORD=$(DB_PASSWORD); export PG_DBNAME=$(DB_NAME); go run cmd/dbtest/main.go -drop_table=users
@echo "Users table dropped"
# Re-initialize the database
db-reinit:
@echo "Re-initializing the database..."
@PG_HOST=$(DB_HOST) PG_PORT=$(DB_PORT) PG_USER=$(DB_USER) PG_PASSWORD=$(DB_PASSWORD) PG_DBNAME=$(DB_NAME) go run cmd/migrate/main.go -create_db -drop_db
# Generate swagger documentation
swagger:
@echo "Generating swagger documentation..."
@swag init -g cmd/api/main.go
@echo "Swagger documentation generated"
# Generate TypeScript types
generate-ts:
@echo "Generating TypeScript types..."
@go run scripts/fix_tygo.go
@echo "TypeScript types generated"
backend/README.md
+147
View File
@@ -0,0 +1,147 @@
# Time Tracker Backend
This is the backend service for the Time Tracker application, built with Go, Gin, and GORM.
## Database Setup
The application uses PostgreSQL as its database. The database connection is configured using GORM, a popular Go ORM library.
### Configuration
Database configuration is handled through the `models.DatabaseConfig` struct in `internal/models/db.go`. The application uses sensible defaults that can be overridden with environment variables:
- `DB_HOST`: Database host (default: "localhost")
- `DB_PORT`: Database port (default: 5432)
- `DB_USER`: Database user (default: "timetracker")
- `DB_PASSWORD`: Database password (default: "password")
- `DB_NAME`: Database name (default: "timetracker")
- `DB_SSLMODE`: SSL mode (default: "disable")
### Running with Docker
The easiest way to run the database is using Docker Compose:
```bash
# Start the database
docker-compose up -d db
# Check if the database is running
docker-compose ps
```
### Database Migrations
The application automatically migrates the database schema on startup using GORM's AutoMigrate feature. This creates all necessary tables based on the model definitions.
### Initial Data Seeding
The application seeds the database with initial data if it's empty. This includes:
- A default company
- An admin user with email "admin@example.com" and password "Admin@123456"
## Running the Application
### Using Make Commands
The project includes a Makefile with common commands:
```bash
# Start the database
make db-start
# Test the database connection
make db-test
# Run database migrations
make migrate
# Seed the database with initial data
make seed
# Test the database models
make model-test
# Run the application
make run
# Build the application
make build
# Show all available commands
make help
```
### Manual Commands
If you prefer not to use Make, you can run the commands directly:
```bash
# Start the database
cd /path/to/timetracker
docker-compose up -d db
# Test the database connection
cd backend
go run cmd/dbtest/main.go
# Run database migrations
cd backend
go run cmd/migrate/main.go
# Seed the database with initial data
cd backend
go run cmd/seed/main.go
# Run the backend application
cd backend
go run cmd/api/main.go
```
The API will be available at http://localhost:8080/api and the Swagger documentation at http://localhost:8080/swagger/index.html.
### Environment Variables
You can configure the database connection using environment variables:
```bash
# Example: Connect to a different database
DB_HOST=my-postgres-server DB_PORT=5432 DB_USER=myuser DB_PASSWORD=mypassword DB_NAME=mydb go run cmd/api/main.go
```
## Database Models
The application uses the following models:
- `User`: Represents a user in the system
- `Company`: Represents a company
- `Customer`: Represents a customer
- `Project`: Represents a project
- `Activity`: Represents an activity
- `TimeEntry`: Represents a time entry
Each model has corresponding CRUD operations and relationships defined in the `internal/models` directory.
## GORM Best Practices
The application follows these GORM best practices:
1. **Connection Pooling**: Configured with sensible defaults for maximum idle connections, maximum open connections, and connection lifetime.
2. **Migrations**: Uses GORM's AutoMigrate to automatically create and update database tables.
3. **Transactions**: Uses transactions for operations that require multiple database changes to ensure data consistency.
4. **Soft Deletes**: Uses GORM's soft delete feature to mark records as deleted without actually removing them from the database.
5. **Relationships**: Properly defines relationships between models using GORM's relationship features.
6. **Error Handling**: Properly handles database errors and returns appropriate error messages.
7. **Context Support**: Uses context for database operations to support timeouts and cancellation.
8. **Logging**: Configures GORM's logger for appropriate logging based on the environment.
9. **Graceful Shutdown**: Properly closes database connections when the application shuts down.
10. **Validation**: Implements validation for model fields before saving to the database.
backend/cmd/api/main.go
+58 -17
View File
@@ -1,18 +1,24 @@
package main
import (
"context"
"fmt"
"log"
"net/http"
"os"
"os/signal"
"syscall"
"time"
"github.com/gin-gonic/gin"
swaggerFiles "github.com/swaggo/files"
ginSwagger "github.com/swaggo/gin-swagger"
_ "github.com/timetracker/backend/docs" // This line is important for swag to work
_ "github.com/timetracker/backend/docs"
"github.com/timetracker/backend/internal/api/middleware"
"github.com/timetracker/backend/internal/api/routes"
"github.com/timetracker/backend/internal/config"
"github.com/timetracker/backend/internal/models"
_ "gorm.io/driver/postgres"
// GORM IMPORTS MARKER
)
// @title Time Tracker API
@@ -24,8 +30,6 @@ import (
// @in header
// @name Authorization
// @x-extension ulid.ULID string
// @Summary Say hello
// @Description Get a hello message
// @ID hello
@@ -37,34 +41,71 @@ func helloHandler(c *gin.Context) {
}
func main() {
// Configure database
dbConfig := models.DatabaseConfig{
Host: "localhost",
Port: 5432,
User: "postgres",
Password: "password",
DBName: "mydatabase",
SSLMode: "disable", // For development environment
cfg, err := config.LoadConfig()
if err != nil {
log.Fatalf("Failed to load config: %v", err)
}
// Initialize database
if err := models.InitDB(dbConfig); err != nil {
if err := models.InitDB(cfg.Database); err != nil {
log.Fatalf("Error initializing database: %v", err)
}
defer func() {
if err := models.CloseDB(); err != nil {
log.Printf("Error closing database connection: %v", err)
}
}()
// Migrate database schema
if err := models.MigrateDB(); err != nil {
log.Fatalf("Error migrating database: %v", err)
}
// Initialize JWT keys
if err := middleware.InitJWTKeys(); err != nil {
log.Fatalf("Error initializing JWT keys: %v", err)
}
// Create Gin router
r := gin.Default()
// Basic route for health check
r.GET("/", helloHandler)
r.GET("/api", helloHandler)
// Setup API routes
routes.SetupRouter(r)
routes.SetupRouter(r, cfg)
// Swagger documentation
r.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
// Start server
// Create a server with graceful shutdown
srv := &http.Server{
Addr: ":8080",
Handler: r,
}
// Start server in a goroutine
go func() {
fmt.Println("Server listening on port 8080")
r.Run(":8080")
if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
log.Fatalf("Error starting server: %v", err)
}
}()
// Wait for interrupt signal to gracefully shut down the server
quit := make(chan os.Signal, 1)
signal.Notify(quit, syscall.SIGINT, syscall.SIGTERM)
<-quit
log.Println("Shutting down server...")
// Create a deadline for server shutdown
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
// Shutdown the server
if err := srv.Shutdown(ctx); err != nil {
log.Fatalf("Server forced to shutdown: %v", err)
}
log.Println("Server exited properly")
}
backend/cmd/dbtest/main.go
+102
View File
@@ -0,0 +1,102 @@
package main
import (
"context"
"flag"
"fmt"
"log"
"time"
"github.com/timetracker/backend/internal/config"
"github.com/timetracker/backend/internal/db"
"github.com/timetracker/backend/internal/models"
)
func main() {
dropTable := flag.String("drop_table", "", "Drop the specified table")
flag.Parse()
// Get database configuration with sensible defaults
dbConfig := config.DefaultDatabaseConfig()
// Initialize database
fmt.Println("Connecting to database...")
if err := db.InitDB(dbConfig); err != nil {
log.Fatalf("Error initializing database: %v", err)
}
defer func() {
if err := db.CloseDB(); err != nil {
log.Printf("Error closing database connection: %v", err)
}
}()
fmt.Println("✓ Database connection successful")
// Test a simple query
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
// Get the database engine
db := db.GetEngine(ctx)
// Test database connection with a simple query
var result int
var err error
if *dropTable != "" {
fmt.Printf("Dropping table %s...\n", *dropTable)
dropErr := db.Exec(fmt.Sprintf("DROP TABLE IF EXISTS %s", *dropTable)).Error
if dropErr != nil {
log.Fatalf("Error dropping table %s: %v", *dropTable, dropErr)
}
fmt.Printf("✓ Table %s dropped successfully\n", *dropTable)
return
}
err = db.Raw("SELECT 1").Scan(&result).Error
if err != nil {
log.Fatalf("Error executing test query: %v", err)
}
fmt.Println("✓ Test query executed successfully")
// Check if tables exist
fmt.Println("Checking database tables...")
var tables []string
err = db.Raw("SELECT table_name FROM information_schema.tables WHERE table_schema = 'public'").Scan(&tables).Error
if err != nil {
log.Fatalf("Error checking tables: %v", err)
}
if len(tables) == 0 {
fmt.Println("No tables found. You may need to run migrations.")
fmt.Println("Attempting to run migrations...")
// Run migrations
if err := models.MigrateDB(); err != nil {
log.Fatalf("Error migrating database: %v", err)
}
fmt.Println("✓ Migrations completed successfully")
} else {
fmt.Println("Found tables:")
for _, table := range tables {
fmt.Printf(" - %s\n", table)
}
}
// Count users
var userCount int64
err = db.Model(&models.User{}).Count(&userCount).Error
if err != nil {
log.Fatalf("Error counting users: %v", err)
}
fmt.Printf("✓ User count: %d\n", userCount)
// Count companies
var companyCount int64
err = db.Model(&models.Company{}).Count(&companyCount).Error
if err != nil {
log.Fatalf("Error counting companies: %v", err)
}
fmt.Printf("✓ Company count: %d\n", companyCount)
fmt.Println("\nDatabase test completed successfully!")
}
backend/cmd/migrate/main.go
+110
View File
@@ -0,0 +1,110 @@
package main
import (
"flag"
"fmt"
"log"
"os"
"github.com/timetracker/backend/internal/config"
"github.com/timetracker/backend/internal/db"
"github.com/timetracker/backend/internal/models"
"gorm.io/gorm/logger"
)
func main() {
// Parse command line flags
verbose := false
dropDB := flag.Bool("drop_db", false, "Drop the database before migrating")
createDB := flag.Bool("create_db", false, "Create the database if it doesn't exist")
flag.Parse()
for _, arg := range os.Args[1:] {
if arg == "--verbose" || arg == "-v" {
verbose = true
}
}
if verbose {
fmt.Println("Running in verbose mode")
}
// Get database configuration with sensible defaults
dbConfig := config.DefaultDatabaseConfig()
// Override with environment variables if provided
if host := os.Getenv("DB_HOST"); host != "" {
dbConfig.Host = host
}
if port := os.Getenv("DB_PORT"); port != "" {
var portInt int
if _, err := fmt.Sscanf(port, "%d", &portInt); err == nil && portInt > 0 {
dbConfig.Port = portInt
}
}
if user := os.Getenv("DB_USER"); user != "" {
dbConfig.User = user
}
if password := os.Getenv("DB_PASSWORD"); password != "" {
dbConfig.Password = password
}
if dbName := os.Getenv("DB_NAME"); dbName != "" {
dbConfig.DBName = dbName
}
if sslMode := os.Getenv("DB_SSLMODE"); sslMode != "" {
dbConfig.SSLMode = sslMode
}
// Set log level
dbConfig.LogLevel = logger.Info
// Initialize database
fmt.Println("Connecting to database...")
var err error
gormDB, err := db.GetGormDB(dbConfig, "postgres")
if err != nil {
log.Fatalf("Error getting gorm DB: %v", err)
}
sqlDB, err := gormDB.DB()
if err != nil {
log.Fatalf("Error getting sql DB: %v", err)
}
if *dropDB {
fmt.Printf("Dropping database %s...\n", dbConfig.DBName)
_, err = sqlDB.Exec(fmt.Sprintf("DROP DATABASE IF EXISTS %s", dbConfig.DBName))
if err != nil {
log.Fatalf("Error dropping database %s: %v", dbConfig.DBName, err)
}
fmt.Printf("✓ Database %s dropped successfully\n", dbConfig.DBName)
}
if *createDB {
fmt.Printf("Creating database %s...\n", dbConfig.DBName)
_, err = sqlDB.Exec(fmt.Sprintf("CREATE DATABASE %s", dbConfig.DBName))
if err != nil {
log.Fatalf("Error creating database %s: %v", dbConfig.DBName, err)
}
fmt.Printf("✓ Database %s created successfully\n", dbConfig.DBName)
}
if err = db.InitDB(dbConfig); err != nil {
log.Fatalf("Error initializing database: %v", err)
}
defer func() {
if err := db.CloseDB(); err != nil {
log.Printf("Error closing database connection: %v", err)
}
}()
fmt.Println("✓ Database connection successful")
// Run migrations
fmt.Println("Running database migrations...")
if err = models.MigrateDB(); err != nil {
log.Fatalf("Error migrating database: %v", err)
}
fmt.Println("✓ Database migrations completed successfully")
}
backend/cmd/modeltest/main.go
+210
View File
@@ -0,0 +1,210 @@
package main
import (
"context"
"fmt"
"log"
"time"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/config"
"github.com/timetracker/backend/internal/db"
"github.com/timetracker/backend/internal/models"
"github.com/timetracker/backend/internal/types"
)
func main() {
// Get database configuration with sensible defaults
dbConfig := config.DefaultDatabaseConfig()
// Initialize database
fmt.Println("Connecting to database...")
if err := db.InitDB(dbConfig); err != nil {
log.Fatalf("Error initializing database: %v", err)
}
defer func() {
if err := db.CloseDB(); err != nil {
log.Printf("Error closing database connection: %v", err)
}
}()
fmt.Println("✓ Database connection successful")
// Create context with timeout
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel()
// Test Company model
fmt.Println("\n=== Testing Company Model ===")
testCompanyModel(ctx)
// Test User model
fmt.Println("\n=== Testing User Model ===")
testUserModel(ctx)
// Test relationships
fmt.Println("\n=== Testing Relationships ===")
testRelationships(ctx)
fmt.Println("\nModel tests completed successfully!")
}
func testCompanyModel(ctx context.Context) {
// Create a new company
companyCreate := models.CompanyCreate{
Name: "Test Company",
}
company, err := models.CreateCompany(ctx, companyCreate)
if err != nil {
log.Fatalf("Error creating company: %v", err)
}
fmt.Printf("✓ Created company: %s (ID: %s)\n", company.Name, company.ID)
// Get the company by ID
retrievedCompany, err := models.GetCompanyByID(ctx, company.ID)
if err != nil {
log.Fatalf("Error getting company: %v", err)
}
if retrievedCompany == nil {
log.Fatalf("Company not found")
}
fmt.Printf("✓ Retrieved company: %s\n", retrievedCompany.Name)
// Update the company
newName := "Updated Test Company"
companyUpdate := models.CompanyUpdate{
ID: company.ID,
Name: &newName,
}
updatedCompany, err := models.UpdateCompany(ctx, companyUpdate)
if err != nil {
log.Fatalf("Error updating company: %v", err)
}
fmt.Printf("✓ Updated company name to: %s\n", updatedCompany.Name)
// Get all companies
companies, err := models.GetAllCompanies(ctx)
if err != nil {
log.Fatalf("Error getting all companies: %v", err)
}
fmt.Printf("✓ Retrieved %d companies\n", len(companies))
}
func testUserModel(ctx context.Context) {
// Get a company to associate with the user
companies, err := models.GetAllCompanies(ctx)
if err != nil || len(companies) == 0 {
log.Fatalf("Error getting companies or no companies found: %v", err)
}
companyID := companies[0].ID
// Create a new user
userCreate := models.UserCreate{
Email: "test@example.com",
Password: "Test@123456",
Role: models.RoleUser,
CompanyID: &companyID,
HourlyRate: 50.0,
}
user, err := models.CreateUser(ctx, userCreate)
if err != nil {
log.Fatalf("Error creating user: %v", err)
}
fmt.Printf("✓ Created user: %s (ID: %s)\n", user.Email, user.ID)
// Get the user by ID
retrievedUser, err := models.GetUserByID(ctx, user.ID)
if err != nil {
log.Fatalf("Error getting user: %v", err)
}
if retrievedUser == nil {
log.Fatalf("User not found")
}
fmt.Printf("✓ Retrieved user: %s\n", retrievedUser.Email)
// Get the user by email
emailUser, err := models.GetUserByEmail(ctx, user.Email)
if err != nil {
log.Fatalf("Error getting user by email: %v", err)
}
if emailUser == nil {
log.Fatalf("User not found by email")
}
fmt.Printf("✓ Retrieved user by email: %s\n", emailUser.Email)
// Update the user
newEmail := "updated@example.com"
newRole := models.RoleAdmin
newHourlyRate := 75.0
userUpdate := models.UserUpdate{
ID: user.ID,
Email: &newEmail,
Role: &newRole,
HourlyRate: &newHourlyRate,
}
updatedUser, err := models.UpdateUser(ctx, userUpdate)
if err != nil {
log.Fatalf("Error updating user: %v", err)
}
fmt.Printf("✓ Updated user email to: %s, role to: %s\n", updatedUser.Email, updatedUser.Role)
// Test authentication
authUser, err := models.AuthenticateUser(ctx, updatedUser.Email, "Test@123456")
if err != nil {
log.Fatalf("Error authenticating user: %v", err)
}
if authUser == nil {
log.Fatalf("Authentication failed")
}
fmt.Printf("✓ User authentication successful\n")
// Get all users
users, err := models.GetAllUsers(ctx)
if err != nil {
log.Fatalf("Error getting all users: %v", err)
}
fmt.Printf("✓ Retrieved %d users\n", len(users))
// Get users by company ID
companyUsers, err := models.GetUsersByCompanyID(ctx, companyID)
if err != nil {
log.Fatalf("Error getting users by company ID: %v", err)
}
fmt.Printf("✓ Retrieved %d users for company ID: %s\n", len(companyUsers), companyID)
}
func testRelationships(ctx context.Context) {
// Get a user with company
users, err := models.GetAllUsers(ctx)
if err != nil || len(users) == 0 {
log.Fatalf("Error getting users or no users found: %v", err)
}
userID := users[0].ID
// Get user with company
user, err := models.GetUserWithCompany(ctx, userID)
if err != nil {
log.Fatalf("Error getting user with company: %v", err)
}
if user == nil {
log.Fatalf("User not found")
}
if user.Company == nil {
log.Fatalf("User's company not loaded")
}
fmt.Printf("✓ Retrieved user %s with company %s\n", user.Email, user.Company.Name)
// Test invalid ID
invalidID := ulid.MustNew(ulid.Timestamp(time.Now()), ulid.DefaultEntropy())
invalidUser, err := models.GetUserByID(ctx, types.FromULID(invalidID))
if err != nil {
log.Fatalf("Error getting user with invalid ID: %v", err)
}
if invalidUser != nil {
log.Fatalf("User found with invalid ID")
}
fmt.Printf("✓ Correctly handled invalid user ID\n")
}
backend/cmd/seed/main.go
+93
View File
@@ -0,0 +1,93 @@
package main
import (
"context"
"flag"
"fmt"
"log"
"github.com/timetracker/backend/internal/config"
"github.com/timetracker/backend/internal/db"
"github.com/timetracker/backend/internal/models"
"gorm.io/gorm"
)
func main() {
// Parse CLI flags
_ = flag.String("config", "", "Path to .env config file")
flag.Parse()
// Load configuration
cfg, err := config.LoadConfig()
if err != nil {
log.Fatalf("Failed to load config: %v", err)
}
// Initialize database
if err := db.InitDB(cfg.Database); err != nil {
log.Fatalf("Error initializing database: %v", err)
}
defer func() {
if err := db.CloseDB(); err != nil {
log.Printf("Error closing database connection: %v", err)
}
}()
// Execute seed operation
if err := seedDatabase(context.Background()); err != nil {
log.Fatalf("Error seeding database: %v", err)
}
log.Println("Database seeding completed successfully")
}
// seedDatabase performs the database seeding operation
func seedDatabase(ctx context.Context) error {
// Check if seeding is needed
var count int64
if err := db.GetEngine(ctx).Model(&models.Company{}).Count(&count).Error; err != nil {
return fmt.Errorf("error checking if seeding is needed: %w", err)
}
// If data exists, skip seeding
if count > 0 {
log.Println("Database already contains data, skipping seeding")
return nil
}
log.Println("Seeding database with initial data...")
// Start transaction
return db.GetEngine(ctx).Transaction(func(tx *gorm.DB) error {
// Create default company
defaultCompany := models.Company{
Name: "Default Company",
}
if err := tx.Create(&defaultCompany).Error; err != nil {
return fmt.Errorf("error creating default company: %w", err)
}
// Create admin user
adminUser := models.User{
Email: "admin@example.com",
Role: models.RoleAdmin,
CompanyID: &defaultCompany.ID,
HourlyRate: 100.0,
}
// Hash password
pwData, err := models.HashPassword("Admin@123456")
if err != nil {
return fmt.Errorf("error hashing password: %w", err)
}
adminUser.Salt = pwData.Salt
adminUser.Hash = pwData.Hash
if err := tx.Create(&adminUser).Error; err != nil {
return fmt.Errorf("error creating admin user: %w", err)
}
return nil
})
}
backend/docs/docs.go
+4640 -1
View File
File diff suppressed because it is too large Load Diff
backend/docs/swagger.json
+4640 -1
View File
File diff suppressed because it is too large Load Diff
backend/docs/swagger.yaml
+2595 -1
View File
File diff suppressed because it is too large Load Diff
backend/go.mod
+1
View File
@@ -4,6 +4,7 @@ go 1.23.6
require (
github.com/gin-gonic/gin v1.10.0
github.com/joho/godotenv v1.5.1
github.com/oklog/ulid/v2 v2.1.0
github.com/swaggo/files v1.0.1
github.com/swaggo/gin-swagger v1.6.0
backend/go.sum
+2
View File
@@ -54,6 +54,8 @@ github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD
github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
backend/internal/api/dto/activity_dto.go
+28
View File
@@ -0,0 +1,28 @@
package dto
import (
"time"
)
type ActivityDto struct {
ID string `json:"id" example:"a1b2c3d4e5f6"`
CreatedAt time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
LastEditorID string `json:"lastEditorID" example:"u1v2w3x4y5z6"`
Name string `json:"name" example:"Development"`
BillingRate float64 `json:"billingRate" example:"100.00"`
}
type ActivityCreateDto struct {
Name string `json:"name" example:"Development"`
BillingRate float64 `json:"billingRate" example:"100.00"`
}
type ActivityUpdateDto struct {
ID string `json:"id" example:"a1b2c3d4e5f6"`
CreatedAt *time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt *time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
LastEditorID *string `json:"lastEditorID" example:"u1v2w3x4y5z6"`
Name *string `json:"name" example:"Development"`
BillingRate *float64 `json:"billingRate" example:"100.00"`
}
backend/internal/api/dto/auth_dto.go
+13
View File
@@ -0,0 +1,13 @@
package dto
// LoginDto represents the login request
type LoginDto struct {
Email string `json:"email" example:"admin@example.com"`
Password string `json:"password" example:"Admin@123456"`
}
// TokenDto represents the response after successful authentication
type TokenDto struct {
Token string `json:"token" example:"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"`
User UserDto `json:"user"`
}
backend/internal/api/dto/company_dto.go
+23
View File
@@ -0,0 +1,23 @@
package dto
import (
"time"
)
type CompanyDto struct {
ID string `json:"id" example:"01HGW2BBG0000000000000000"`
CreatedAt time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
LastEditorID string `json:"lastEditorID" example:"01HGW2BBG0000000000000000"`
Name string `json:"name" example:"Acme Corp"`
}
type CompanyCreateDto struct {
Name string `json:"name" example:"Acme Corp"`
}
type CompanyUpdateDto struct {
CreatedAt *time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt *time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
Name *string `json:"name" example:"Acme Corp"`
}
backend/internal/api/dto/customer_dto.go
+32
View File
@@ -0,0 +1,32 @@
package dto
import (
"time"
"github.com/timetracker/backend/internal/types"
)
type CustomerDto struct {
ID string `json:"id" example:"01HGW2BBG0000000000000000"`
CreatedAt time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
LastEditorID string `json:"lastEditorID" example:"01HGW2BBG0000000000000000"`
Name string `json:"name" example:"John Doe"`
CompanyID *string `json:"companyId" example:"01HGW2BBG0000000000000000"`
OwnerUserID *string `json:"owningUserID" example:"01HGW2BBG0000000000000000"`
}
type CustomerCreateDto struct {
Name string `json:"name" example:"John Doe"`
CompanyID *string `json:"companyId" example:"01HGW2BBG0000000000000000"`
}
type CustomerUpdateDto struct {
ID string `json:"id" example:"01HGW2BBG0000000000000000"`
CreatedAt *time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt *time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
LastEditorID *string `json:"lastEditorID" example:"01HGW2BBG0000000000000000"`
Name *string `json:"name" example:"John Doe"`
CompanyID types.Nullable[string] `json:"companyId" example:"01HGW2BBG0000000000000000"`
OwnerUserID types.Nullable[string] `json:"owningUserID" example:"01HGW2BBG0000000000000000"`
}
backend/internal/api/dto/project_dto.go
+28
View File
@@ -0,0 +1,28 @@
package dto
import (
"time"
"github.com/timetracker/backend/internal/types"
)
type ProjectDto struct {
ID string `json:"id" example:"01HGW2BBG0000000000000000"`
CreatedAt time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
LastEditorID string `json:"lastEditorID" example:"01HGW2BBG0000000000000000"`
Name string `json:"name" example:"Time Tracking App"`
CustomerID *string `json:"customerId,omitempty" example:"01HGW2BBG0000000000000000"`
}
type ProjectCreateDto struct {
Name string `json:"name" example:"Time Tracking App"`
CustomerID *string `json:"customerId" example:"01HGW2BBG0000000000000000"`
}
type ProjectUpdateDto struct {
CreatedAt *time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt *time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
Name *string `json:"name" example:"Time Tracking App"`
CustomerID types.Nullable[string] `json:"customerId" example:"01HGW2BBG0000000000000000"`
}
backend/internal/api/dto/timeentry_dto.go
+41
View File
@@ -0,0 +1,41 @@
package dto
import (
"time"
)
type TimeEntryDto struct {
ID string `json:"id" example:"01HGW2BBG0000000000000000"`
CreatedAt time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
LastEditorID string `json:"lastEditorID" example:"01HGW2BBG0000000000000000"`
UserID string `json:"userId" example:"01HGW2BBG0000000000000000"`
ProjectID string `json:"projectId" example:"01HGW2BBG0000000000000000"`
ActivityID string `json:"activityId" example:"01HGW2BBG0000000000000000"`
Start time.Time `json:"start" example:"2024-01-01T08:00:00Z"`
End time.Time `json:"end" example:"2024-01-01T17:00:00Z"`
Description string `json:"description" example:"Working on the Time Tracking App"`
Billable int `json:"billable" example:"100"` // Percentage (0-100)
}
type TimeEntryCreateDto struct {
UserID string `json:"userId" example:"01HGW2BBG0000000000000000"`
ProjectID string `json:"projectId" example:"01HGW2BBG0000000000000000"`
ActivityID string `json:"activityId" example:"01HGW2BBG0000000000000000"`
Start time.Time `json:"start" example:"2024-01-01T08:00:00Z"`
End time.Time `json:"end" example:"2024-01-01T17:00:00Z"`
Description string `json:"description" example:"Working on the Time Tracking App"`
Billable int `json:"billable" example:"100"` // Percentage (0-100)
}
type TimeEntryUpdateDto struct {
CreatedAt *time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt *time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
UserID *string `json:"userId" example:"01HGW2BBG0000000000000000"`
ProjectID *string `json:"projectId" example:"01HGW2BBG0000000000000000"`
ActivityID *string `json:"activityId" example:"01HGW2BBG0000000000000000"`
Start *time.Time `json:"start" example:"2024-01-01T08:00:00Z"`
End *time.Time `json:"end" example:"2024-01-01T17:00:00Z"`
Description *string `json:"description" example:"Working on the Time Tracking App"`
Billable *int `json:"billable" example:"100"` // Percentage (0-100)
}
backend/internal/api/dto/user_dto.go
+37
View File
@@ -0,0 +1,37 @@
package dto
import (
"time"
"github.com/timetracker/backend/internal/types"
)
type UserDto struct {
ID string `json:"id" example:"01HGW2BBG0000000000000000"`
CreatedAt time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
LastEditorID string `json:"lastEditorID" example:"01HGW2BBG0000000000000000"`
Email string `json:"email" example:"test@example.com"`
Role string `json:"role" example:"admin"`
CompanyID *string `json:"companyId,omitempty" example:"01HGW2BBG0000000000000000"`
HourlyRate float64 `json:"hourlyRate" example:"50.00"`
}
type UserCreateDto struct {
Email string `json:"email" example:"test@example.com"`
Password string `json:"password" example:"password123"`
Role string `json:"role" example:"admin"`
CompanyID *string `json:"companyId" example:"01HGW2BBG0000000000000000"`
HourlyRate float64 `json:"hourlyRate" example:"50.00"`
}
type UserUpdateDto struct {
CreatedAt *time.Time `json:"createdAt" example:"2024-01-01T00:00:00Z"`
UpdatedAt *time.Time `json:"updatedAt" example:"2024-01-01T00:00:00Z"`
LastEditorID *string `json:"lastEditorID" example:"01HGW2BBG0000000000000000"`
Email *string `json:"email" example:"test@example.com"`
Password *string `json:"password" example:"password123"`
Role *string `json:"role" example:"admin"`
CompanyID types.Nullable[string] `json:"companyId" example:"01HGW2BBG0000000000000000"`
HourlyRate *float64 `json:"hourlyRate" example:"50.00"`
}
backend/internal/api/handlers/activity_handler.go
+44 -117
View File
@@ -1,13 +1,15 @@
package handlers
import (
"net/http"
"context"
"github.com/gin-gonic/gin"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/api/dto"
"github.com/timetracker/backend/internal/api/responses"
"github.com/timetracker/backend/internal/api/utils"
dto "github.com/timetracker/backend/internal/dtos"
"github.com/timetracker/backend/internal/models"
"github.com/timetracker/backend/internal/types"
)
// ActivityHandler handles activity-related API endpoints
@@ -26,25 +28,12 @@ func NewActivityHandler() *ActivityHandler {
// @Accept json
// @Produce json
// @Security BearerAuth
// @Success 200 {object} utils.Response{data=[]utils.ActivityResponse}
// @Success 200 {object} utils.Response{data=[]dto.ActivityDto}
// @Failure 401 {object} utils.Response{error=utils.ErrorInfo}
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /activities [get]
func (h *ActivityHandler) GetActivities(c *gin.Context) {
// Get activities from the database
activities, err := models.GetAllActivities(c.Request.Context())
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving activities: "+err.Error())
return
}
// Convert to DTOs
activityDTOs := make([]dto.ActivityDto, len(activities))
for i, activity := range activities {
activityDTOs[i] = convertActivityToDTO(&activity)
}
utils.SuccessResponse(c, http.StatusOK, activityDTOs)
utils.HandleGetAll(c, models.GetAllActivities, convertActivityToDTO, "activities")
}
// GetActivityByID handles GET /activities/:id
@@ -56,37 +45,14 @@ func (h *ActivityHandler) GetActivities(c *gin.Context) {
// @Produce json
// @Security BearerAuth
// @Param id path string true "Activity ID"
// @Success 200 {object} utils.Response{data=utils.ActivityResponse}
// @Success 200 {object} utils.Response{data=dto.ActivityDto}
// @Failure 400 {object} utils.Response{error=utils.ErrorInfo}
// @Failure 401 {object} utils.Response{error=utils.ErrorInfo}
// @Failure 404 {object} utils.Response{error=utils.ErrorInfo}
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /activities/{id} [get]
func (h *ActivityHandler) GetActivityByID(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid activity ID format")
return
}
// Get activity from the database
activity, err := models.GetActivityByID(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving activity: "+err.Error())
return
}
if activity == nil {
utils.NotFoundResponse(c, "Activity not found")
return
}
// Convert to DTO
activityDTO := convertActivityToDTO(activity)
utils.SuccessResponse(c, http.StatusOK, activityDTO)
utils.HandleGetByID(c, models.GetActivityByID, convertActivityToDTO, "activity")
}
// CreateActivity handles POST /activities
@@ -104,27 +70,7 @@ func (h *ActivityHandler) GetActivityByID(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /activities [post]
func (h *ActivityHandler) CreateActivity(c *gin.Context) {
// Parse request body
var activityCreateDTO dto.ActivityCreateDto
if err := c.ShouldBindJSON(&activityCreateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Convert DTO to model
activityCreate := convertCreateActivityDTOToModel(activityCreateDTO)
// Create activity in the database
activity, err := models.CreateActivity(c.Request.Context(), activityCreate)
if err != nil {
utils.InternalErrorResponse(c, "Error creating activity: "+err.Error())
return
}
// Convert to DTO
activityDTO := convertActivityToDTO(activity)
utils.SuccessResponse(c, http.StatusCreated, activityDTO)
utils.HandleCreate(c, createActivityWrapper, convertActivityToDTO, "activity")
}
// UpdateActivity handles PUT /activities/:id
@@ -144,43 +90,7 @@ func (h *ActivityHandler) CreateActivity(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /activities/{id} [put]
func (h *ActivityHandler) UpdateActivity(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid activity ID format")
return
}
// Parse request body
var activityUpdateDTO dto.ActivityUpdateDto
if err := c.ShouldBindJSON(&activityUpdateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Set ID from URL
activityUpdateDTO.ID = id.String()
// Convert DTO to model
activityUpdate := convertUpdateActivityDTOToModel(activityUpdateDTO)
// Update activity in the database
activity, err := models.UpdateActivity(c.Request.Context(), activityUpdate)
if err != nil {
utils.InternalErrorResponse(c, "Error updating activity: "+err.Error())
return
}
if activity == nil {
utils.NotFoundResponse(c, "Activity not found")
return
}
// Convert to DTO
activityDTO := convertActivityToDTO(activity)
utils.SuccessResponse(c, http.StatusOK, activityDTO)
utils.HandleUpdate(c, models.UpdateActivity, convertActivityToDTO, prepareActivityUpdate, "activity")
}
// DeleteActivity handles DELETE /activities/:id
@@ -198,22 +108,7 @@ func (h *ActivityHandler) UpdateActivity(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /activities/{id} [delete]
func (h *ActivityHandler) DeleteActivity(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid activity ID format")
return
}
// Delete activity from the database
err = models.DeleteActivity(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error deleting activity: "+err.Error())
return
}
utils.SuccessResponse(c, http.StatusNoContent, nil)
utils.HandleDelete(c, models.DeleteActivity, "activity")
}
// Helper functions for DTO conversion
@@ -238,7 +133,7 @@ func convertCreateActivityDTOToModel(dto dto.ActivityCreateDto) models.ActivityC
func convertUpdateActivityDTOToModel(dto dto.ActivityUpdateDto) models.ActivityUpdate {
id, _ := ulid.Parse(dto.ID)
update := models.ActivityUpdate{
ID: id,
ID: types.FromULID(id),
}
if dto.Name != nil {
@@ -251,3 +146,35 @@ func convertUpdateActivityDTOToModel(dto dto.ActivityUpdateDto) models.ActivityU
return update
}
// prepareActivityUpdate prepares the activity update object by parsing the ID, binding the JSON, and converting the DTO to a model
func prepareActivityUpdate(c *gin.Context) (models.ActivityUpdate, error) {
// Parse ID from URL
id, err := utils.ParseID(c, "id")
if err != nil {
responses.BadRequestResponse(c, "Invalid activity ID format")
return models.ActivityUpdate{}, err
}
// Parse request body
var activityUpdateDTO dto.ActivityUpdateDto
if err := utils.BindJSON(c, &activityUpdateDTO); err != nil {
responses.BadRequestResponse(c, err.Error())
return models.ActivityUpdate{}, err
}
// Set ID from URL
activityUpdateDTO.ID = id.String()
// Convert DTO to model
return convertUpdateActivityDTOToModel(activityUpdateDTO), nil
}
// createActivityWrapper is a wrapper function for models.CreateActivity that takes a DTO as input
func createActivityWrapper(ctx context.Context, createDTO dto.ActivityCreateDto) (*models.Activity, error) {
// Convert DTO to model
activityCreate := convertCreateActivityDTOToModel(createDTO)
// Call the original function
return models.CreateActivity(ctx, activityCreate)
}
backend/internal/api/handlers/company_handler.go
+39 -117
View File
@@ -1,13 +1,14 @@
package handlers
import (
"net/http"
"context"
"github.com/gin-gonic/gin"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/api/dto"
"github.com/timetracker/backend/internal/api/responses"
"github.com/timetracker/backend/internal/api/utils"
dto "github.com/timetracker/backend/internal/dtos"
"github.com/timetracker/backend/internal/models"
"github.com/timetracker/backend/internal/types"
)
// CompanyHandler handles company-related API endpoints
@@ -31,20 +32,7 @@ func NewCompanyHandler() *CompanyHandler {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /companies [get]
func (h *CompanyHandler) GetCompanies(c *gin.Context) {
// Get companies from the database
companies, err := models.GetAllCompanies(c.Request.Context())
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving companies: "+err.Error())
return
}
// Convert to DTOs
companyDTOs := make([]dto.CompanyDto, len(companies))
for i, company := range companies {
companyDTOs[i] = convertCompanyToDTO(&company)
}
utils.SuccessResponse(c, http.StatusOK, companyDTOs)
utils.HandleGetAll(c, models.GetAllCompanies, convertCompanyToDTO, "companies")
}
// GetCompanyByID handles GET /companies/:id
@@ -63,30 +51,7 @@ func (h *CompanyHandler) GetCompanies(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /companies/{id} [get]
func (h *CompanyHandler) GetCompanyByID(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid company ID format")
return
}
// Get company from the database
company, err := models.GetCompanyByID(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving company: "+err.Error())
return
}
if company == nil {
utils.NotFoundResponse(c, "Company not found")
return
}
// Convert to DTO
companyDTO := convertCompanyToDTO(company)
utils.SuccessResponse(c, http.StatusOK, companyDTO)
utils.HandleGetByID(c, models.GetCompanyByID, convertCompanyToDTO, "company")
}
// CreateCompany handles POST /companies
@@ -104,27 +69,7 @@ func (h *CompanyHandler) GetCompanyByID(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /companies [post]
func (h *CompanyHandler) CreateCompany(c *gin.Context) {
// Parse request body
var companyCreateDTO dto.CompanyCreateDto
if err := c.ShouldBindJSON(&companyCreateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Convert DTO to model
companyCreate := convertCreateCompanyDTOToModel(companyCreateDTO)
// Create company in the database
company, err := models.CreateCompany(c.Request.Context(), companyCreate)
if err != nil {
utils.InternalErrorResponse(c, "Error creating company: "+err.Error())
return
}
// Convert to DTO
companyDTO := convertCompanyToDTO(company)
utils.SuccessResponse(c, http.StatusCreated, companyDTO)
utils.HandleCreate(c, createCompanyWrapper, convertCompanyToDTO, "company")
}
// UpdateCompany handles PUT /companies/:id
@@ -144,43 +89,7 @@ func (h *CompanyHandler) CreateCompany(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /companies/{id} [put]
func (h *CompanyHandler) UpdateCompany(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid company ID format")
return
}
// Parse request body
var companyUpdateDTO dto.CompanyUpdateDto
if err := c.ShouldBindJSON(&companyUpdateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Set ID from URL
companyUpdateDTO.ID = id.String()
// Convert DTO to model
companyUpdate := convertUpdateCompanyDTOToModel(companyUpdateDTO)
// Update company in the database
company, err := models.UpdateCompany(c.Request.Context(), companyUpdate)
if err != nil {
utils.InternalErrorResponse(c, "Error updating company: "+err.Error())
return
}
if company == nil {
utils.NotFoundResponse(c, "Company not found")
return
}
// Convert to DTO
companyDTO := convertCompanyToDTO(company)
utils.SuccessResponse(c, http.StatusOK, companyDTO)
utils.HandleUpdate(c, models.UpdateCompany, convertCompanyToDTO, prepareCompanyUpdate, "company")
}
// DeleteCompany handles DELETE /companies/:id
@@ -198,22 +107,7 @@ func (h *CompanyHandler) UpdateCompany(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /companies/{id} [delete]
func (h *CompanyHandler) DeleteCompany(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid company ID format")
return
}
// Delete company from the database
err = models.DeleteCompany(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error deleting company: "+err.Error())
return
}
utils.SuccessResponse(c, http.StatusNoContent, nil)
utils.HandleDelete(c, models.DeleteCompany, "company")
}
// Helper functions for DTO conversion
@@ -233,8 +127,7 @@ func convertCreateCompanyDTOToModel(dto dto.CompanyCreateDto) models.CompanyCrea
}
}
func convertUpdateCompanyDTOToModel(dto dto.CompanyUpdateDto) models.CompanyUpdate {
id, _ := ulid.Parse(dto.ID)
func convertUpdateCompanyDTOToModel(dto dto.CompanyUpdateDto, id types.ULID) models.CompanyUpdate {
update := models.CompanyUpdate{
ID: id,
}
@@ -245,3 +138,32 @@ func convertUpdateCompanyDTOToModel(dto dto.CompanyUpdateDto) models.CompanyUpda
return update
}
// prepareCompanyUpdate prepares the company update object by parsing the ID, binding the JSON, and converting the DTO to a model
func prepareCompanyUpdate(c *gin.Context) (models.CompanyUpdate, error) {
// Parse ID from URL
id, err := utils.ParseID(c, "id")
if err != nil {
responses.BadRequestResponse(c, "Invalid company ID format")
return models.CompanyUpdate{}, err
}
// Parse request body
var companyUpdateDTO dto.CompanyUpdateDto
if err := utils.BindJSON(c, &companyUpdateDTO); err != nil {
responses.BadRequestResponse(c, err.Error())
return models.CompanyUpdate{}, err
}
// Convert DTO to model
return convertUpdateCompanyDTOToModel(companyUpdateDTO, id), nil
}
// createCompanyWrapper is a wrapper function for models.CreateCompany that takes a DTO as input
func createCompanyWrapper(ctx context.Context, createDTO dto.CompanyCreateDto) (*models.Company, error) {
// Convert DTO to model
companyCreate := convertCreateCompanyDTOToModel(createDTO)
// Call the original function
return models.CreateCompany(ctx, companyCreate)
}
backend/internal/api/handlers/customer_handler.go
+105 -127
View File
@@ -1,14 +1,17 @@
package handlers
import (
"context"
"fmt"
"net/http"
"github.com/gin-gonic/gin"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/api/dto"
"github.com/timetracker/backend/internal/api/middleware"
"github.com/timetracker/backend/internal/api/responses"
"github.com/timetracker/backend/internal/api/utils"
dto "github.com/timetracker/backend/internal/dtos"
"github.com/timetracker/backend/internal/models"
"github.com/timetracker/backend/internal/types"
)
// CustomerHandler handles customer-related API endpoints
@@ -32,20 +35,7 @@ func NewCustomerHandler() *CustomerHandler {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /customers [get]
func (h *CustomerHandler) GetCustomers(c *gin.Context) {
// Get customers from the database
customers, err := models.GetAllCustomers(c.Request.Context())
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving customers: "+err.Error())
return
}
// Convert to DTOs
customerDTOs := make([]dto.CustomerDto, len(customers))
for i, customer := range customers {
customerDTOs[i] = convertCustomerToDTO(&customer)
}
utils.SuccessResponse(c, http.StatusOK, customerDTOs)
utils.HandleGetAll(c, models.GetAllCustomers, convertCustomerToDTO, "customers")
}
// GetCustomerByID handles GET /customers/:id
@@ -64,30 +54,7 @@ func (h *CustomerHandler) GetCustomers(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /customers/{id} [get]
func (h *CustomerHandler) GetCustomerByID(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid customer ID format")
return
}
// Get customer from the database
customer, err := models.GetCustomerByID(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving customer: "+err.Error())
return
}
if customer == nil {
utils.NotFoundResponse(c, "Customer not found")
return
}
// Convert to DTO
customerDTO := convertCustomerToDTO(customer)
utils.SuccessResponse(c, http.StatusOK, customerDTO)
utils.HandleGetByID(c, models.GetCustomerByID, convertCustomerToDTO, "customer")
}
// GetCustomersByCompanyID handles GET /customers/company/:companyId
@@ -109,24 +76,26 @@ func (h *CustomerHandler) GetCustomersByCompanyID(c *gin.Context) {
companyIDStr := c.Param("companyId")
companyID, err := parseCompanyID(companyIDStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid company ID format")
responses.BadRequestResponse(c, "Invalid company ID format")
return
}
// Get customers from the database
customers, err := models.GetCustomersByCompanyID(c.Request.Context(), companyID)
// Create a wrapper function that takes a ULID but calls the original function with an int
getByCompanyIDFn := func(ctx context.Context, _ types.ULID) ([]models.Customer, error) {
return models.GetCustomersByCompanyID(ctx, companyID)
}
// Get customers from the database and convert to DTOs
customers, err := getByCompanyIDFn(c.Request.Context(), types.ULID{})
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving customers: "+err.Error())
responses.InternalErrorResponse(c, "Error retrieving customers: "+err.Error())
return
}
// Convert to DTOs
customerDTOs := make([]dto.CustomerDto, len(customers))
for i, customer := range customers {
customerDTOs[i] = convertCustomerToDTO(&customer)
}
customerDTOs := utils.ConvertToDTO(customers, convertCustomerToDTO)
utils.SuccessResponse(c, http.StatusOK, customerDTOs)
responses.SuccessResponse(c, http.StatusOK, customerDTOs)
}
// CreateCustomer handles POST /customers
@@ -144,27 +113,19 @@ func (h *CustomerHandler) GetCustomersByCompanyID(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /customers [post]
func (h *CustomerHandler) CreateCustomer(c *gin.Context) {
// Parse request body
var customerCreateDTO dto.CustomerCreateDto
if err := c.ShouldBindJSON(&customerCreateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Convert DTO to model
customerCreate := convertCreateCustomerDTOToModel(customerCreateDTO)
// Create customer in the database
customer, err := models.CreateCustomer(c.Request.Context(), customerCreate)
// We need to use a custom wrapper for CreateCustomer because we need to get the user ID from the context
userID, err := middleware.GetUserIDFromContext(c)
if err != nil {
utils.InternalErrorResponse(c, "Error creating customer: "+err.Error())
responses.UnauthorizedResponse(c, "User not authenticated")
return
}
// Convert to DTO
customerDTO := convertCustomerToDTO(customer)
// Use a closure to capture the userID
createFn := func(ctx context.Context, createDTO dto.CustomerCreateDto) (*models.Customer, error) {
return createCustomerWrapper(ctx, createDTO, userID)
}
utils.SuccessResponse(c, http.StatusCreated, customerDTO)
utils.HandleCreate(c, createFn, convertCustomerToDTO, "customer")
}
// UpdateCustomer handles PUT /customers/:id
@@ -184,43 +145,7 @@ func (h *CustomerHandler) CreateCustomer(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /customers/{id} [put]
func (h *CustomerHandler) UpdateCustomer(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid customer ID format")
return
}
// Parse request body
var customerUpdateDTO dto.CustomerUpdateDto
if err := c.ShouldBindJSON(&customerUpdateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Set ID from URL
customerUpdateDTO.ID = id.String()
// Convert DTO to model
customerUpdate := convertUpdateCustomerDTOToModel(customerUpdateDTO)
// Update customer in the database
customer, err := models.UpdateCustomer(c.Request.Context(), customerUpdate)
if err != nil {
utils.InternalErrorResponse(c, "Error updating customer: "+err.Error())
return
}
if customer == nil {
utils.NotFoundResponse(c, "Customer not found")
return
}
// Convert to DTO
customerDTO := convertCustomerToDTO(customer)
utils.SuccessResponse(c, http.StatusOK, customerDTO)
utils.HandleUpdate(c, models.UpdateCustomer, convertCustomerToDTO, prepareCustomerUpdate, "customer")
}
// DeleteCustomer handles DELETE /customers/:id
@@ -238,45 +163,48 @@ func (h *CustomerHandler) UpdateCustomer(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /customers/{id} [delete]
func (h *CustomerHandler) DeleteCustomer(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid customer ID format")
return
}
// Delete customer from the database
err = models.DeleteCustomer(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error deleting customer: "+err.Error())
return
}
utils.SuccessResponse(c, http.StatusNoContent, nil)
utils.HandleDelete(c, models.DeleteCustomer, "customer")
}
// Helper functions for DTO conversion
func convertCustomerToDTO(customer *models.Customer) dto.CustomerDto {
var companyID *string
if customer.CompanyID != nil {
s := customer.CompanyID.String()
companyID = &s
}
return dto.CustomerDto{
ID: customer.ID.String(),
CreatedAt: customer.CreatedAt,
UpdatedAt: customer.UpdatedAt,
Name: customer.Name,
CompanyID: customer.CompanyID,
CompanyID: companyID,
}
}
func convertCreateCustomerDTOToModel(dto dto.CustomerCreateDto) models.CustomerCreate {
return models.CustomerCreate{
func convertCreateCustomerDTOToModel(dto dto.CustomerCreateDto) (models.CustomerCreate, error) {
var companyID *types.ULID
if dto.CompanyID != nil {
wrapper, err := types.ULIDFromString(*dto.CompanyID) // Ignoring error, validation happens in the model
if err != nil {
return models.CustomerCreate{}, fmt.Errorf("invalid company ID: %w", err)
}
companyID = &wrapper
}
create := models.CustomerCreate{
Name: dto.Name,
CompanyID: dto.CompanyID,
CompanyID: companyID,
}
return create, nil
}
func convertUpdateCustomerDTOToModel(dto dto.CustomerUpdateDto) models.CustomerUpdate {
id, _ := ulid.Parse(dto.ID)
func convertUpdateCustomerDTOToModel(dto dto.CustomerUpdateDto) (models.CustomerUpdate, error) {
id, err := types.ULIDFromString(dto.ID)
if err != nil {
return models.CustomerUpdate{}, fmt.Errorf("invalid customer ID: %w", err)
}
update := models.CustomerUpdate{
ID: id,
}
@@ -285,11 +213,17 @@ func convertUpdateCustomerDTOToModel(dto dto.CustomerUpdateDto) models.CustomerU
update.Name = dto.Name
}
if dto.CompanyID != nil {
update.CompanyID = dto.CompanyID
if dto.CompanyID.Valid {
companyID, err := types.ULIDFromString(*dto.CompanyID.Value)
if err != nil {
return models.CustomerUpdate{}, fmt.Errorf("invalid company ID: %w", err)
}
update.CompanyID = &companyID
} else {
update.CompanyID = nil
}
return update
return update, nil
}
// Helper function to parse company ID from string
@@ -298,3 +232,47 @@ func parseCompanyID(idStr string) (int, error) {
_, err := fmt.Sscanf(idStr, "%d", &id)
return id, err
}
// prepareCustomerUpdate prepares the customer update object by parsing the ID, binding the JSON, and converting the DTO to a model
func prepareCustomerUpdate(c *gin.Context) (models.CustomerUpdate, error) {
// Parse ID from URL
id, err := utils.ParseID(c, "id")
if err != nil {
responses.BadRequestResponse(c, "Invalid customer ID format")
return models.CustomerUpdate{}, err
}
// Parse request body
var customerUpdateDTO dto.CustomerUpdateDto
if err := utils.BindJSON(c, &customerUpdateDTO); err != nil {
responses.BadRequestResponse(c, err.Error())
return models.CustomerUpdate{}, err
}
// Set ID from URL
customerUpdateDTO.ID = id.String()
// Convert DTO to model
customerUpdate, err := convertUpdateCustomerDTOToModel(customerUpdateDTO)
if err != nil {
responses.BadRequestResponse(c, "Invalid request body: "+err.Error())
return models.CustomerUpdate{}, err
}
return customerUpdate, nil
}
// createCustomerWrapper is a wrapper function for models.CreateCustomer that takes a DTO as input
func createCustomerWrapper(ctx context.Context, createDTO dto.CustomerCreateDto, userID types.ULID) (*models.Customer, error) {
// Convert DTO to model
customerCreate, err := convertCreateCustomerDTOToModel(createDTO)
if err != nil {
return nil, err
}
// Set the owner user ID
customerCreate.OwnerUserID = &userID
// Call the original function
return models.CreateCustomer(ctx, customerCreate)
}
backend/internal/api/handlers/project_handler.go
+65 -186
View File
@@ -1,14 +1,15 @@
package handlers
import (
"context"
"fmt"
"net/http"
"github.com/gin-gonic/gin"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/api/dto"
"github.com/timetracker/backend/internal/api/responses"
"github.com/timetracker/backend/internal/api/utils"
dto "github.com/timetracker/backend/internal/dtos"
"github.com/timetracker/backend/internal/models"
"github.com/timetracker/backend/internal/types"
)
// ProjectHandler handles project-related API endpoints
@@ -32,20 +33,7 @@ func NewProjectHandler() *ProjectHandler {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /projects [get]
func (h *ProjectHandler) GetProjects(c *gin.Context) {
// Get projects from the database
projects, err := models.GetAllProjects(c.Request.Context())
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving projects: "+err.Error())
return
}
// Convert to DTOs
projectDTOs := make([]dto.ProjectDto, len(projects))
for i, project := range projects {
projectDTOs[i] = convertProjectToDTO(&project)
}
utils.SuccessResponse(c, http.StatusOK, projectDTOs)
utils.HandleGetAll(c, models.GetAllProjects, convertProjectToDTO, "projects")
}
// GetProjectsWithCustomers handles GET /projects/with-customers
@@ -61,20 +49,7 @@ func (h *ProjectHandler) GetProjects(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /projects/with-customers [get]
func (h *ProjectHandler) GetProjectsWithCustomers(c *gin.Context) {
// Get projects with customers from the database
projects, err := models.GetAllProjectsWithCustomers(c.Request.Context())
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving projects: "+err.Error())
return
}
// Convert to DTOs
projectDTOs := make([]dto.ProjectDto, len(projects))
for i, project := range projects {
projectDTOs[i] = convertProjectToDTO(&project)
}
utils.SuccessResponse(c, http.StatusOK, projectDTOs)
utils.HandleGetAll(c, models.GetAllProjectsWithCustomers, convertProjectToDTO, "projects with customers")
}
// GetProjectByID handles GET /projects/:id
@@ -93,30 +68,7 @@ func (h *ProjectHandler) GetProjectsWithCustomers(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /projects/{id} [get]
func (h *ProjectHandler) GetProjectByID(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid project ID format")
return
}
// Get project from the database
project, err := models.GetProjectByID(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving project: "+err.Error())
return
}
if project == nil {
utils.NotFoundResponse(c, "Project not found")
return
}
// Convert to DTO
projectDTO := convertProjectToDTO(project)
utils.SuccessResponse(c, http.StatusOK, projectDTO)
utils.HandleGetByID(c, models.GetProjectByID, convertProjectToDTO, "project")
}
// GetProjectsByCustomerID handles GET /projects/customer/:customerId
@@ -134,28 +86,7 @@ func (h *ProjectHandler) GetProjectByID(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /projects/customer/{customerId} [get]
func (h *ProjectHandler) GetProjectsByCustomerID(c *gin.Context) {
// Parse customer ID from URL
customerIDStr := c.Param("customerId")
customerID, err := ulid.Parse(customerIDStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid customer ID format")
return
}
// Get projects from the database
projects, err := models.GetProjectsByCustomerID(c.Request.Context(), customerID)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving projects: "+err.Error())
return
}
// Convert to DTOs
projectDTOs := make([]dto.ProjectDto, len(projects))
for i, project := range projects {
projectDTOs[i] = convertProjectToDTO(&project)
}
utils.SuccessResponse(c, http.StatusOK, projectDTOs)
utils.HandleGetByFilter(c, models.GetProjectsByCustomerID, convertProjectToDTO, "projects", "customerId")
}
// CreateProject handles POST /projects
@@ -173,31 +104,7 @@ func (h *ProjectHandler) GetProjectsByCustomerID(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /projects [post]
func (h *ProjectHandler) CreateProject(c *gin.Context) {
// Parse request body
var projectCreateDTO dto.ProjectCreateDto
if err := c.ShouldBindJSON(&projectCreateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Convert DTO to model
projectCreate, err := convertCreateProjectDTOToModel(projectCreateDTO)
if err != nil {
utils.BadRequestResponse(c, err.Error())
return
}
// Create project in the database
project, err := models.CreateProject(c.Request.Context(), projectCreate)
if err != nil {
utils.InternalErrorResponse(c, "Error creating project: "+err.Error())
return
}
// Convert to DTO
projectDTO := convertProjectToDTO(project)
utils.SuccessResponse(c, http.StatusCreated, projectDTO)
utils.HandleCreate(c, createProjectWrapper, convertProjectToDTO, "project")
}
// UpdateProject handles PUT /projects/:id
@@ -217,47 +124,7 @@ func (h *ProjectHandler) CreateProject(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /projects/{id} [put]
func (h *ProjectHandler) UpdateProject(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid project ID format")
return
}
// Parse request body
var projectUpdateDTO dto.ProjectUpdateDto
if err := c.ShouldBindJSON(&projectUpdateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Set ID from URL
projectUpdateDTO.ID = id.String()
// Convert DTO to model
projectUpdate, err := convertUpdateProjectDTOToModel(projectUpdateDTO)
if err != nil {
utils.BadRequestResponse(c, err.Error())
return
}
// Update project in the database
project, err := models.UpdateProject(c.Request.Context(), projectUpdate)
if err != nil {
utils.InternalErrorResponse(c, "Error updating project: "+err.Error())
return
}
if project == nil {
utils.NotFoundResponse(c, "Project not found")
return
}
// Convert to DTO
projectDTO := convertProjectToDTO(project)
utils.SuccessResponse(c, http.StatusOK, projectDTO)
utils.HandleUpdate(c, models.UpdateProject, convertProjectToDTO, prepareProjectUpdate, "project")
}
// DeleteProject handles DELETE /projects/:id
@@ -275,57 +142,40 @@ func (h *ProjectHandler) UpdateProject(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /projects/{id} [delete]
func (h *ProjectHandler) DeleteProject(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid project ID format")
return
}
// Delete project from the database
err = models.DeleteProject(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error deleting project: "+err.Error())
return
}
utils.SuccessResponse(c, http.StatusNoContent, nil)
utils.HandleDelete(c, models.DeleteProject, "project")
}
// Helper functions for DTO conversion
func convertProjectToDTO(project *models.Project) dto.ProjectDto {
customerID := 0
if project.CustomerID.Compare(ulid.ULID{}) != 0 {
// This is a simplification, adjust as needed
customerID = int(project.CustomerID.Time())
var customerIdPtr *string
if project.CustomerID != nil {
customerIdStr := project.CustomerID.String()
customerIdPtr = &customerIdStr
}
return dto.ProjectDto{
ID: project.ID.String(),
CreatedAt: project.CreatedAt,
UpdatedAt: project.UpdatedAt,
Name: project.Name,
CustomerID: customerID,
CustomerID: customerIdPtr,
}
}
func convertCreateProjectDTOToModel(dto dto.ProjectCreateDto) (models.ProjectCreate, error) {
create := models.ProjectCreate{Name: dto.Name}
// Convert CustomerID from int to ULID (this is a simplification, adjust as needed)
customerID, err := customerIDToULID(dto.CustomerID)
if dto.CustomerID != nil {
customerID, err := types.ULIDFromString(*dto.CustomerID)
if err != nil {
return models.ProjectCreate{}, fmt.Errorf("invalid customer ID: %w", err)
}
return models.ProjectCreate{
Name: dto.Name,
CustomerID: customerID,
}, nil
create.CustomerID = &customerID
}
return create, nil
}
func convertUpdateProjectDTOToModel(dto dto.ProjectUpdateDto) (models.ProjectUpdate, error) {
id, _ := ulid.Parse(dto.ID)
func convertUpdateProjectDTOToModel(dto dto.ProjectUpdateDto, id types.ULID) (models.ProjectUpdate, error) {
update := models.ProjectUpdate{
ID: id,
}
@@ -334,26 +184,55 @@ func convertUpdateProjectDTOToModel(dto dto.ProjectUpdateDto) (models.ProjectUpd
update.Name = dto.Name
}
if dto.CustomerID != nil {
// Convert CustomerID from int to ULID (this is a simplification, adjust as needed)
customerID, err := customerIDToULID(*dto.CustomerID)
if dto.CustomerID.Valid {
if dto.CustomerID.Value == nil {
update.CustomerID = types.Null[types.ULID]()
} else {
customerID, err := types.ULIDFromString(*dto.CustomerID.Value)
if err != nil {
return models.ProjectUpdate{}, fmt.Errorf("invalid customer ID: %w", err)
}
update.CustomerID = &customerID
update.CustomerID = types.NewNullable(customerID)
}
}
return update, nil
}
// Helper function to convert customer ID from int to ULID
func customerIDToULID(id int) (ulid.ULID, error) {
// This is a simplification, in a real application you would need to
// fetch the actual ULID from the database or use a proper conversion method
// For now, we'll create a deterministic ULID based on the int value
entropy := ulid.Monotonic(nil, 0)
timestamp := uint64(id)
// prepareProjectUpdate prepares the project update object by parsing the ID, binding the JSON, and converting the DTO to a model
func prepareProjectUpdate(c *gin.Context) (models.ProjectUpdate, error) {
// Parse ID from URL
id, err := utils.ParseID(c, "id")
if err != nil {
responses.BadRequestResponse(c, "Invalid project ID format")
return models.ProjectUpdate{}, err
}
// Create a new ULID with the timestamp and entropy
return ulid.MustNew(timestamp, entropy), nil
// Parse request body
var projectUpdateDTO dto.ProjectUpdateDto
if err := utils.BindJSON(c, &projectUpdateDTO); err != nil {
responses.BadRequestResponse(c, err.Error())
return models.ProjectUpdate{}, err
}
// Convert DTO to model
projectUpdate, err := convertUpdateProjectDTOToModel(projectUpdateDTO, id)
if err != nil {
responses.BadRequestResponse(c, err.Error())
return models.ProjectUpdate{}, err
}
return projectUpdate, nil
}
// createProjectWrapper is a wrapper function for models.CreateProject that takes a DTO as input
func createProjectWrapper(ctx context.Context, createDTO dto.ProjectCreateDto) (*models.Project, error) {
// Convert DTO to model
projectCreate, err := convertCreateProjectDTOToModel(createDTO)
if err != nil {
return nil, err
}
// Call the original function
return models.CreateProject(ctx, projectCreate)
}
backend/internal/api/handlers/timeentry_handler.go
+61 -249
View File
@@ -1,16 +1,15 @@
package handlers
import (
"context"
"fmt"
"net/http"
"time"
"github.com/gin-gonic/gin"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/api/middleware"
"github.com/timetracker/backend/internal/api/dto"
"github.com/timetracker/backend/internal/api/responses"
"github.com/timetracker/backend/internal/api/utils"
dto "github.com/timetracker/backend/internal/dtos"
"github.com/timetracker/backend/internal/models"
"github.com/timetracker/backend/internal/types"
)
// TimeEntryHandler handles time entry-related API endpoints
@@ -34,20 +33,7 @@ func NewTimeEntryHandler() *TimeEntryHandler {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /time-entries [get]
func (h *TimeEntryHandler) GetTimeEntries(c *gin.Context) {
// Get time entries from the database
timeEntries, err := models.GetAllTimeEntries(c.Request.Context())
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving time entries: "+err.Error())
return
}
// Convert to DTOs
timeEntryDTOs := make([]dto.TimeEntryDto, len(timeEntries))
for i, timeEntry := range timeEntries {
timeEntryDTOs[i] = convertTimeEntryToDTO(&timeEntry)
}
utils.SuccessResponse(c, http.StatusOK, timeEntryDTOs)
utils.HandleGetAll(c, models.GetAllTimeEntries, convertTimeEntryToDTO, "time entries")
}
// GetTimeEntryByID handles GET /time-entries/:id
@@ -66,30 +52,7 @@ func (h *TimeEntryHandler) GetTimeEntries(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /time-entries/{id} [get]
func (h *TimeEntryHandler) GetTimeEntryByID(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid time entry ID format")
return
}
// Get time entry from the database
timeEntry, err := models.GetTimeEntryByID(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving time entry: "+err.Error())
return
}
if timeEntry == nil {
utils.NotFoundResponse(c, "Time entry not found")
return
}
// Convert to DTO
timeEntryDTO := convertTimeEntryToDTO(timeEntry)
utils.SuccessResponse(c, http.StatusOK, timeEntryDTO)
utils.HandleGetByID(c, models.GetTimeEntryByID, convertTimeEntryToDTO, "time entry")
}
// GetTimeEntriesByUserID handles GET /time-entries/user/:userId
@@ -107,28 +70,7 @@ func (h *TimeEntryHandler) GetTimeEntryByID(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /time-entries/user/{userId} [get]
func (h *TimeEntryHandler) GetTimeEntriesByUserID(c *gin.Context) {
// Parse user ID from URL
userIDStr := c.Param("userId")
userID, err := ulid.Parse(userIDStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid user ID format")
return
}
// Get time entries from the database
timeEntries, err := models.GetTimeEntriesByUserID(c.Request.Context(), userID)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving time entries: "+err.Error())
return
}
// Convert to DTOs
timeEntryDTOs := make([]dto.TimeEntryDto, len(timeEntries))
for i, timeEntry := range timeEntries {
timeEntryDTOs[i] = convertTimeEntryToDTO(&timeEntry)
}
utils.SuccessResponse(c, http.StatusOK, timeEntryDTOs)
utils.HandleGetByFilter(c, models.GetTimeEntriesByUserID, convertTimeEntryToDTO, "time entries", "userId")
}
// GetMyTimeEntries handles GET /time-entries/me
@@ -144,27 +86,7 @@ func (h *TimeEntryHandler) GetTimeEntriesByUserID(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /time-entries/me [get]
func (h *TimeEntryHandler) GetMyTimeEntries(c *gin.Context) {
// Get user ID from context (set by AuthMiddleware)
userID, err := middleware.GetUserIDFromContext(c)
if err != nil {
utils.UnauthorizedResponse(c, "User not authenticated")
return
}
// Get time entries from the database
timeEntries, err := models.GetTimeEntriesByUserID(c.Request.Context(), userID)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving time entries: "+err.Error())
return
}
// Convert to DTOs
timeEntryDTOs := make([]dto.TimeEntryDto, len(timeEntries))
for i, timeEntry := range timeEntries {
timeEntryDTOs[i] = convertTimeEntryToDTO(&timeEntry)
}
utils.SuccessResponse(c, http.StatusOK, timeEntryDTOs)
utils.HandleGetByUserID(c, models.GetTimeEntriesByUserID, convertTimeEntryToDTO, "time entries")
}
// GetTimeEntriesByProjectID handles GET /time-entries/project/:projectId
@@ -182,28 +104,7 @@ func (h *TimeEntryHandler) GetMyTimeEntries(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /time-entries/project/{projectId} [get]
func (h *TimeEntryHandler) GetTimeEntriesByProjectID(c *gin.Context) {
// Parse project ID from URL
projectIDStr := c.Param("projectId")
projectID, err := ulid.Parse(projectIDStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid project ID format")
return
}
// Get time entries from the database
timeEntries, err := models.GetTimeEntriesByProjectID(c.Request.Context(), projectID)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving time entries: "+err.Error())
return
}
// Convert to DTOs
timeEntryDTOs := make([]dto.TimeEntryDto, len(timeEntries))
for i, timeEntry := range timeEntries {
timeEntryDTOs[i] = convertTimeEntryToDTO(&timeEntry)
}
utils.SuccessResponse(c, http.StatusOK, timeEntryDTOs)
utils.HandleGetByFilter(c, models.GetTimeEntriesByProjectID, convertTimeEntryToDTO, "time entries", "projectId")
}
// GetTimeEntriesByDateRange handles GET /time-entries/range
@@ -222,46 +123,7 @@ func (h *TimeEntryHandler) GetTimeEntriesByProjectID(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /time-entries/range [get]
func (h *TimeEntryHandler) GetTimeEntriesByDateRange(c *gin.Context) {
// Parse date range from query parameters
startStr := c.Query("start")
endStr := c.Query("end")
if startStr == "" || endStr == "" {
utils.BadRequestResponse(c, "Start and end dates are required")
return
}
start, err := time.Parse(time.RFC3339, startStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid start date format. Use ISO 8601 format (e.g., 2023-01-01T00:00:00Z)")
return
}
end, err := time.Parse(time.RFC3339, endStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid end date format. Use ISO 8601 format (e.g., 2023-01-01T00:00:00Z)")
return
}
if end.Before(start) {
utils.BadRequestResponse(c, "End date cannot be before start date")
return
}
// Get time entries from the database
timeEntries, err := models.GetTimeEntriesByDateRange(c.Request.Context(), start, end)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving time entries: "+err.Error())
return
}
// Convert to DTOs
timeEntryDTOs := make([]dto.TimeEntryDto, len(timeEntries))
for i, timeEntry := range timeEntries {
timeEntryDTOs[i] = convertTimeEntryToDTO(&timeEntry)
}
utils.SuccessResponse(c, http.StatusOK, timeEntryDTOs)
utils.HandleGetByDateRange(c, models.GetTimeEntriesByDateRange, convertTimeEntryToDTO, "time entries")
}
// CreateTimeEntry handles POST /time-entries
@@ -279,31 +141,7 @@ func (h *TimeEntryHandler) GetTimeEntriesByDateRange(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /time-entries [post]
func (h *TimeEntryHandler) CreateTimeEntry(c *gin.Context) {
// Parse request body
var timeEntryCreateDTO dto.TimeEntryCreateDto
if err := c.ShouldBindJSON(&timeEntryCreateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Convert DTO to model
timeEntryCreate, err := convertCreateTimeEntryDTOToModel(timeEntryCreateDTO)
if err != nil {
utils.BadRequestResponse(c, err.Error())
return
}
// Create time entry in the database
timeEntry, err := models.CreateTimeEntry(c.Request.Context(), timeEntryCreate)
if err != nil {
utils.InternalErrorResponse(c, "Error creating time entry: "+err.Error())
return
}
// Convert to DTO
timeEntryDTO := convertTimeEntryToDTO(timeEntry)
utils.SuccessResponse(c, http.StatusCreated, timeEntryDTO)
utils.HandleCreate(c, createTimeEntryWrapper, convertTimeEntryToDTO, "time entry")
}
// UpdateTimeEntry handles PUT /time-entries/:id
@@ -323,47 +161,7 @@ func (h *TimeEntryHandler) CreateTimeEntry(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /time-entries/{id} [put]
func (h *TimeEntryHandler) UpdateTimeEntry(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid time entry ID format")
return
}
// Parse request body
var timeEntryUpdateDTO dto.TimeEntryUpdateDto
if err := c.ShouldBindJSON(&timeEntryUpdateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Set ID from URL
timeEntryUpdateDTO.ID = id.String()
// Convert DTO to model
timeEntryUpdate, err := convertUpdateTimeEntryDTOToModel(timeEntryUpdateDTO)
if err != nil {
utils.BadRequestResponse(c, err.Error())
return
}
// Update time entry in the database
timeEntry, err := models.UpdateTimeEntry(c.Request.Context(), timeEntryUpdate)
if err != nil {
utils.InternalErrorResponse(c, "Error updating time entry: "+err.Error())
return
}
if timeEntry == nil {
utils.NotFoundResponse(c, "Time entry not found")
return
}
// Convert to DTO
timeEntryDTO := convertTimeEntryToDTO(timeEntry)
utils.SuccessResponse(c, http.StatusOK, timeEntryDTO)
utils.HandleUpdate(c, models.UpdateTimeEntry, convertTimeEntryToDTO, prepareTimeEntryUpdate, "time entry")
}
// DeleteTimeEntry handles DELETE /time-entries/:id
@@ -381,22 +179,7 @@ func (h *TimeEntryHandler) UpdateTimeEntry(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /time-entries/{id} [delete]
func (h *TimeEntryHandler) DeleteTimeEntry(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid time entry ID format")
return
}
// Delete time entry from the database
err = models.DeleteTimeEntry(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error deleting time entry: "+err.Error())
return
}
utils.SuccessResponse(c, http.StatusNoContent, nil)
utils.HandleDelete(c, models.DeleteTimeEntry, "time entry")
}
// Helper functions for DTO conversion
@@ -406,9 +189,9 @@ func convertTimeEntryToDTO(timeEntry *models.TimeEntry) dto.TimeEntryDto {
ID: timeEntry.ID.String(),
CreatedAt: timeEntry.CreatedAt,
UpdatedAt: timeEntry.UpdatedAt,
UserID: int(timeEntry.UserID.Time()), // Simplified conversion
ProjectID: int(timeEntry.ProjectID.Time()), // Simplified conversion
ActivityID: int(timeEntry.ActivityID.Time()), // Simplified conversion
UserID: timeEntry.UserID.String(), // Simplified conversion
ProjectID: timeEntry.ProjectID.String(), // Simplified conversion
ActivityID: timeEntry.ActivityID.String(), // Simplified conversion
Start: timeEntry.Start,
End: timeEntry.End,
Description: timeEntry.Description,
@@ -418,17 +201,17 @@ func convertTimeEntryToDTO(timeEntry *models.TimeEntry) dto.TimeEntryDto {
func convertCreateTimeEntryDTOToModel(dto dto.TimeEntryCreateDto) (models.TimeEntryCreate, error) {
// Convert IDs from int to ULID (this is a simplification, adjust as needed)
userID, err := idToULID(dto.UserID)
userID, err := types.ULIDFromString(dto.UserID)
if err != nil {
return models.TimeEntryCreate{}, fmt.Errorf("invalid user ID: %w", err)
}
projectID, err := idToULID(dto.ProjectID)
projectID, err := types.ULIDFromString(dto.ProjectID)
if err != nil {
return models.TimeEntryCreate{}, fmt.Errorf("invalid project ID: %w", err)
}
activityID, err := idToULID(dto.ActivityID)
activityID, err := types.ULIDFromString(dto.ActivityID)
if err != nil {
return models.TimeEntryCreate{}, fmt.Errorf("invalid activity ID: %w", err)
}
@@ -444,14 +227,14 @@ func convertCreateTimeEntryDTOToModel(dto dto.TimeEntryCreateDto) (models.TimeEn
}, nil
}
func convertUpdateTimeEntryDTOToModel(dto dto.TimeEntryUpdateDto) (models.TimeEntryUpdate, error) {
id, _ := ulid.Parse(dto.ID)
func convertUpdateTimeEntryDTOToModel(dto dto.TimeEntryUpdateDto, id types.ULID) (models.TimeEntryUpdate, error) {
update := models.TimeEntryUpdate{
ID: id,
}
if dto.UserID != nil {
userID, err := idToULID(*dto.UserID)
userID, err := types.ULIDFromString(*dto.UserID)
if err != nil {
return models.TimeEntryUpdate{}, fmt.Errorf("invalid user ID: %w", err)
}
@@ -459,7 +242,7 @@ func convertUpdateTimeEntryDTOToModel(dto dto.TimeEntryUpdateDto) (models.TimeEn
}
if dto.ProjectID != nil {
projectID, err := idToULID(*dto.ProjectID)
projectID, err := types.ULIDFromString(*dto.ProjectID)
if err != nil {
return models.TimeEntryUpdate{}, fmt.Errorf("invalid project ID: %w", err)
}
@@ -467,7 +250,7 @@ func convertUpdateTimeEntryDTOToModel(dto dto.TimeEntryUpdateDto) (models.TimeEn
}
if dto.ActivityID != nil {
activityID, err := idToULID(*dto.ActivityID)
activityID, err := types.ULIDFromString(*dto.ActivityID)
if err != nil {
return models.TimeEntryUpdate{}, fmt.Errorf("invalid activity ID: %w", err)
}
@@ -493,12 +276,41 @@ func convertUpdateTimeEntryDTOToModel(dto dto.TimeEntryUpdateDto) (models.TimeEn
return update, nil
}
// Helper function to convert ID from int to ULID
func idToULID(id int) (ulid.ULID, error) {
// This is a simplification, in a real application you would need to
// fetch the actual ULID from the database or use a proper conversion method
// For now, we'll create a deterministic ULID based on the int value
entropy := ulid.Monotonic(nil, 0)
timestamp := uint64(id)
return ulid.MustNew(timestamp, entropy), nil
// prepareTimeEntryUpdate prepares the time entry update object by parsing the ID, binding the JSON, and converting the DTO to a model
func prepareTimeEntryUpdate(c *gin.Context) (models.TimeEntryUpdate, error) {
// Parse ID from URL
idStr := c.Param("id")
id, err := types.ULIDFromString(idStr)
if err != nil {
responses.BadRequestResponse(c, "Invalid time entry ID format")
return models.TimeEntryUpdate{}, err
}
// Parse request body
var timeEntryUpdateDTO dto.TimeEntryUpdateDto
if err := utils.BindJSON(c, &timeEntryUpdateDTO); err != nil {
responses.BadRequestResponse(c, err.Error())
return models.TimeEntryUpdate{}, err
}
// Convert DTO to model
timeEntryUpdate, err := convertUpdateTimeEntryDTOToModel(timeEntryUpdateDTO, id)
if err != nil {
responses.BadRequestResponse(c, err.Error())
return models.TimeEntryUpdate{}, err
}
return timeEntryUpdate, nil
}
// createTimeEntryWrapper is a wrapper function for models.CreateTimeEntry that takes a DTO as input
func createTimeEntryWrapper(ctx context.Context, createDTO dto.TimeEntryCreateDto) (*models.TimeEntry, error) {
// Convert DTO to model
timeEntryCreate, err := convertCreateTimeEntryDTOToModel(createDTO)
if err != nil {
return nil, err
}
// Call the original function
return models.CreateTimeEntry(ctx, timeEntryCreate)
}
backend/internal/api/handlers/user_handler.go
+138 -137
View File
@@ -1,14 +1,16 @@
package handlers
import (
"context"
"net/http"
"github.com/gin-gonic/gin"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/api/dto"
"github.com/timetracker/backend/internal/api/middleware"
"github.com/timetracker/backend/internal/api/responses"
"github.com/timetracker/backend/internal/api/utils"
dto "github.com/timetracker/backend/internal/dtos"
"github.com/timetracker/backend/internal/models"
"github.com/timetracker/backend/internal/types"
)
// UserHandler handles user-related API endpoints
@@ -32,20 +34,7 @@ func NewUserHandler() *UserHandler {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /users [get]
func (h *UserHandler) GetUsers(c *gin.Context) {
// Get users from the database
users, err := models.GetAllUsers(c.Request.Context())
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving users: "+err.Error())
return
}
// Convert to DTOs
userDTOs := make([]dto.UserDto, len(users))
for i, user := range users {
userDTOs[i] = convertUserToDTO(&user)
}
utils.SuccessResponse(c, http.StatusOK, userDTOs)
utils.HandleGetAll(c, models.GetAllUsers, convertUserToDTO, "users")
}
// GetUserByID handles GET /users/:id
@@ -64,30 +53,29 @@ func (h *UserHandler) GetUsers(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /users/{id} [get]
func (h *UserHandler) GetUserByID(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
// We need a custom wrapper for GetUserByID because the ID parameter is parsed differently
id, err := utils.ParseID(c, "id")
if err != nil {
utils.BadRequestResponse(c, "Invalid user ID format")
responses.BadRequestResponse(c, "Invalid user ID format")
return
}
// Get user from the database
user, err := models.GetUserByID(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving user: "+err.Error())
responses.InternalErrorResponse(c, "Error retrieving user: "+err.Error())
return
}
if user == nil {
utils.NotFoundResponse(c, "User not found")
responses.NotFoundResponse(c, "User not found")
return
}
// Convert to DTO
userDTO := convertUserToDTO(user)
utils.SuccessResponse(c, http.StatusOK, userDTO)
responses.SuccessResponse(c, http.StatusOK, userDTO)
}
// CreateUser handles POST /users
@@ -105,27 +93,7 @@ func (h *UserHandler) GetUserByID(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /users [post]
func (h *UserHandler) CreateUser(c *gin.Context) {
// Parse request body
var userCreateDTO dto.UserCreateDto
if err := c.ShouldBindJSON(&userCreateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Convert DTO to model
userCreate := convertCreateDTOToModel(userCreateDTO)
// Create user in the database
user, err := models.CreateUser(c.Request.Context(), userCreate)
if err != nil {
utils.InternalErrorResponse(c, "Error creating user: "+err.Error())
return
}
// Convert to DTO
userDTO := convertUserToDTO(user)
utils.SuccessResponse(c, http.StatusCreated, userDTO)
utils.HandleCreate(c, createUserWrapper, convertUserToDTO, "user")
}
// UpdateUser handles PUT /users/:id
@@ -145,43 +113,7 @@ func (h *UserHandler) CreateUser(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /users/{id} [put]
func (h *UserHandler) UpdateUser(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid user ID format")
return
}
// Parse request body
var userUpdateDTO dto.UserUpdateDto
if err := c.ShouldBindJSON(&userUpdateDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Set ID from URL
userUpdateDTO.ID = id.String()
// Convert DTO to model
userUpdate := convertUpdateDTOToModel(userUpdateDTO)
// Update user in the database
user, err := models.UpdateUser(c.Request.Context(), userUpdate)
if err != nil {
utils.InternalErrorResponse(c, "Error updating user: "+err.Error())
return
}
if user == nil {
utils.NotFoundResponse(c, "User not found")
return
}
// Convert to DTO
userDTO := convertUserToDTO(user)
utils.SuccessResponse(c, http.StatusOK, userDTO)
utils.HandleUpdate(c, models.UpdateUser, convertUserToDTO, prepareUserUpdate, "user")
}
// DeleteUser handles DELETE /users/:id
@@ -199,22 +131,7 @@ func (h *UserHandler) UpdateUser(c *gin.Context) {
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /users/{id} [delete]
func (h *UserHandler) DeleteUser(c *gin.Context) {
// Parse ID from URL
idStr := c.Param("id")
id, err := ulid.Parse(idStr)
if err != nil {
utils.BadRequestResponse(c, "Invalid user ID format")
return
}
// Delete user from the database
err = models.DeleteUser(c.Request.Context(), id)
if err != nil {
utils.InternalErrorResponse(c, "Error deleting user: "+err.Error())
return
}
utils.SuccessResponse(c, http.StatusNoContent, nil)
utils.HandleDelete(c, models.DeleteUser, "user")
}
// Login handles POST /auth/login
@@ -234,21 +151,21 @@ func (h *UserHandler) Login(c *gin.Context) {
// Parse request body
var loginDTO dto.LoginDto
if err := c.ShouldBindJSON(&loginDTO); err != nil {
utils.BadRequestResponse(c, "Invalid request body: "+err.Error())
responses.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Authenticate user
user, err := models.AuthenticateUser(c.Request.Context(), loginDTO.Email, loginDTO.Password)
if err != nil {
utils.UnauthorizedResponse(c, "Invalid login credentials")
responses.UnauthorizedResponse(c, "Invalid login credentials")
return
}
// Generate JWT token
token, err := middleware.GenerateToken(user)
token, err := middleware.GenerateToken(user, c)
if err != nil {
utils.InternalErrorResponse(c, "Error generating token: "+err.Error())
responses.InternalErrorResponse(c, "Error generating token: "+err.Error())
return
}
@@ -258,7 +175,53 @@ func (h *UserHandler) Login(c *gin.Context) {
User: convertUserToDTO(user),
}
utils.SuccessResponse(c, http.StatusOK, tokenDTO)
responses.SuccessResponse(c, http.StatusOK, tokenDTO)
}
// Register handles POST /auth/register
//
// @Summary Register
// @Description Register a new user and get a JWT token
// @Tags auth
// @Accept json
// @Produce json
// @Param user body dto.UserCreateDto true "User data"
// @Success 201 {object} utils.Response{data=dto.TokenDto}
// @Failure 400 {object} utils.Response{error=utils.ErrorInfo}
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /auth/register [post]
func (h *UserHandler) Register(c *gin.Context) {
// Parse request body
var userCreateDTO dto.UserCreateDto
if err := c.ShouldBindJSON(&userCreateDTO); err != nil {
responses.BadRequestResponse(c, "Invalid request body: "+err.Error())
return
}
// Convert DTO to model
userCreate := convertCreateDTOToModel(userCreateDTO)
// Create user in the database
user, err := models.CreateUser(c.Request.Context(), userCreate)
if err != nil {
responses.InternalErrorResponse(c, "Error creating user: "+err.Error())
return
}
// Generate JWT token
token, err := middleware.GenerateToken(user, c)
if err != nil {
responses.InternalErrorResponse(c, "Error generating token: "+err.Error())
return
}
// Return token
tokenDTO := dto.TokenDto{
Token: token,
User: convertUserToDTO(user),
}
responses.SuccessResponse(c, http.StatusCreated, tokenDTO)
}
// GetCurrentUser handles GET /auth/me
@@ -277,45 +240,105 @@ func (h *UserHandler) GetCurrentUser(c *gin.Context) {
// Get user ID from context (set by AuthMiddleware)
userID, err := middleware.GetUserIDFromContext(c)
if err != nil {
utils.UnauthorizedResponse(c, "User not authenticated")
responses.UnauthorizedResponse(c, "User not authenticated")
return
}
// Get user from the database
user, err := models.GetUserByID(c.Request.Context(), userID)
if err != nil {
utils.InternalErrorResponse(c, "Error retrieving user: "+err.Error())
responses.InternalErrorResponse(c, "Error retrieving user: "+err.Error())
return
}
if user == nil {
utils.NotFoundResponse(c, "User not found")
responses.NotFoundResponse(c, "User not found")
return
}
// Convert to DTO
userDTO := convertUserToDTO(user)
utils.SuccessResponse(c, http.StatusOK, userDTO)
responses.SuccessResponse(c, http.StatusOK, userDTO)
}
// Helper functions for DTO conversion
func convertUserToDTO(user *models.User) dto.UserDto {
var companyID *string
if user.CompanyID != nil {
s := user.CompanyID.String()
companyID = &s
}
return dto.UserDto{
ID: user.ID.String(),
CreatedAt: user.CreatedAt,
UpdatedAt: user.UpdatedAt,
Email: user.Email,
Role: user.Role,
CompanyID: int(user.CompanyID.Time()), // This is a simplification, adjust as needed
CompanyID: companyID,
HourlyRate: user.HourlyRate,
}
}
// prepareUserUpdate prepares the user update object by parsing the ID, binding the JSON, and converting the DTO to a model
func prepareUserUpdate(c *gin.Context) (models.UserUpdate, error) {
// Parse ID from URL
idStr := c.Param("id")
id, err := types.ULIDFromString(idStr)
if err != nil {
responses.BadRequestResponse(c, "Invalid user ID format")
return models.UserUpdate{}, err
}
// Parse request body
var userUpdateDTO dto.UserUpdateDto
if err := utils.BindJSON(c, &userUpdateDTO); err != nil {
responses.BadRequestResponse(c, err.Error())
return models.UserUpdate{}, err
}
// Convert DTO to Model
update := models.UserUpdate{
ID: id,
}
if userUpdateDTO.Email != nil {
update.Email = userUpdateDTO.Email
}
if userUpdateDTO.Password != nil {
update.Password = userUpdateDTO.Password
}
if userUpdateDTO.Role != nil {
update.Role = userUpdateDTO.Role
}
if userUpdateDTO.CompanyID.Valid {
if userUpdateDTO.CompanyID.Value != nil {
companyID, err := types.ULIDFromString(*userUpdateDTO.CompanyID.Value)
if err != nil {
responses.BadRequestResponse(c, "Invalid company ID format")
return models.UserUpdate{}, err
}
update.CompanyID = types.NewNullable(companyID)
} else {
update.CompanyID = types.Null[types.ULID]()
}
}
if userUpdateDTO.HourlyRate != nil {
update.HourlyRate = userUpdateDTO.HourlyRate
}
return update, nil
}
func convertCreateDTOToModel(dto dto.UserCreateDto) models.UserCreate {
// Convert CompanyID from int to ULID (this is a simplification, adjust as needed)
companyID, _ := ulid.Parse("01H1VECTJQXS1RVWJT6QG3QJCJ")
var companyID *types.ULID
if dto.CompanyID != nil {
wrapper, _ := types.ULIDFromString(*dto.CompanyID) // Ignoring error, validation happens in the model
companyID = &wrapper
}
return models.UserCreate{
Email: dto.Email,
@@ -326,33 +349,11 @@ func convertCreateDTOToModel(dto dto.UserCreateDto) models.UserCreate {
}
}
func convertUpdateDTOToModel(dto dto.UserUpdateDto) models.UserUpdate {
id, _ := ulid.Parse(dto.ID)
update := models.UserUpdate{
ID: id,
}
// createUserWrapper is a wrapper function for models.CreateUser that takes a DTO as input
func createUserWrapper(ctx context.Context, createDTO dto.UserCreateDto) (*models.User, error) {
// Convert DTO to model
userCreate := convertCreateDTOToModel(createDTO)
if dto.Email != nil {
update.Email = dto.Email
}
if dto.Password != nil {
update.Password = dto.Password
}
if dto.Role != nil {
update.Role = dto.Role
}
if dto.CompanyID != nil {
// Convert CompanyID from int to ULID (this is a simplification, adjust as needed)
companyID, _ := ulid.Parse("01H1VECTJQXS1RVWJT6QG3QJCJ")
update.CompanyID = &companyID
}
if dto.HourlyRate != nil {
update.HourlyRate = dto.HourlyRate
}
return update
// Call the original function
return models.CreateUser(ctx, userCreate)
}
backend/internal/api/middleware/api_key_middleware.go
+35
View File
@@ -0,0 +1,35 @@
package middleware
import (
"github.com/gin-gonic/gin"
"github.com/timetracker/backend/internal/api/responses"
"github.com/timetracker/backend/internal/config"
)
// APIKeyMiddleware checks for a valid API key if configured
func APIKeyMiddleware(cfg *config.Config) gin.HandlerFunc {
return func(c *gin.Context) {
// Skip if no API key is configured
if cfg.APIKey == "" {
c.Next()
return
}
// Get API key from header
apiKey := c.GetHeader("X-API-Key")
if apiKey == "" {
responses.UnauthorizedResponse(c, "API key is required")
c.Abort()
return
}
// Validate API key
if apiKey != cfg.APIKey {
responses.UnauthorizedResponse(c, "Invalid API key")
c.Abort()
return
}
c.Next()
}
}
backend/internal/api/middleware/auth.go
-198
View File
@@ -1,198 +0,0 @@
package middleware
import (
"errors"
"strings"
"time"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/api/utils"
"github.com/timetracker/backend/internal/models"
)
// JWT configuration
const (
// This should be moved to environment variables in production
jwtSecret = "your-secret-key-change-in-production"
tokenDuration = 24 * time.Hour
)
// Claims represents the JWT claims
type Claims struct {
UserID string `json:"userId"`
Email string `json:"email"`
Role string `json:"role"`
CompanyID string `json:"companyId"`
jwt.RegisteredClaims
}
// AuthMiddleware checks if the user is authenticated
func AuthMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
// Get the Authorization header
authHeader := c.GetHeader("Authorization")
if authHeader == "" {
utils.UnauthorizedResponse(c, "Authorization header is required")
c.Abort()
return
}
// Check if the header has the Bearer prefix
parts := strings.Split(authHeader, " ")
if len(parts) != 2 || parts[0] != "Bearer" {
utils.UnauthorizedResponse(c, "Invalid authorization format, expected 'Bearer TOKEN'")
c.Abort()
return
}
tokenString := parts[1]
claims, err := validateToken(tokenString)
if err != nil {
utils.UnauthorizedResponse(c, "Invalid or expired token")
c.Abort()
return
}
// Store user information in the context
c.Set("userID", claims.UserID)
c.Set("email", claims.Email)
c.Set("role", claims.Role)
c.Set("companyID", claims.CompanyID)
c.Next()
}
}
// RoleMiddleware checks if the user has the required role
func RoleMiddleware(roles ...string) gin.HandlerFunc {
return func(c *gin.Context) {
userRole, exists := c.Get("role")
if !exists {
utils.UnauthorizedResponse(c, "User role not found in context")
c.Abort()
return
}
// Check if the user's role is in the allowed roles
roleStr, ok := userRole.(string)
if !ok {
utils.InternalErrorResponse(c, "Invalid role type in context")
c.Abort()
return
}
allowed := false
for _, role := range roles {
if roleStr == role {
allowed = true
break
}
}
if !allowed {
utils.ForbiddenResponse(c, "Insufficient permissions")
c.Abort()
return
}
c.Next()
}
}
// GenerateToken creates a new JWT token for a user
func GenerateToken(user *models.User) (string, error) {
// Create the claims
claims := Claims{
UserID: user.ID.String(),
Email: user.Email,
Role: user.Role,
CompanyID: user.CompanyID.String(),
RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(time.Now().Add(tokenDuration)),
IssuedAt: jwt.NewNumericDate(time.Now()),
NotBefore: jwt.NewNumericDate(time.Now()),
},
}
// Create the token
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
// Sign the token
tokenString, err := token.SignedString([]byte(jwtSecret))
if err != nil {
return "", err
}
return tokenString, nil
}
// validateToken validates a JWT token and returns the claims
func validateToken(tokenString string) (*Claims, error) {
// Parse the token
token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (interface{}, error) {
// Validate the signing method
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, errors.New("unexpected signing method")
}
return []byte(jwtSecret), nil
})
if err != nil {
return nil, err
}
// Check if the token is valid
if !token.Valid {
return nil, errors.New("invalid token")
}
// Get the claims
claims, ok := token.Claims.(*Claims)
if !ok {
return nil, errors.New("invalid claims")
}
return claims, nil
}
// GetUserIDFromContext extracts the user ID from the context
func GetUserIDFromContext(c *gin.Context) (ulid.ULID, error) {
userID, exists := c.Get("userID")
if !exists {
return ulid.ULID{}, errors.New("user ID not found in context")
}
userIDStr, ok := userID.(string)
if !ok {
return ulid.ULID{}, errors.New("invalid user ID type in context")
}
id, err := ulid.Parse(userIDStr)
if err != nil {
return ulid.ULID{}, err
}
return id, nil
}
// GetCompanyIDFromContext extracts the company ID from the context
func GetCompanyIDFromContext(c *gin.Context) (ulid.ULID, error) {
companyID, exists := c.Get("companyID")
if !exists {
return ulid.ULID{}, errors.New("company ID not found in context")
}
companyIDStr, ok := companyID.(string)
if !ok {
return ulid.ULID{}, errors.New("invalid company ID type in context")
}
id, err := ulid.Parse(companyIDStr)
if err != nil {
return ulid.ULID{}, err
}
return id, nil
}
backend/internal/api/middleware/jwt_auth.go
+364
View File
@@ -0,0 +1,364 @@
package middleware
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"errors"
"fmt"
"os"
"path/filepath"
"time"
"github.com/gin-gonic/gin"
"github.com/golang-jwt/jwt/v5"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/api/responses"
"github.com/timetracker/backend/internal/config"
"github.com/timetracker/backend/internal/models"
"github.com/timetracker/backend/internal/types"
)
var (
signKey *rsa.PrivateKey
verifyKey *rsa.PublicKey
)
// InitJWTKeys initializes the JWT keys
func InitJWTKeys() error {
cfg := config.MustLoadConfig()
// If a secret is provided, we'll use HMAC-SHA256, so no need for certificates
if cfg.JWTConfig.Secret != "" {
println("Using HMAC-SHA256 for JWT")
return nil
}
// Check if keys exist
privKeyPath := filepath.Join(cfg.JWTConfig.KeyDir, cfg.JWTConfig.PrivKeyFile)
pubKeyPath := filepath.Join(cfg.JWTConfig.KeyDir, cfg.JWTConfig.PubKeyFile)
keysExist := fileExists(privKeyPath) && fileExists(pubKeyPath)
// Generate keys if they don't exist and KeyGenerate is true
if !keysExist && cfg.JWTConfig.KeyGenerate {
println("Generating RSA keys")
if err := generateRSAKeys(cfg.JWTConfig); err != nil {
return fmt.Errorf("failed to generate RSA keys: %w", err)
}
} else if !keysExist {
return errors.New("JWT keys not found and key generation is disabled")
}
// Load keys
var err error
signKey, err = loadPrivateKey(privKeyPath)
if err != nil {
return fmt.Errorf("failed to load private key: %w", err)
}
verifyKey, err = loadPublicKey(pubKeyPath)
if err != nil {
return fmt.Errorf("failed to load public key: %w", err)
}
return nil
}
// fileExists checks if a file exists
func fileExists(path string) bool {
_, err := os.Stat(path)
return !os.IsNotExist(err)
}
// generateRSAKeys generates RSA keys and saves them to disk
func generateRSAKeys(cfg config.JWTConfig) error {
// Create key directory if it doesn't exist
if err := os.MkdirAll(cfg.KeyDir, 0700); err != nil {
return fmt.Errorf("failed to create key directory: %w", err)
}
// Generate private key
privateKey, err := rsa.GenerateKey(rand.Reader, cfg.KeyBits)
if err != nil {
return fmt.Errorf("failed to generate private key: %w", err)
}
// Save private key
privKeyPath := filepath.Join(cfg.KeyDir, cfg.PrivKeyFile)
privKeyFile, err := os.OpenFile(privKeyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
return fmt.Errorf("failed to create private key file: %w", err)
}
defer privKeyFile.Close()
privKeyPEM := &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: x509.MarshalPKCS1PrivateKey(privateKey),
}
if err := pem.Encode(privKeyFile, privKeyPEM); err != nil {
return fmt.Errorf("failed to encode private key: %w", err)
}
// Save public key
pubKeyPath := filepath.Join(cfg.KeyDir, cfg.PubKeyFile)
pubKeyFile, err := os.OpenFile(pubKeyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644)
if err != nil {
return fmt.Errorf("failed to create public key file: %w", err)
}
defer pubKeyFile.Close()
pubKeyPEM := &pem.Block{
Type: "RSA PUBLIC KEY",
Bytes: x509.MarshalPKCS1PublicKey(&privateKey.PublicKey),
}
if err := pem.Encode(pubKeyFile, pubKeyPEM); err != nil {
return fmt.Errorf("failed to encode public key: %w", err)
}
return nil
}
// loadPrivateKey loads a private key from a file
func loadPrivateKey(path string) (*rsa.PrivateKey, error) {
keyData, err := os.ReadFile(path)
if err != nil {
return nil, fmt.Errorf("failed to read private key file: %w", err)
}
block, _ := pem.Decode(keyData)
if block == nil {
return nil, errors.New("failed to parse PEM block containing the private key")
}
privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return nil, fmt.Errorf("failed to parse private key: %w", err)
}
return privateKey, nil
}
// loadPublicKey loads a public key from a file
func loadPublicKey(path string) (*rsa.PublicKey, error) {
keyData, err := os.ReadFile(path)
if err != nil {
return nil, fmt.Errorf("failed to read public key file: %w", err)
}
block, _ := pem.Decode(keyData)
if block == nil {
return nil, errors.New("failed to parse PEM block containing the public key")
}
publicKey, err := x509.ParsePKCS1PublicKey(block.Bytes)
if err != nil {
return nil, fmt.Errorf("failed to parse public key: %w", err)
}
return publicKey, nil
}
// Claims represents the JWT claims
type Claims struct {
UserID string `json:"userId"`
Email string `json:"email"`
Role string `json:"role"`
CompanyID *string `json:"companyId"`
jwt.RegisteredClaims
}
// AuthMiddleware checks if the user is authenticated
func AuthMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
// Get the token from cookie
tokenString, err := c.Cookie("jwt")
if err != nil {
responses.UnauthorizedResponse(c, "Authentication cookie is required")
c.Abort()
return
}
claims, err := validateToken(tokenString)
if err != nil {
responses.UnauthorizedResponse(c, "Invalid or expired token")
c.Abort()
return
}
// Store user information in the context
c.Set("userID", claims.UserID)
c.Set("email", claims.Email)
c.Set("role", claims.Role)
c.Set("companyID", claims.CompanyID)
c.Next()
}
}
// RoleMiddleware checks if the user has the required role
func RoleMiddleware(roles ...string) gin.HandlerFunc {
return func(c *gin.Context) {
userRole, exists := c.Get("role")
if !exists {
responses.UnauthorizedResponse(c, "User role not found in context")
c.Abort()
return
}
// Check if the user's role is in the allowed roles
roleStr, ok := userRole.(string)
if !ok {
responses.InternalErrorResponse(c, "Invalid role type in context")
c.Abort()
return
}
allowed := false
for _, role := range roles {
if roleStr == role {
allowed = true
break
}
}
if !allowed {
responses.ForbiddenResponse(c, "Insufficient permissions")
c.Abort()
return
}
c.Next()
}
}
// GenerateToken creates a new JWT token for a user
func GenerateToken(user *models.User, c *gin.Context) (string, error) {
// Create the claims
var companyId *string
if user.CompanyID != nil {
wrapper := user.CompanyID.String()
companyId = &wrapper
}
claims := Claims{
UserID: user.ID.String(),
Email: user.Email,
Role: user.Role,
CompanyID: companyId,
RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(time.Now().Add(config.MustLoadConfig().JWTConfig.TokenDuration)),
IssuedAt: jwt.NewNumericDate(time.Now()),
NotBefore: jwt.NewNumericDate(time.Now()),
},
}
cfg := config.MustLoadConfig()
var token *jwt.Token
var tokenString string
var err error
// Choose signing method based on configuration
if cfg.JWTConfig.Secret != "" {
// Use HMAC-SHA256 if a secret is provided
token = jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
tokenString, err = token.SignedString([]byte(cfg.JWTConfig.Secret))
} else {
// Use RSA if no secret is provided
token = jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
tokenString, err = token.SignedString(signKey)
}
if err != nil {
return "", err
}
// Set the cookie
c.SetCookie("jwt", tokenString, int(cfg.JWTConfig.TokenDuration.Seconds()), "/", "", true, true)
return tokenString, nil
}
// validateToken validates a JWT token and returns the claims
func validateToken(tokenString string) (*Claims, error) {
cfg := config.MustLoadConfig()
// Parse the token
token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (any, error) {
// Check which signing method was used
if _, ok := token.Method.(*jwt.SigningMethodHMAC); ok {
// HMAC method was used, validate with secret
if cfg.JWTConfig.Secret == "" {
return nil, errors.New("HMAC signing method used but no secret configured")
}
return []byte(cfg.JWTConfig.Secret), nil
} else if _, ok := token.Method.(*jwt.SigningMethodRSA); ok {
// RSA method was used, validate with public key
if verifyKey == nil {
return nil, errors.New("RSA signing method used but no public key loaded")
}
return verifyKey, nil
}
return nil, errors.New("unexpected signing method")
})
if err != nil {
return nil, err
}
// Check if the token is valid
if !token.Valid {
return nil, errors.New("invalid token")
}
// Get the claims
claims, ok := token.Claims.(*Claims)
if !ok {
return nil, errors.New("invalid claims")
}
return claims, nil
}
// GetUserIDFromContext extracts the user ID from the context
func GetUserIDFromContext(c *gin.Context) (types.ULID, error) {
userID, exists := c.Get("userID")
if !exists {
return types.ULID{}, errors.New("user ID not found in context")
}
userIDStr, ok := userID.(string)
if !ok {
return types.ULID{}, errors.New("invalid user ID type in context")
}
id, err := ulid.Parse(userIDStr)
if err != nil {
return types.ULID{}, err
}
return types.FromULID(id), nil
}
// GetCompanyIDFromContext extracts the company ID from the context
func GetCompanyIDFromContext(c *gin.Context) (types.ULID, error) {
companyID, exists := c.Get("companyID")
if !exists {
return types.ULID{}, errors.New("company ID not found in context")
}
companyIDStr, ok := companyID.(string)
if !ok {
return types.ULID{}, errors.New("invalid company ID type in context")
}
id, err := ulid.Parse(companyIDStr)
if err != nil {
return types.ULID{}, err
}
return types.FromULID(id), nil
}
backend/internal/api/utils/response.go → backend/internal/api/responses/response.go
+1 -1
View File
@@ -1,4 +1,4 @@
package utils
package responses
import (
"net/http"
backend/internal/api/routes/router.go
+25 -14
View File
@@ -4,11 +4,14 @@ import (
"github.com/gin-gonic/gin"
"github.com/timetracker/backend/internal/api/handlers"
"github.com/timetracker/backend/internal/api/middleware"
"github.com/timetracker/backend/internal/config"
)
// SetupRouter configures all the routes for the API
func SetupRouter(r *gin.Engine) {
func SetupRouter(r *gin.Engine, cfg *config.Config) {
// Create handlers
// Apply API key middleware to all API routes
r.Use(middleware.APIKeyMiddleware(cfg))
userHandler := handlers.NewUserHandler()
activityHandler := handlers.NewActivityHandler()
companyHandler := handlers.NewCompanyHandler()
@@ -16,21 +19,28 @@ func SetupRouter(r *gin.Engine) {
projectHandler := handlers.NewProjectHandler()
timeEntryHandler := handlers.NewTimeEntryHandler()
// Public routes
r.POST("/auth/login", userHandler.Login)
// API routes (protected)
// API routes
api := r.Group("/api")
api.Use(middleware.AuthMiddleware())
{
// Auth routes
// Auth routes (public)
auth := api.Group("/auth")
{
auth.GET("/me", userHandler.GetCurrentUser)
auth.POST("/login", userHandler.Login)
auth.POST("/register", userHandler.Register)
}
// Protected routes
protected := api.Group("")
protected.Use(middleware.AuthMiddleware())
{
// Auth routes (protected)
protectedAuth := protected.Group("/auth")
{
protectedAuth.GET("/me", userHandler.GetCurrentUser)
}
// User routes
users := api.Group("/users")
users := protected.Group("/users")
{
users.GET("", userHandler.GetUsers)
users.GET("/:id", userHandler.GetUserByID)
@@ -40,7 +50,7 @@ func SetupRouter(r *gin.Engine) {
}
// Activity routes
activities := api.Group("/activities")
activities := protected.Group("/activities")
{
activities.GET("", activityHandler.GetActivities)
activities.GET("/:id", activityHandler.GetActivityByID)
@@ -50,7 +60,7 @@ func SetupRouter(r *gin.Engine) {
}
// Company routes
companies := api.Group("/companies")
companies := protected.Group("/companies")
{
companies.GET("", companyHandler.GetCompanies)
companies.GET("/:id", companyHandler.GetCompanyByID)
@@ -60,7 +70,7 @@ func SetupRouter(r *gin.Engine) {
}
// Customer routes
customers := api.Group("/customers")
customers := protected.Group("/customers")
{
customers.GET("", customerHandler.GetCustomers)
customers.GET("/:id", customerHandler.GetCustomerByID)
@@ -71,7 +81,7 @@ func SetupRouter(r *gin.Engine) {
}
// Project routes
projects := api.Group("/projects")
projects := protected.Group("/projects")
{
projects.GET("", projectHandler.GetProjects)
projects.GET("/with-customers", projectHandler.GetProjectsWithCustomers)
@@ -83,7 +93,7 @@ func SetupRouter(r *gin.Engine) {
}
// Time Entry routes
timeEntries := api.Group("/time-entries")
timeEntries := protected.Group("/time-entries")
{
timeEntries.GET("", timeEntryHandler.GetTimeEntries)
timeEntries.GET("/me", timeEntryHandler.GetMyTimeEntries)
@@ -96,4 +106,5 @@ func SetupRouter(r *gin.Engine) {
timeEntries.DELETE("/:id", timeEntryHandler.DeleteTimeEntry)
}
}
}
}
backend/internal/api/utils/handler_utils.go
+286
View File
@@ -0,0 +1,286 @@
package utils
import (
"context"
"fmt"
"net/http"
"time"
"github.com/gin-gonic/gin"
"github.com/timetracker/backend/internal/api/responses"
"github.com/timetracker/backend/internal/types"
)
// ParseID parses an ID from the URL parameter and converts it to a types.ULID
func ParseID(c *gin.Context, paramName string) (types.ULID, error) {
idStr := c.Param(paramName)
return types.ULIDFromString(idStr)
}
// BindJSON binds the request body to the provided struct
func BindJSON(c *gin.Context, obj interface{}) error {
if err := c.ShouldBindJSON(obj); err != nil {
return fmt.Errorf("invalid request body: %w", err)
}
return nil
}
// ConvertToDTO converts a slice of models to a slice of DTOs using the provided conversion function
func ConvertToDTO[M any, D any](models []M, convertFn func(*M) D) []D {
dtos := make([]D, len(models))
for i, model := range models {
// Create a copy of the model to avoid issues with loop variable capture
modelCopy := model
dtos[i] = convertFn(&modelCopy)
}
return dtos
}
// HandleGetAll is a generic function to handle GET all entities endpoints
func HandleGetAll[M any, D any](
c *gin.Context,
getAllFn func(ctx context.Context) ([]M, error),
convertFn func(*M) D,
entityName string,
) {
// Get entities from the database
entities, err := getAllFn(c.Request.Context())
if err != nil {
responses.InternalErrorResponse(c, fmt.Sprintf("Error retrieving %s: %s", entityName, err.Error()))
return
}
// Convert to DTOs
dtos := ConvertToDTO(entities, convertFn)
responses.SuccessResponse(c, 200, dtos)
}
// HandleGetByID is a generic function to handle GET entity by ID endpoints
func HandleGetByID[M any, D any](
c *gin.Context,
getByIDFn func(ctx context.Context, id types.ULID) (*M, error),
convertFn func(*M) D,
entityName string,
) {
// Parse ID from URL
id, err := ParseID(c, "id")
if err != nil {
responses.BadRequestResponse(c, fmt.Sprintf("Invalid %s ID format", entityName))
return
}
// Get entity from the database
entity, err := getByIDFn(c.Request.Context(), id)
if err != nil {
responses.InternalErrorResponse(c, fmt.Sprintf("Error retrieving %s: %s", entityName, err.Error()))
return
}
if entity == nil {
responses.NotFoundResponse(c, fmt.Sprintf("%s not found", entityName))
return
}
// Convert to DTO
dto := convertFn(entity)
responses.SuccessResponse(c, 200, dto)
}
// HandleCreate is a generic function to handle POST entity endpoints
func HandleCreate[C any, M any, D any](
c *gin.Context,
createFn func(ctx context.Context, create C) (*M, error),
convertFn func(*M) D,
entityName string,
) {
// Parse request body
var createDTO C
if err := BindJSON(c, &createDTO); err != nil {
responses.BadRequestResponse(c, err.Error())
return
}
// Create entity in the database
entity, err := createFn(c.Request.Context(), createDTO)
if err != nil {
responses.InternalErrorResponse(c, fmt.Sprintf("Error creating %s: %s", entityName, err.Error()))
return
}
// Convert to DTO
dto := convertFn(entity)
responses.SuccessResponse(c, 201, dto)
}
// HandleDelete is a generic function to handle DELETE entity endpoints
func HandleDelete(
c *gin.Context,
deleteFn func(ctx context.Context, id types.ULID) error,
entityName string,
) {
// Parse ID from URL
id, err := ParseID(c, "id")
if err != nil {
responses.BadRequestResponse(c, fmt.Sprintf("Invalid %s ID format", entityName))
return
}
// Delete entity from the database
err = deleteFn(c.Request.Context(), id)
if err != nil {
responses.InternalErrorResponse(c, fmt.Sprintf("Error deleting %s: %s", entityName, err.Error()))
return
}
responses.SuccessResponse(c, 204, nil)
}
// HandleUpdate is a generic function to handle PUT entity endpoints
// It takes a prepareUpdateFn that handles parsing the ID, binding the JSON, and converting the DTO to a model update object
func HandleUpdate[U any, M any, D any](
c *gin.Context,
updateFn func(ctx context.Context, update U) (*M, error),
convertFn func(*M) D,
prepareUpdateFn func(*gin.Context) (U, error),
entityName string,
) {
// Prepare the update object (parse ID, bind JSON, convert DTO to model)
update, err := prepareUpdateFn(c)
if err != nil {
// The prepareUpdateFn should handle setting the appropriate error response
return
}
// Update entity in the database
entity, err := updateFn(c.Request.Context(), update)
if err != nil {
responses.InternalErrorResponse(c, fmt.Sprintf("Error updating %s: %s", entityName, err.Error()))
return
}
if entity == nil {
responses.NotFoundResponse(c, fmt.Sprintf("%s not found", entityName))
return
}
// Convert to DTO
dto := convertFn(entity)
responses.SuccessResponse(c, http.StatusOK, dto)
}
// HandleGetByFilter is a generic function to handle GET entities by a filter parameter
func HandleGetByFilter[M any, D any](
c *gin.Context,
getByFilterFn func(ctx context.Context, filterID types.ULID) ([]M, error),
convertFn func(*M) D,
entityName string,
paramName string,
) {
// Parse filter ID from URL
filterID, err := ParseID(c, paramName)
if err != nil {
responses.BadRequestResponse(c, fmt.Sprintf("Invalid %s ID format", paramName))
return
}
// Get entities from the database
entities, err := getByFilterFn(c.Request.Context(), filterID)
if err != nil {
responses.InternalErrorResponse(c, fmt.Sprintf("Error retrieving %s: %s", entityName, err.Error()))
return
}
// Convert to DTOs
dtos := ConvertToDTO(entities, convertFn)
responses.SuccessResponse(c, http.StatusOK, dtos)
}
// HandleGetByUserID is a specialized function to handle GET entities by user ID
func HandleGetByUserID[M any, D any](
c *gin.Context,
getByUserIDFn func(ctx context.Context, userID types.ULID) ([]M, error),
convertFn func(*M) D,
entityName string,
) {
// Get user ID from context (set by AuthMiddleware)
userID, exists := c.Get("userID")
if !exists {
responses.UnauthorizedResponse(c, "User not authenticated")
return
}
userIDStr, ok := userID.(string)
if !ok {
responses.InternalErrorResponse(c, "Invalid user ID type in context")
return
}
parsedUserID, err := types.ULIDFromString(userIDStr)
if err != nil {
responses.InternalErrorResponse(c, fmt.Sprintf("Error parsing user ID: %s", err.Error()))
return
}
// Get entities from the database
entities, err := getByUserIDFn(c.Request.Context(), parsedUserID)
if err != nil {
responses.InternalErrorResponse(c, fmt.Sprintf("Error retrieving %s: %s", entityName, err.Error()))
return
}
// Convert to DTOs
dtos := ConvertToDTO(entities, convertFn)
responses.SuccessResponse(c, http.StatusOK, dtos)
}
// HandleGetByDateRange is a specialized function to handle GET entities by date range
func HandleGetByDateRange[M any, D any](
c *gin.Context,
getByDateRangeFn func(ctx context.Context, start, end time.Time) ([]M, error),
convertFn func(*M) D,
entityName string,
) {
// Parse date range from query parameters
startStr := c.Query("start")
endStr := c.Query("end")
if startStr == "" || endStr == "" {
responses.BadRequestResponse(c, "Start and end dates are required")
return
}
start, err := time.Parse(time.RFC3339, startStr)
if err != nil {
responses.BadRequestResponse(c, "Invalid start date format. Use ISO 8601 format (e.g., 2023-01-01T00:00:00Z)")
return
}
end, err := time.Parse(time.RFC3339, endStr)
if err != nil {
responses.BadRequestResponse(c, "Invalid end date format. Use ISO 8601 format (e.g., 2023-01-01T00:00:00Z)")
return
}
if end.Before(start) {
responses.BadRequestResponse(c, "End date cannot be before start date")
return
}
// Get entities from the database
entities, err := getByDateRangeFn(c.Request.Context(), start, end)
if err != nil {
responses.InternalErrorResponse(c, fmt.Sprintf("Error retrieving %s: %s", entityName, err.Error()))
return
}
// Convert to DTOs
dtos := ConvertToDTO(entities, convertFn)
responses.SuccessResponse(c, http.StatusOK, dtos)
}
backend/internal/api/utils/swagger.go
-19
View File
@@ -1,19 +0,0 @@
package utils
import (
dto "github.com/timetracker/backend/internal/dtos"
)
// This file contains type definitions for Swagger documentation
// LoginRequest is a Swagger representation of LoginDto
type LoginRequest struct {
Email string `json:"email" example:"user@example.com"`
Password string `json:"password" example:"SecurePassword123!"`
}
// TokenResponse is a Swagger representation of TokenDto
type TokenResponse struct {
Token string `json:"token" example:"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."`
User dto.UserDto `json:"user"`
}
backend/internal/config/config.go
+171
View File
@@ -0,0 +1,171 @@
package config
import (
"errors"
"fmt"
"log"
"os"
"strconv"
"time"
"github.com/joho/godotenv"
"gorm.io/gorm/logger"
)
// DatabaseConfig contains the configuration data for the database connection
type DatabaseConfig struct {
Host string
Port int
User string
Password string
DBName string
SSLMode string
MaxIdleConns int // Maximum number of idle connections
MaxOpenConns int // Maximum number of open connections
MaxLifetime time.Duration // Maximum lifetime of a connection
LogLevel logger.LogLevel
}
// DefaultDatabaseConfig returns a default configuration with sensible values
func DefaultDatabaseConfig() DatabaseConfig {
return DatabaseConfig{
Host: "localhost",
Port: 5432,
User: "timetracker",
Password: "password",
DBName: "timetracker",
SSLMode: "disable",
MaxIdleConns: 10,
MaxOpenConns: 100,
MaxLifetime: time.Hour,
LogLevel: logger.Info,
}
}
// JWTConfig represents the configuration for JWT authentication
type JWTConfig struct {
Secret string
TokenDuration time.Duration
KeyGenerate bool
KeyDir string
PrivKeyFile string
PubKeyFile string
KeyBits int
}
// Config represents the application configuration
type Config struct {
Database DatabaseConfig
JWTConfig JWTConfig
APIKey string
}
// LoadConfig loads configuration from environment variables and .env file
func LoadConfig() (*Config, error) {
// Try loading .env file, but don't fail if it doesn't exist
_ = godotenv.Load()
cfg := &Config{
Database: DefaultDatabaseConfig(),
JWTConfig: JWTConfig{},
}
// Load database configuration
if err := loadDatabaseConfig(cfg); err != nil {
return nil, fmt.Errorf("failed to load database config: %w", err)
}
// Load JWT configuration
if err := loadJWTConfig(cfg); err != nil {
return nil, fmt.Errorf("failed to load JWT config: %w", err)
}
// Load API key
cfg.APIKey = getEnv("API_KEY", "")
return cfg, nil
}
// loadJWTConfig loads JWT configuration from environment
func loadJWTConfig(cfg *Config) error {
cfg.JWTConfig.Secret = getEnv("JWT_SECRET", "")
defaultDuration := 24 * time.Hour
durationStr := getEnv("JWT_TOKEN_DURATION", defaultDuration.String())
duration, err := time.ParseDuration(durationStr)
if err != nil {
return fmt.Errorf("invalid JWT_TOKEN_DURATION: %w", err)
}
cfg.JWTConfig.TokenDuration = duration
keyGenerateStr := getEnv("JWT_KEY_GENERATE", "true")
keyGenerate, err := strconv.ParseBool(keyGenerateStr)
if err != nil {
return fmt.Errorf("invalid JWT_KEY_GENERATE: %w", err)
}
cfg.JWTConfig.KeyGenerate = keyGenerate
cfg.JWTConfig.KeyDir = getEnv("JWT_KEY_DIR", "./keys")
cfg.JWTConfig.PrivKeyFile = getEnv("JWT_PRIV_KEY_FILE", "jwt.key")
cfg.JWTConfig.PubKeyFile = getEnv("JWT_PUB_KEY_FILE", "jwt.key.pub")
keyBitsStr := getEnv("JWT_KEY_BITS", "2048")
keyBits, err := strconv.Atoi(keyBitsStr)
if err != nil {
return fmt.Errorf("invalid JWT_KEY_BITS: %w", err)
}
cfg.JWTConfig.KeyBits = keyBits
return nil
}
// loadDatabaseConfig loads database configuration from environment
func loadDatabaseConfig(cfg *Config) error {
// Required fields
cfg.Database.Host = getEnv("DB_HOST", cfg.Database.Host)
cfg.Database.User = getEnv("DB_USER", cfg.Database.User)
cfg.Database.Password = getEnv("DB_PASSWORD", cfg.Database.Password)
cfg.Database.DBName = getEnv("DB_NAME", cfg.Database.DBName)
cfg.Database.SSLMode = getEnv("DB_SSLMODE", cfg.Database.SSLMode)
// Optional fields with parsing
if port := getEnv("DB_PORT", ""); port != "" {
portInt, err := strconv.Atoi(port)
if err != nil || portInt <= 0 {
return errors.New("invalid DB_PORT value")
}
cfg.Database.Port = portInt
}
// Log level based on environment
if os.Getenv("ENVIRONMENT") == "production" {
cfg.Database.LogLevel = logger.Error
} else {
cfg.Database.LogLevel = logger.Info
}
// Validate required fields
if cfg.Database.Host == "" || cfg.Database.User == "" ||
cfg.Database.Password == "" || cfg.Database.DBName == "" {
return errors.New("missing required database configuration")
}
return nil
}
// getEnv gets an environment variable with fallback
func getEnv(key, fallback string) string {
if value, exists := os.LookupEnv(key); exists {
return value
}
return fallback
}
// MustLoadConfig loads configuration or panics on failure
func MustLoadConfig() *Config {
cfg, err := LoadConfig()
if err != nil {
log.Fatalf("Failed to load config: %v", err)
}
return cfg
}
backend/internal/db/db.go
+126
View File
@@ -0,0 +1,126 @@
package db
import (
"context"
"errors"
"fmt"
"log"
"time"
"github.com/timetracker/backend/internal/config"
"gorm.io/driver/postgres"
"gorm.io/gorm"
"gorm.io/gorm/logger"
)
// Global variable for the DB connection
var db *gorm.DB
// ErrDBNotInitialized is returned when a database operation is attempted before initialization
var ErrDBNotInitialized = errors.New("database not initialized")
// InitDB initializes the database connection (once at startup)
// with the provided configuration
func InitDB(config config.DatabaseConfig) error {
// Create connection using the default database name
gormDB, err := createConnection(config, config.DBName)
if err != nil {
return err
}
// Set the global db instance
db = gormDB
// Configure connection pool
return configureConnectionPool(db, config)
}
// GetEngine returns the DB instance with context
func GetEngine(ctx context.Context) *gorm.DB {
if db == nil {
panic(ErrDBNotInitialized)
}
return db.WithContext(ctx)
}
// CloseDB closes the database connection
func CloseDB() error {
if db == nil {
return nil
}
sqlDB, err := db.DB()
if err != nil {
return fmt.Errorf("error getting database connection: %w", err)
}
if err := sqlDB.Close(); err != nil {
return fmt.Errorf("error closing database connection: %w", err)
}
return nil
}
// GetGormDB is used for special cases like database creation
func GetGormDB(dbConfig config.DatabaseConfig, dbName string) (*gorm.DB, error) {
return createConnection(dbConfig, dbName)
}
// MigrateDB performs database migrations for all models
// This is a placeholder that will be called by models.MigrateDB
func MigrateDB() error {
if db == nil {
return ErrDBNotInitialized
}
// The actual migration is implemented in models.MigrateDB
// This is just a placeholder to make the migrate/main.go file work
return errors.New("MigrateDB should be called from models package")
}
// createConnection creates a new database connection with the given configuration
func createConnection(dbConfig config.DatabaseConfig, dbName string) (*gorm.DB, error) {
// Create DSN (Data Source Name)
dsn := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=%s",
dbConfig.Host, dbConfig.Port, dbConfig.User, dbConfig.Password, dbName, dbConfig.SSLMode)
// Configure GORM logger
gormLogger := createGormLogger(dbConfig)
// Establish database connection with custom logger
gormDB, err := gorm.Open(postgres.Open(dsn), &gorm.Config{
Logger: gormLogger,
})
if err != nil {
return nil, fmt.Errorf("error connecting to the database: %w", err)
}
return gormDB, nil
}
// createGormLogger creates a configured GORM logger instance
func createGormLogger(dbConfig config.DatabaseConfig) logger.Interface {
return logger.New(
log.New(log.Writer(), "\r\n", log.LstdFlags), // io writer
logger.Config{
SlowThreshold: 200 * time.Millisecond, // Slow SQL threshold
LogLevel: dbConfig.LogLevel, // Log level
IgnoreRecordNotFoundError: true, // Ignore ErrRecordNotFound error for logger
Colorful: true, // Enable color
},
)
}
// configureConnectionPool sets up the connection pool parameters
func configureConnectionPool(db *gorm.DB, config config.DatabaseConfig) error {
sqlDB, err := db.DB()
if err != nil {
return fmt.Errorf("error getting database connection: %w", err)
}
// Set connection pool parameters
sqlDB.SetMaxIdleConns(config.MaxIdleConns)
sqlDB.SetMaxOpenConns(config.MaxOpenConns)
sqlDB.SetConnMaxLifetime(config.MaxLifetime)
return nil
}
backend/internal/dtos/activity_dto.go
-28
View File
@@ -1,28 +0,0 @@
package dto
import (
"time"
)
type ActivityDto struct {
ID string `json:"id"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
LastEditorID string `json:"lastEditorID"`
Name string `json:"name"`
BillingRate float64 `json:"billingRate"`
}
type ActivityCreateDto struct {
Name string `json:"name"`
BillingRate float64 `json:"billingRate"`
}
type ActivityUpdateDto struct {
ID string `json:"id"`
CreatedAt *time.Time `json:"createdAt"`
UpdatedAt *time.Time `json:"updatedAt"`
LastEditorID *string `json:"lastEditorID"`
Name *string `json:"name"`
BillingRate *float64 `json:"billingRate"`
}
backend/internal/dtos/auth_dto.go
-13
View File
@@ -1,13 +0,0 @@
package dto
// LoginDto represents the login request
type LoginDto struct {
Email string `json:"email"`
Password string `json:"password"`
}
// TokenDto represents the response after successful authentication
type TokenDto struct {
Token string `json:"token"`
User UserDto `json:"user"`
}
backend/internal/dtos/company_dto.go
-25
View File
@@ -1,25 +0,0 @@
package dto
import (
"time"
)
type CompanyDto struct {
ID string `json:"id"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
LastEditorID string `json:"lastEditorID"`
Name string `json:"name"`
}
type CompanyCreateDto struct {
Name string `json:"name"`
}
type CompanyUpdateDto struct {
ID string `json:"id"`
CreatedAt *time.Time `json:"createdAt"`
UpdatedAt *time.Time `json:"updatedAt"`
LastEditorID *string `json:"lastEditorID"`
Name *string `json:"name"`
}
backend/internal/dtos/customer_dto.go
-28
View File
@@ -1,28 +0,0 @@
package dto
import (
"time"
)
type CustomerDto struct {
ID string `json:"id"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
LastEditorID string `json:"lastEditorID"`
Name string `json:"name"`
CompanyID int `json:"companyId"`
}
type CustomerCreateDto struct {
Name string `json:"name"`
CompanyID int `json:"companyId"`
}
type CustomerUpdateDto struct {
ID string `json:"id"`
CreatedAt *time.Time `json:"createdAt"`
UpdatedAt *time.Time `json:"updatedAt"`
LastEditorID *string `json:"lastEditorID"`
Name *string `json:"name"`
CompanyID *int `json:"companyId"`
}
backend/internal/dtos/project_dto.go
-28
View File
@@ -1,28 +0,0 @@
package dto
import (
"time"
)
type ProjectDto struct {
ID string `json:"id"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
LastEditorID string `json:"lastEditorID"`
Name string `json:"name"`
CustomerID int `json:"customerId"`
}
type ProjectCreateDto struct {
Name string `json:"name"`
CustomerID int `json:"customerId"`
}
type ProjectUpdateDto struct {
ID string `json:"id"`
CreatedAt *time.Time `json:"createdAt"`
UpdatedAt *time.Time `json:"updatedAt"`
LastEditorID *string `json:"lastEditorID"`
Name *string `json:"name"`
CustomerID *int `json:"customerId"`
}
backend/internal/dtos/timeentry_dto.go
-43
View File
@@ -1,43 +0,0 @@
package dto
import (
"time"
)
type TimeEntryDto struct {
ID string `json:"id"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
LastEditorID string `json:"lastEditorID"`
UserID int `json:"userId"`
ProjectID int `json:"projectId"`
ActivityID int `json:"activityId"`
Start time.Time `json:"start"`
End time.Time `json:"end"`
Description string `json:"description"`
Billable int `json:"billable"` // Percentage (0-100)
}
type TimeEntryCreateDto struct {
UserID int `json:"userId"`
ProjectID int `json:"projectId"`
ActivityID int `json:"activityId"`
Start time.Time `json:"start"`
End time.Time `json:"end"`
Description string `json:"description"`
Billable int `json:"billable"` // Percentage (0-100)
}
type TimeEntryUpdateDto struct {
ID string `json:"id"`
CreatedAt *time.Time `json:"createdAt"`
UpdatedAt *time.Time `json:"updatedAt"`
LastEditorID *string `json:"lastEditorID"`
UserID *int `json:"userId"`
ProjectID *int `json:"projectId"`
ActivityID *int `json:"activityId"`
Start *time.Time `json:"start"`
End *time.Time `json:"end"`
Description *string `json:"description"`
Billable *int `json:"billable"` // Percentage (0-100)
}
backend/internal/dtos/user_dto.go
-36
View File
@@ -1,36 +0,0 @@
package dto
import (
"time"
)
type UserDto struct {
ID string `json:"id"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
LastEditorID string `json:"lastEditorID"`
Email string `json:"email"`
Role string `json:"role"`
CompanyID int `json:"companyId"`
HourlyRate float64 `json:"hourlyRate"`
}
type UserCreateDto struct {
Email string `json:"email"`
Password string `json:"password"`
Role string `json:"role"`
CompanyID int `json:"companyId"`
HourlyRate float64 `json:"hourlyRate"`
}
type UserUpdateDto struct {
ID string `json:"id"`
CreatedAt *time.Time `json:"createdAt"`
UpdatedAt *time.Time `json:"updatedAt"`
LastEditorID *string `json:"lastEditorID"`
Email *string `json:"email"`
Password *string `json:"password"`
Role *string `json:"role"`
CompanyID *int `json:"companyId"`
HourlyRate *float64 `json:"hourlyRate"`
}
backend/internal/models/activity.go
+9 -8
View File
@@ -4,7 +4,8 @@ import (
"context"
"errors"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/db"
"github.com/timetracker/backend/internal/types"
"gorm.io/gorm"
)
@@ -22,7 +23,7 @@ func (Activity) TableName() string {
// ActivityUpdate contains the updatable fields of an Activity
type ActivityUpdate struct {
ID ulid.ULID `gorm:"-"` // Use "-" to indicate that this field should be ignored
ID types.ULID `gorm:"-"` // Use "-" to indicate that this field should be ignored
Name *string `gorm:"column:name"`
BillingRate *float64 `gorm:"column:billing_rate"`
}
@@ -34,9 +35,9 @@ type ActivityCreate struct {
}
// GetActivityByID finds an Activity by its ID
func GetActivityByID(ctx context.Context, id ulid.ULID) (*Activity, error) {
func GetActivityByID(ctx context.Context, id types.ULID) (*Activity, error) {
var activity Activity
result := GetEngine(ctx).Where("id = ?", id).First(&activity)
result := db.GetEngine(ctx).Where("id = ?", id).First(&activity)
if result.Error != nil {
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return nil, nil
@@ -49,7 +50,7 @@ func GetActivityByID(ctx context.Context, id ulid.ULID) (*Activity, error) {
// GetAllActivities returns all Activities
func GetAllActivities(ctx context.Context) ([]Activity, error) {
var activities []Activity
result := GetEngine(ctx).Find(&activities)
result := db.GetEngine(ctx).Find(&activities)
if result.Error != nil {
return nil, result.Error
}
@@ -63,7 +64,7 @@ func CreateActivity(ctx context.Context, create ActivityCreate) (*Activity, erro
BillingRate: create.BillingRate,
}
result := GetEngine(ctx).Create(&activity)
result := db.GetEngine(ctx).Create(&activity)
if result.Error != nil {
return nil, result.Error
}
@@ -90,7 +91,7 @@ func UpdateActivity(ctx context.Context, update ActivityUpdate) (*Activity, erro
}
// DeleteActivity deletes an Activity by its ID
func DeleteActivity(ctx context.Context, id ulid.ULID) error {
result := GetEngine(ctx).Delete(&Activity{}, id)
func DeleteActivity(ctx context.Context, id types.ULID) error {
result := db.GetEngine(ctx).Delete(&Activity{}, id)
return result.Error
}
backend/internal/models/base.go
+6 -4
View File
@@ -5,11 +5,12 @@ import (
"time"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/types"
"gorm.io/gorm"
)
type EntityBase struct {
ID ulid.ULID `gorm:"type:uuid;primaryKey"`
ID types.ULID `gorm:"type:bytea;primaryKey"`
CreatedAt time.Time `gorm:"index"`
UpdatedAt time.Time `gorm:"index"`
DeletedAt gorm.DeletedAt `gorm:"index"`
@@ -17,10 +18,11 @@ type EntityBase struct {
// BeforeCreate is called by GORM before creating a record
func (eb *EntityBase) BeforeCreate(tx *gorm.DB) error {
if eb.ID.Compare(ulid.ULID{}) == 0 { // If ID is empty
// Generate a new ULID
if eb.ID.Compare(types.ULID{}) == 0 { // If ID is empty
// Generate a new types.ULID
entropy := ulid.Monotonic(rand.New(rand.NewSource(time.Now().UnixNano())), 0)
eb.ID = ulid.MustNew(ulid.Timestamp(time.Now()), entropy)
newID := ulid.MustNew(ulid.Timestamp(time.Now()), entropy)
eb.ID = types.ULID{ULID: newID}
}
return nil
}
backend/internal/models/company.go
+10 -9
View File
@@ -4,7 +4,8 @@ import (
"context"
"errors"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/db"
"github.com/timetracker/backend/internal/types"
"gorm.io/gorm"
)
@@ -26,14 +27,14 @@ type CompanyCreate struct {
// CompanyUpdate contains the updatable fields of a company
type CompanyUpdate struct {
ID ulid.ULID `gorm:"-"` // Exclude from updates
ID types.ULID `gorm:"-"` // Exclude from updates
Name *string `gorm:"column:name"`
}
// GetCompanyByID finds a company by its ID
func GetCompanyByID(ctx context.Context, id ulid.ULID) (*Company, error) {
func GetCompanyByID(ctx context.Context, id types.ULID) (*Company, error) {
var company Company
result := GetEngine(ctx).Where("id = ?", id).First(&company)
result := db.GetEngine(ctx).Where("id = ?", id).First(&company)
if result.Error != nil {
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return nil, nil
@@ -46,7 +47,7 @@ func GetCompanyByID(ctx context.Context, id ulid.ULID) (*Company, error) {
// GetAllCompanies returns all companies
func GetAllCompanies(ctx context.Context) ([]Company, error) {
var companies []Company
result := GetEngine(ctx).Find(&companies)
result := db.GetEngine(ctx).Find(&companies)
if result.Error != nil {
return nil, result.Error
}
@@ -55,7 +56,7 @@ func GetAllCompanies(ctx context.Context) ([]Company, error) {
func GetCustomersByCompanyID(ctx context.Context, companyID int) ([]Customer, error) {
var customers []Customer
result := GetEngine(ctx).Where("company_id = ?", companyID).Find(&customers)
result := db.GetEngine(ctx).Where("company_id = ?", companyID).Find(&customers)
if result.Error != nil {
return nil, result.Error
}
@@ -68,7 +69,7 @@ func CreateCompany(ctx context.Context, create CompanyCreate) (*Company, error)
Name: create.Name,
}
result := GetEngine(ctx).Create(&company)
result := db.GetEngine(ctx).Create(&company)
if result.Error != nil {
return nil, result.Error
}
@@ -95,7 +96,7 @@ func UpdateCompany(ctx context.Context, update CompanyUpdate) (*Company, error)
}
// DeleteCompany deletes a company by its ID
func DeleteCompany(ctx context.Context, id ulid.ULID) error {
result := GetEngine(ctx).Delete(&Company{}, id)
func DeleteCompany(ctx context.Context, id types.ULID) error {
result := db.GetEngine(ctx).Delete(&Company{}, id)
return result.Error
}
backend/internal/models/customer.go
+15 -11
View File
@@ -4,7 +4,8 @@ import (
"context"
"errors"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/db"
"github.com/timetracker/backend/internal/types"
"gorm.io/gorm"
)
@@ -12,7 +13,8 @@ import (
type Customer struct {
EntityBase
Name string `gorm:"column:name"`
CompanyID int `gorm:"column:company_id"`
CompanyID *types.ULID `gorm:"type:bytea;column:company_id"`
OwnerUserID *types.ULID `gorm:"type:bytea;column:owner_user_id"`
}
// TableName specifies the table name for GORM
@@ -23,20 +25,22 @@ func (Customer) TableName() string {
// CustomerCreate contains the fields for creating a new customer
type CustomerCreate struct {
Name string
CompanyID int
CompanyID *types.ULID
OwnerUserID *types.ULID
}
// CustomerUpdate contains the updatable fields of a customer
type CustomerUpdate struct {
ID ulid.ULID `gorm:"-"` // Exclude from updates
ID types.ULID `gorm:"-"` // Exclude from updates
Name *string `gorm:"column:name"`
CompanyID *int `gorm:"column:company_id"`
CompanyID *types.ULID `gorm:"column:company_id"`
OwnerUserID *types.ULID `gorm:"column:owner_user_id"`
}
// GetCustomerByID finds a customer by its ID
func GetCustomerByID(ctx context.Context, id ulid.ULID) (*Customer, error) {
func GetCustomerByID(ctx context.Context, id types.ULID) (*Customer, error) {
var customer Customer
result := GetEngine(ctx).Where("id = ?", id).First(&customer)
result := db.GetEngine(ctx).Where("id = ?", id).First(&customer)
if result.Error != nil {
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return nil, nil
@@ -49,7 +53,7 @@ func GetCustomerByID(ctx context.Context, id ulid.ULID) (*Customer, error) {
// GetAllCustomers returns all customers
func GetAllCustomers(ctx context.Context) ([]Customer, error) {
var customers []Customer
result := GetEngine(ctx).Find(&customers)
result := db.GetEngine(ctx).Find(&customers)
if result.Error != nil {
return nil, result.Error
}
@@ -63,7 +67,7 @@ func CreateCustomer(ctx context.Context, create CustomerCreate) (*Customer, erro
CompanyID: create.CompanyID,
}
result := GetEngine(ctx).Create(&customer)
result := db.GetEngine(ctx).Create(&customer)
if result.Error != nil {
return nil, result.Error
}
@@ -90,7 +94,7 @@ func UpdateCustomer(ctx context.Context, update CustomerUpdate) (*Customer, erro
}
// DeleteCustomer deletes a customer by its ID
func DeleteCustomer(ctx context.Context, id ulid.ULID) error {
result := GetEngine(ctx).Delete(&Customer{}, id)
func DeleteCustomer(ctx context.Context, id types.ULID) error {
result := db.GetEngine(ctx).Delete(&Customer{}, id)
return result.Error
}
backend/internal/models/db.go
+66 -32
View File
@@ -4,47 +4,72 @@ import (
"context"
"errors"
"fmt"
"log"
"reflect"
"strings"
"time"
"gorm.io/driver/postgres" // For PostgreSQL
"github.com/timetracker/backend/internal/config"
"github.com/timetracker/backend/internal/db"
"github.com/timetracker/backend/internal/permissions"
"gorm.io/driver/postgres"
"gorm.io/gorm"
"gorm.io/gorm/logger"
)
// Global variable for the DB connection
var defaultDB *gorm.DB
// DatabaseConfig contains the configuration data for the database connection
type DatabaseConfig struct {
Host string
Port int
User string
Password string
DBName string
SSLMode string
}
// InitDB initializes the database connection (once at startup)
// with the provided configuration
func InitDB(config DatabaseConfig) error {
// Create DSN (Data Source Name)
dsn := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=%s",
config.Host, config.Port, config.User, config.Password, config.DBName, config.SSLMode)
// Establish database connection
db, err := gorm.Open(postgres.Open(dsn), &gorm.Config{})
if err != nil {
return fmt.Errorf("error connecting to the database: %w", err)
// MigrateDB performs database migrations for all models
func MigrateDB() error {
gormDB := db.GetEngine(context.Background())
if gormDB == nil {
return errors.New("database not initialized")
}
defaultDB = db
log.Println("Starting database migration...")
// Add all models that should be migrated here
err := gormDB.AutoMigrate(
&Company{},
&User{},
&Customer{},
&Project{},
&Activity{},
&TimeEntry{},
&permissions.Role{},
&permissions.Policy{},
)
if err != nil {
return fmt.Errorf("error migrating database: %w", err)
}
log.Println("Database migration completed successfully")
return nil
}
// GetEngine returns the DB instance, possibly with context
func GetEngine(ctx context.Context) *gorm.DB {
// If a special transaction is in ctx, you could check it here
return defaultDB.WithContext(ctx)
// GetGormDB is used for special cases like database creation
func GetGormDB(dbConfig config.DatabaseConfig, dbName string) (*gorm.DB, error) {
dsn := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=%s",
dbConfig.Host, dbConfig.Port, dbConfig.User, dbConfig.Password, dbName, dbConfig.SSLMode)
// Configure GORM logger
gormLogger := logger.New(
log.New(log.Writer(), "\r\n", log.LstdFlags), // io writer
logger.Config{
SlowThreshold: 200 * time.Millisecond, // Slow SQL threshold
LogLevel: dbConfig.LogLevel, // Log level
IgnoreRecordNotFoundError: true, // Ignore ErrRecordNotFound error for logger
Colorful: true, // Enable color
},
)
db, err := gorm.Open(postgres.Open(dsn), &gorm.Config{
Logger: gormLogger,
})
if err != nil {
return nil, fmt.Errorf("error connecting to the database: %w", err)
}
return db, nil
}
// UpdateModel updates a model based on the set pointer fields
@@ -65,7 +90,7 @@ func UpdateModel(ctx context.Context, model any, updates any) error {
updateMap := make(map[string]any)
// Iterate through all fields
for i := 0; i < updateValue.NumField(); i++ {
for i := range updateValue.NumField() {
field := updateValue.Field(i)
fieldType := updateType.Field(i)
@@ -104,5 +129,14 @@ func UpdateModel(ctx context.Context, model any, updates any) error {
return nil // Nothing to update
}
return GetEngine(ctx).Model(model).Updates(updateMap).Error
return db.GetEngine(ctx).Model(model).Updates(updateMap).Error
}
// InitDB and CloseDB are forwarded to the db package for backward compatibility
func InitDB(config config.DatabaseConfig) error {
return db.InitDB(config)
}
func CloseDB() error {
return db.CloseDB()
}
backend/internal/models/jwt.go
+4
View File
@@ -0,0 +1,4 @@
package models
// This file is intentionally left empty.
// The JWTConfig struct has been moved to the config package.
backend/internal/models/project.go
+29 -21
View File
@@ -5,7 +5,8 @@ import (
"errors"
"fmt"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/db"
"github.com/timetracker/backend/internal/types"
"gorm.io/gorm"
)
@@ -13,7 +14,7 @@ import (
type Project struct {
EntityBase
Name string `gorm:"column:name;not null"`
CustomerID ulid.ULID `gorm:"column:customer_id;type:uuid;not null"`
CustomerID *types.ULID `gorm:"column:customer_id;type:bytea;index"`
// Relationships (for Eager Loading)
Customer *Customer `gorm:"foreignKey:CustomerID"`
@@ -27,14 +28,14 @@ func (Project) TableName() string {
// ProjectCreate contains the fields for creating a new project
type ProjectCreate struct {
Name string
CustomerID ulid.ULID
CustomerID *types.ULID
}
// ProjectUpdate contains the updatable fields of a project
type ProjectUpdate struct {
ID ulid.ULID `gorm:"-"` // Exclude from updates
ID types.ULID `gorm:"-"` // Exclude from updates
Name *string `gorm:"column:name"`
CustomerID *ulid.ULID `gorm:"column:customer_id"`
CustomerID types.Nullable[types.ULID] `gorm:"column:customer_id"`
}
// Validate checks if the Create struct contains valid data
@@ -43,7 +44,7 @@ func (pc *ProjectCreate) Validate() error {
return errors.New("project name cannot be empty")
}
// Check for valid CustomerID
if pc.CustomerID.Compare(ulid.ULID{}) == 0 {
if pc.CustomerID != nil && pc.CustomerID.Compare(types.ULID{}) == 0 {
return errors.New("customerID cannot be empty")
}
return nil
@@ -58,9 +59,9 @@ func (pu *ProjectUpdate) Validate() error {
}
// GetProjectByID finds a project by its ID
func GetProjectByID(ctx context.Context, id ulid.ULID) (*Project, error) {
func GetProjectByID(ctx context.Context, id types.ULID) (*Project, error) {
var project Project
result := GetEngine(ctx).Where("id = ?", id).First(&project)
result := db.GetEngine(ctx).Where("id = ?", id).First(&project)
if result.Error != nil {
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return nil, nil
@@ -71,9 +72,9 @@ func GetProjectByID(ctx context.Context, id ulid.ULID) (*Project, error) {
}
// GetProjectWithCustomer loads a project with the associated customer information
func GetProjectWithCustomer(ctx context.Context, id ulid.ULID) (*Project, error) {
func GetProjectWithCustomer(ctx context.Context, id types.ULID) (*Project, error) {
var project Project
result := GetEngine(ctx).Preload("Customer").Where("id = ?", id).First(&project)
result := db.GetEngine(ctx).Preload("Customer").Where("id = ?", id).First(&project)
if result.Error != nil {
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return nil, nil
@@ -86,7 +87,7 @@ func GetProjectWithCustomer(ctx context.Context, id ulid.ULID) (*Project, error)
// GetAllProjects returns all projects
func GetAllProjects(ctx context.Context) ([]Project, error) {
var projects []Project
result := GetEngine(ctx).Find(&projects)
result := db.GetEngine(ctx).Find(&projects)
if result.Error != nil {
return nil, result.Error
}
@@ -96,7 +97,7 @@ func GetAllProjects(ctx context.Context) ([]Project, error) {
// GetAllProjectsWithCustomers returns all projects with customer information
func GetAllProjectsWithCustomers(ctx context.Context) ([]Project, error) {
var projects []Project
result := GetEngine(ctx).Preload("Customer").Find(&projects)
result := db.GetEngine(ctx).Preload("Customer").Find(&projects)
if result.Error != nil {
return nil, result.Error
}
@@ -104,9 +105,9 @@ func GetAllProjectsWithCustomers(ctx context.Context) ([]Project, error) {
}
// GetProjectsByCustomerID returns all projects of a specific customer
func GetProjectsByCustomerID(ctx context.Context, customerID ulid.ULID) ([]Project, error) {
func GetProjectsByCustomerID(ctx context.Context, customerId types.ULID) ([]Project, error) {
var projects []Project
result := GetEngine(ctx).Where("customer_id = ?", customerID).Find(&projects)
result := db.GetEngine(ctx).Where("customer_id = ?", customerId.ULID).Find(&projects)
if result.Error != nil {
return nil, result.Error
}
@@ -121,20 +122,22 @@ func CreateProject(ctx context.Context, create ProjectCreate) (*Project, error)
}
// Check if the customer exists
customer, err := GetCustomerByID(ctx, create.CustomerID)
if create.CustomerID != nil {
customer, err := GetCustomerByID(ctx, *create.CustomerID)
if err != nil {
return nil, fmt.Errorf("error checking the customer: %w", err)
}
if customer == nil {
return nil, errors.New("the specified customer does not exist")
}
}
project := Project{
Name: create.Name,
CustomerID: create.CustomerID,
}
result := GetEngine(ctx).Create(&project)
result := db.GetEngine(ctx).Create(&project)
if result.Error != nil {
return nil, fmt.Errorf("error creating the project: %w", result.Error)
}
@@ -157,14 +160,19 @@ func UpdateProject(ctx context.Context, update ProjectUpdate) (*Project, error)
}
// If CustomerID is updated, check if the customer exists
if update.CustomerID != nil {
customer, err := GetCustomerByID(ctx, *update.CustomerID)
if update.CustomerID.Valid {
if update.CustomerID.Value != nil {
customer, err := GetCustomerByID(ctx, *update.CustomerID.Value)
if err != nil {
return nil, fmt.Errorf("error checking the customer: %w", err)
}
if customer == nil {
return nil, errors.New("the specified customer does not exist")
}
} else {
// If CustomerID is nil, set it to nil in the project
project.CustomerID = nil
}
}
// Use generic update function
@@ -177,9 +185,9 @@ func UpdateProject(ctx context.Context, update ProjectUpdate) (*Project, error)
}
// DeleteProject deletes a project by its ID
func DeleteProject(ctx context.Context, id ulid.ULID) error {
func DeleteProject(ctx context.Context, id types.ULID) error {
// Here you could check if dependent entities exist
result := GetEngine(ctx).Delete(&Project{}, id)
result := db.GetEngine(ctx).Delete(&Project{}, id)
if result.Error != nil {
return fmt.Errorf("error deleting the project: %w", result.Error)
}
@@ -196,7 +204,7 @@ func CreateProjectWithTransaction(ctx context.Context, create ProjectCreate) (*P
var project *Project
// Start transaction
err := GetEngine(ctx).Transaction(func(tx *gorm.DB) error {
err := db.GetEngine(ctx).Transaction(func(tx *gorm.DB) error {
// Customer check within the transaction
var customer Customer
if err := tx.Where("id = ?", create.CustomerID).First(&customer).Error; err != nil {
backend/internal/models/timeentry.go
+32 -31
View File
@@ -6,16 +6,17 @@ import (
"fmt"
"time"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/db"
"github.com/timetracker/backend/internal/types"
"gorm.io/gorm"
)
// TimeEntry represents a time entry in the system
type TimeEntry struct {
EntityBase
UserID ulid.ULID `gorm:"column:user_id;type:uuid;not null;index"`
ProjectID ulid.ULID `gorm:"column:project_id;type:uuid;not null;index"`
ActivityID ulid.ULID `gorm:"column:activity_id;type:uuid;not null;index"`
UserID types.ULID `gorm:"column:user_id;type:bytea;not null;index"`
ProjectID types.ULID `gorm:"column:project_id;type:bytea;not null;index"`
ActivityID types.ULID `gorm:"column:activity_id;type:bytea;not null;index"`
Start time.Time `gorm:"column:start;not null"`
End time.Time `gorm:"column:end;not null"`
Description string `gorm:"column:description"`
@@ -34,9 +35,9 @@ func (TimeEntry) TableName() string {
// TimeEntryCreate contains the fields for creating a new time entry
type TimeEntryCreate struct {
UserID ulid.ULID
ProjectID ulid.ULID
ActivityID ulid.ULID
UserID types.ULID
ProjectID types.ULID
ActivityID types.ULID
Start time.Time
End time.Time
Description string
@@ -45,10 +46,10 @@ type TimeEntryCreate struct {
// TimeEntryUpdate contains the updatable fields of a time entry
type TimeEntryUpdate struct {
ID ulid.ULID `gorm:"-"` // Exclude from updates
UserID *ulid.ULID `gorm:"column:user_id"`
ProjectID *ulid.ULID `gorm:"column:project_id"`
ActivityID *ulid.ULID `gorm:"column:activity_id"`
ID types.ULID `gorm:"-"` // Exclude from updates
UserID *types.ULID `gorm:"column:user_id"`
ProjectID *types.ULID `gorm:"column:project_id"`
ActivityID *types.ULID `gorm:"column:activity_id"`
Start *time.Time `gorm:"column:start"`
End *time.Time `gorm:"column:end"`
Description *string `gorm:"column:description"`
@@ -58,13 +59,13 @@ type TimeEntryUpdate struct {
// Validate checks if the Create struct contains valid data
func (tc *TimeEntryCreate) Validate() error {
// Check for empty IDs
if tc.UserID.Compare(ulid.ULID{}) == 0 {
if tc.UserID.Compare(types.ULID{}) == 0 {
return errors.New("userID cannot be empty")
}
if tc.ProjectID.Compare(ulid.ULID{}) == 0 {
if tc.ProjectID.Compare(types.ULID{}) == 0 {
return errors.New("projectID cannot be empty")
}
if tc.ActivityID.Compare(ulid.ULID{}) == 0 {
if tc.ActivityID.Compare(types.ULID{}) == 0 {
return errors.New("activityID cannot be empty")
}
@@ -103,9 +104,9 @@ func (tu *TimeEntryUpdate) Validate() error {
}
// GetTimeEntryByID finds a time entry by its ID
func GetTimeEntryByID(ctx context.Context, id ulid.ULID) (*TimeEntry, error) {
func GetTimeEntryByID(ctx context.Context, id types.ULID) (*TimeEntry, error) {
var timeEntry TimeEntry
result := GetEngine(ctx).Where("id = ?", id).First(&timeEntry)
result := db.GetEngine(ctx).Where("id = ?", id).First(&timeEntry)
if result.Error != nil {
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return nil, nil
@@ -116,9 +117,9 @@ func GetTimeEntryByID(ctx context.Context, id ulid.ULID) (*TimeEntry, error) {
}
// GetTimeEntryWithRelations loads a time entry with all associated data
func GetTimeEntryWithRelations(ctx context.Context, id ulid.ULID) (*TimeEntry, error) {
func GetTimeEntryWithRelations(ctx context.Context, id types.ULID) (*TimeEntry, error) {
var timeEntry TimeEntry
result := GetEngine(ctx).
result := db.GetEngine(ctx).
Preload("User").
Preload("Project").
Preload("Project.Customer"). // Nested relationship
@@ -138,7 +139,7 @@ func GetTimeEntryWithRelations(ctx context.Context, id ulid.ULID) (*TimeEntry, e
// GetAllTimeEntries returns all time entries
func GetAllTimeEntries(ctx context.Context) ([]TimeEntry, error) {
var timeEntries []TimeEntry
result := GetEngine(ctx).Find(&timeEntries)
result := db.GetEngine(ctx).Find(&timeEntries)
if result.Error != nil {
return nil, result.Error
}
@@ -146,9 +147,9 @@ func GetAllTimeEntries(ctx context.Context) ([]TimeEntry, error) {
}
// GetTimeEntriesByUserID returns all time entries of a user
func GetTimeEntriesByUserID(ctx context.Context, userID ulid.ULID) ([]TimeEntry, error) {
func GetTimeEntriesByUserID(ctx context.Context, userID types.ULID) ([]TimeEntry, error) {
var timeEntries []TimeEntry
result := GetEngine(ctx).Where("user_id = ?", userID).Find(&timeEntries)
result := db.GetEngine(ctx).Where("user_id = ?", userID).Find(&timeEntries)
if result.Error != nil {
return nil, result.Error
}
@@ -156,9 +157,9 @@ func GetTimeEntriesByUserID(ctx context.Context, userID ulid.ULID) ([]TimeEntry,
}
// GetTimeEntriesByProjectID returns all time entries of a project
func GetTimeEntriesByProjectID(ctx context.Context, projectID ulid.ULID) ([]TimeEntry, error) {
func GetTimeEntriesByProjectID(ctx context.Context, projectID types.ULID) ([]TimeEntry, error) {
var timeEntries []TimeEntry
result := GetEngine(ctx).Where("project_id = ?", projectID).Find(&timeEntries)
result := db.GetEngine(ctx).Where("project_id = ?", projectID).Find(&timeEntries)
if result.Error != nil {
return nil, result.Error
}
@@ -169,7 +170,7 @@ func GetTimeEntriesByProjectID(ctx context.Context, projectID ulid.ULID) ([]Time
func GetTimeEntriesByDateRange(ctx context.Context, start, end time.Time) ([]TimeEntry, error) {
var timeEntries []TimeEntry
// Search for overlaps in the time range
result := GetEngine(ctx).
result := db.GetEngine(ctx).
Where("(start BETWEEN ? AND ?) OR (end BETWEEN ? AND ?)",
start, end, start, end).
Find(&timeEntries)
@@ -181,7 +182,7 @@ func GetTimeEntriesByDateRange(ctx context.Context, start, end time.Time) ([]Tim
}
// SumBillableHoursByProject calculates the billable hours per project
func SumBillableHoursByProject(ctx context.Context, projectID ulid.ULID) (float64, error) {
func SumBillableHoursByProject(ctx context.Context, projectID types.ULID) (float64, error) {
type Result struct {
TotalHours float64
}
@@ -189,7 +190,7 @@ func SumBillableHoursByProject(ctx context.Context, projectID ulid.ULID) (float6
var result Result
// SQL calculation of weighted hours
err := GetEngine(ctx).Raw(`
err := db.GetEngine(ctx).Raw(`
SELECT SUM(
EXTRACT(EPOCH FROM (end - start)) / 3600 * (billable / 100.0)
) as total_hours
@@ -214,7 +215,7 @@ func CreateTimeEntry(ctx context.Context, create TimeEntryCreate) (*TimeEntry, e
// Start a transaction
var timeEntry *TimeEntry
err := GetEngine(ctx).Transaction(func(tx *gorm.DB) error {
err := db.GetEngine(ctx).Transaction(func(tx *gorm.DB) error {
// Check references
if err := validateReferences(tx, create.UserID, create.ProjectID, create.ActivityID); err != nil {
return err
@@ -247,7 +248,7 @@ func CreateTimeEntry(ctx context.Context, create TimeEntryCreate) (*TimeEntry, e
}
// validateReferences checks if all referenced entities exist
func validateReferences(tx *gorm.DB, userID, projectID, activityID ulid.ULID) error {
func validateReferences(tx *gorm.DB, userID, projectID, activityID types.ULID) error {
// Check user
var userCount int64
if err := tx.Model(&User{}).Where("id = ?", userID).Count(&userCount).Error; err != nil {
@@ -295,7 +296,7 @@ func UpdateTimeEntry(ctx context.Context, update TimeEntryUpdate) (*TimeEntry, e
}
// Start a transaction for the update
err = GetEngine(ctx).Transaction(func(tx *gorm.DB) error {
err = db.GetEngine(ctx).Transaction(func(tx *gorm.DB) error {
// Check references if they are updated
if update.UserID != nil || update.ProjectID != nil || update.ActivityID != nil {
// Use current values if not updated
@@ -351,8 +352,8 @@ func UpdateTimeEntry(ctx context.Context, update TimeEntryUpdate) (*TimeEntry, e
}
// DeleteTimeEntry deletes a time entry by its ID
func DeleteTimeEntry(ctx context.Context, id ulid.ULID) error {
result := GetEngine(ctx).Delete(&TimeEntry{}, id)
func DeleteTimeEntry(ctx context.Context, id types.ULID) error {
result := db.GetEngine(ctx).Delete(&TimeEntry{}, id)
if result.Error != nil {
return fmt.Errorf("error deleting the time entry: %w", result.Error)
}
backend/internal/models/user.go
+61 -39
View File
@@ -11,28 +11,12 @@ import (
"slices"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/db"
"github.com/timetracker/backend/internal/types"
"golang.org/x/crypto/argon2"
"gorm.io/gorm"
)
// Argon2 Parameters
const (
// Recommended values for Argon2id
ArgonTime = 1
ArgonMemory = 64 * 1024 // 64MB
ArgonThreads = 4
ArgonKeyLen = 32
SaltLength = 16
)
// Role Constants
const (
RoleAdmin = "admin"
RoleUser = "user"
RoleViewer = "viewer"
)
// User represents a user in the system
type User struct {
EntityBase
@@ -40,8 +24,9 @@ type User struct {
Salt string `gorm:"column:salt;not null;type:varchar(64)"` // Base64-encoded Salt
Hash string `gorm:"column:hash;not null;type:varchar(128)"` // Base64-encoded Hash
Role string `gorm:"column:role;not null;default:'user'"`
CompanyID ulid.ULID `gorm:"column:company_id;type:uuid;not null;index"`
CompanyID *types.ULID `gorm:"column:company_id;type:bytea;index"`
HourlyRate float64 `gorm:"column:hourly_rate;not null;default:0"`
Companies []string `gorm:"type:text[]"`
// Relationship for Eager Loading
Company *Company `gorm:"foreignKey:CompanyID"`
@@ -57,17 +42,17 @@ type UserCreate struct {
Email string
Password string
Role string
CompanyID ulid.ULID
CompanyID *types.ULID
HourlyRate float64
}
// UserUpdate contains the updatable fields of a user
type UserUpdate struct {
ID ulid.ULID `gorm:"-"` // Exclude from updates
ID types.ULID `gorm:"-"` // Exclude from updates
Email *string `gorm:"column:email"`
Password *string `gorm:"-"` // Not stored directly in DB
Role *string `gorm:"column:role"`
CompanyID *ulid.ULID `gorm:"column:company_id"`
CompanyID types.Nullable[types.ULID] `gorm:"column:company_id"`
HourlyRate *float64 `gorm:"column:hourly_rate"`
}
@@ -202,7 +187,7 @@ func (uc *UserCreate) Validate() error {
}
}
if uc.CompanyID.Compare(ulid.ULID{}) == 0 {
if uc.CompanyID != nil && uc.CompanyID.Compare(types.ULID{}) == 0 {
return errors.New("companyID cannot be empty")
}
@@ -288,9 +273,9 @@ func (uu *UserUpdate) Validate() error {
}
// GetUserByID finds a user by their ID
func GetUserByID(ctx context.Context, id ulid.ULID) (*User, error) {
func GetUserByID(ctx context.Context, id types.ULID) (*User, error) {
var user User
result := GetEngine(ctx).Where("id = ?", id).First(&user)
result := db.GetEngine(ctx).Where("id = ?", id).First(&user)
if result.Error != nil {
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return nil, nil
@@ -303,7 +288,7 @@ func GetUserByID(ctx context.Context, id ulid.ULID) (*User, error) {
// GetUserByEmail finds a user by their email
func GetUserByEmail(ctx context.Context, email string) (*User, error) {
var user User
result := GetEngine(ctx).Where("email = ?", email).First(&user)
result := db.GetEngine(ctx).Where("email = ?", email).First(&user)
if result.Error != nil {
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return nil, nil
@@ -314,9 +299,9 @@ func GetUserByEmail(ctx context.Context, email string) (*User, error) {
}
// GetUserWithCompany loads a user with their company
func GetUserWithCompany(ctx context.Context, id ulid.ULID) (*User, error) {
func GetUserWithCompany(ctx context.Context, id types.ULID) (*User, error) {
var user User
result := GetEngine(ctx).Preload("Company").Where("id = ?", id).First(&user)
result := db.GetEngine(ctx).Preload("Company").Where("id = ?", id).First(&user)
if result.Error != nil {
if errors.Is(result.Error, gorm.ErrRecordNotFound) {
return nil, nil
@@ -329,17 +314,29 @@ func GetUserWithCompany(ctx context.Context, id ulid.ULID) (*User, error) {
// GetAllUsers returns all users
func GetAllUsers(ctx context.Context) ([]User, error) {
var users []User
result := GetEngine(ctx).Find(&users)
result := db.GetEngine(ctx).Find(&users)
if result.Error != nil {
return nil, result.Error
}
return users, nil
}
// getCompanyCondition builds the company condition for queries
func getCompanyCondition(companyID *types.ULID) func(db *gorm.DB) *gorm.DB {
return func(db *gorm.DB) *gorm.DB {
if companyID == nil {
return db.Where("company_id IS NULL")
}
return db.Where("company_id = ?", *companyID)
}
}
// GetUsersByCompanyID returns all users of a company
func GetUsersByCompanyID(ctx context.Context, companyID ulid.ULID) ([]User, error) {
func GetUsersByCompanyID(ctx context.Context, companyID types.ULID) ([]User, error) {
var users []User
result := GetEngine(ctx).Where("company_id = ?", companyID).Find(&users)
// Apply the dynamic company condition
condition := getCompanyCondition(&companyID)
result := db.GetEngine(ctx).Scopes(condition).Find(&users)
if result.Error != nil {
return nil, result.Error
}
@@ -356,7 +353,7 @@ func CreateUser(ctx context.Context, create UserCreate) (*User, error) {
// Start a transaction
var user *User
err := GetEngine(ctx).Transaction(func(tx *gorm.DB) error {
err := db.GetEngine(ctx).Transaction(func(tx *gorm.DB) error {
// Check if email already exists
var count int64
if err := tx.Model(&User{}).Where("email = ?", create.Email).Count(&count).Error; err != nil {
@@ -366,6 +363,7 @@ func CreateUser(ctx context.Context, create UserCreate) (*User, error) {
return errors.New("email is already in use")
}
if create.CompanyID != nil {
// Check if company exists
var companyCount int64
if err := tx.Model(&Company{}).Where("id = ?", create.CompanyID).Count(&companyCount).Error; err != nil {
@@ -374,6 +372,7 @@ func CreateUser(ctx context.Context, create UserCreate) (*User, error) {
if companyCount == 0 {
return errors.New("the specified company does not exist")
}
}
// Hash password with unique salt
pwData, err := HashPassword(create.Password)
@@ -423,7 +422,7 @@ func UpdateUser(ctx context.Context, update UserUpdate) (*User, error) {
}
// Start a transaction for the update
err = GetEngine(ctx).Transaction(func(tx *gorm.DB) error {
err = db.GetEngine(ctx).Transaction(func(tx *gorm.DB) error {
// If email is updated, check if it's already in use
if update.Email != nil && *update.Email != user.Email {
var count int64
@@ -436,15 +435,17 @@ func UpdateUser(ctx context.Context, update UserUpdate) (*User, error) {
}
// If CompanyID is updated, check if it exists
if update.CompanyID != nil && update.CompanyID.Compare(user.CompanyID) != 0 {
if update.CompanyID.Valid && update.CompanyID.Value != nil {
if user.CompanyID == nil || *update.CompanyID.Value != *user.CompanyID {
var companyCount int64
if err := tx.Model(&Company{}).Where("id = ?", *update.CompanyID).Count(&companyCount).Error; err != nil {
if err := tx.Model(&Company{}).Where("id = ?", *update.CompanyID.Value).Count(&companyCount).Error; err != nil {
return fmt.Errorf("error checking company: %w", err)
}
if companyCount == 0 {
return errors.New("the specified company does not exist")
}
}
}
// If password is updated, rehash with new salt
if update.Password != nil {
@@ -472,8 +473,12 @@ func UpdateUser(ctx context.Context, update UserUpdate) (*User, error) {
if update.Role != nil {
updates["role"] = *update.Role
}
if update.CompanyID != nil {
updates["company_id"] = *update.CompanyID
if update.CompanyID.Valid {
if update.CompanyID.Value == nil {
updates["company_id"] = nil
} else {
updates["company_id"] = *update.CompanyID.Value
}
}
if update.HourlyRate != nil {
updates["hourly_rate"] = *update.HourlyRate
@@ -498,11 +503,11 @@ func UpdateUser(ctx context.Context, update UserUpdate) (*User, error) {
}
// DeleteUser deletes a user by their ID
func DeleteUser(ctx context.Context, id ulid.ULID) error {
func DeleteUser(ctx context.Context, id types.ULID) error {
// Here one could check if dependent entities exist
// e.g., don't delete if time entries still exist
result := GetEngine(ctx).Delete(&User{}, id)
result := db.GetEngine(ctx).Delete(&User{}, id)
if result.Error != nil {
return fmt.Errorf("error deleting user: %w", result.Error)
}
@@ -532,3 +537,20 @@ func AuthenticateUser(ctx context.Context, email, password string) (*User, error
return user, nil
}
// Argon2 Parameters
const (
// Recommended values for Argon2id
ArgonTime = 1
ArgonMemory = 64 * 1024 // 64MB
ArgonThreads = 4
ArgonKeyLen = 32
SaltLength = 16
)
// Role Constants
const (
RoleAdmin = "admin"
RoleUser = "user"
RoleViewer = "viewer"
)
backend/internal/permissions/evaluator.go
+35
View File
@@ -0,0 +1,35 @@
package permissions
import (
"context"
)
func (u *User) EffectivePermissions(ctx context.Context, scope string) (Permission, error) {
if u.ActiveRole == nil {
return 0, nil
}
// Load the role and its associated policies using the helper function.
role, err := LoadRoleWithPolicies(ctx, u.ActiveRole.ID)
if err != nil {
return 0, err
}
var perm Permission
for _, policy := range role.Policies {
for pat, p := range policy.Scopes {
if MatchScope(pat, scope) {
perm |= p
}
}
}
return perm, nil
}
func (u *User) HasPermission(ctx context.Context, scope string, requiredPerm Permission) (bool, error) {
effective, err := u.EffectivePermissions(ctx, scope)
if err != nil {
return false, err
}
return (effective & requiredPerm) == requiredPerm, nil
}
backend/internal/permissions/helpers.go
+23
View File
@@ -0,0 +1,23 @@
package permissions
import (
"context"
"fmt"
"github.com/oklog/ulid/v2"
"github.com/timetracker/backend/internal/db"
"gorm.io/gorm"
)
// LoadRoleWithPolicies loads a role with its associated policies from the database.
func LoadRoleWithPolicies(ctx context.Context, roleID ulid.ULID) (*Role, error) {
var role Role
err := db.GetEngine(ctx).Preload("Policies").First(&role, "id = ?", roleID).Error
if err != nil {
if err == gorm.ErrRecordNotFound {
return nil, fmt.Errorf("role with ID %s not found", roleID)
}
return nil, fmt.Errorf("failed to load role: %w", err)
}
return &role, nil
}
backend/internal/permissions/matching.go
+11
View File
@@ -0,0 +1,11 @@
package permissions
import "strings"
func MatchScope(pattern, scope string) bool {
if strings.HasSuffix(pattern, "/*") {
prefix := strings.TrimSuffix(pattern, "/*")
return strings.HasPrefix(scope, prefix)
}
return pattern == scope
}
backend/internal/permissions/permissions.go
+13
View File
@@ -0,0 +1,13 @@
package permissions
type Permission uint64
const (
PermRead Permission = 1 << iota // 1
PermWrite // 2
PermCreate // 4
PermList // 8
PermDelete // 16
PermModerate // 32
PermSuperadmin // 64
)
backend/internal/permissions/policy.go
+40
View File
@@ -0,0 +1,40 @@
package permissions
import (
"database/sql/driver"
"encoding/json"
"errors"
"fmt"
"github.com/oklog/ulid/v2"
)
type Policy struct {
ID ulid.ULID `gorm:"primaryKey;type:bytea"`
Name string `gorm:"not null"`
RoleID ulid.ULID `gorm:"type:bytea"` //Fremdschlüssel
Scopes Scopes `gorm:"type:jsonb;not null"` // JSONB-Spalte
}
// Scopes type to handle JSON marshalling
type Scopes map[string]Permission
// Scan scan value into Jsonb, implements sql.Scanner interface
func (j *Scopes) Scan(value interface{}) error {
bytes, ok := value.([]byte)
if !ok {
return errors.New(fmt.Sprint("Failed to unmarshal JSONB value:", value))
}
var scopes map[string]Permission
if err := json.Unmarshal(bytes, &scopes); err != nil {
return err
}
*j = scopes
return nil
}
// Value return json value, implement driver.Valuer interface
func (j Scopes) Value() (driver.Value, error) {
return json.Marshal(j)
}
backend/internal/permissions/role.go
+11
View File
@@ -0,0 +1,11 @@
package permissions
import (
"github.com/oklog/ulid/v2"
)
type Role struct {
ID ulid.ULID `gorm:"primaryKey;type:bytea"`
Name string `gorm:"unique;not null"`
Policies []Policy `gorm:"foreignKey:RoleID"`
}
backend/internal/permissions/user.go
+10
View File
@@ -0,0 +1,10 @@
package permissions
import (
"github.com/oklog/ulid/v2"
)
type User struct {
ActiveRole *Role `gorm:"foreignKey:UserID"` // Beziehung zur aktiven Rolle
UserID ulid.ULID `gorm:"type:bytea"` //Fremdschlüssel
}
backend/internal/types/nullable.go
+52
View File
@@ -0,0 +1,52 @@
package types
import (
"encoding/json"
"fmt"
)
// Nullable[T] - Generischer Typ für optionale Werte (nullable fields)
type Nullable[T any] struct {
Value *T // Der tatsächliche Wert (kann nil sein)
Valid bool // Gibt an, ob der Wert gesetzt wurde
}
// NewNullable erstellt eine gültige Nullable-Instanz
func NewNullable[T any](value T) Nullable[T] {
return Nullable[T]{Value: &value, Valid: true}
}
// Null erstellt eine leere Nullable-Instanz (ungesetzt)
func Null[T any]() Nullable[T] {
return Nullable[T]{Valid: true}
}
func Undefined[T any]() Nullable[T] {
return Nullable[T]{Valid: false}
}
// MarshalJSON - Serialisiert `Nullable[T]` korrekt ins JSON-Format
func (n Nullable[T]) MarshalJSON() ([]byte, error) {
if !n.Valid {
return []byte("null"), nil // Wenn nicht valid, dann NULL
}
return json.Marshal(n.Value) // Serialisiert den tatsächlichen Wert
}
// UnmarshalJSON - Deserialisiert JSON in `Nullable[T]`
func (n *Nullable[T]) UnmarshalJSON(data []byte) error {
if string(data) == "null" {
n.Valid = true // Wert wurde gesetzt, aber auf NULL
n.Value = nil // Explizit NULL setzen
return nil
}
var v T
if err := json.Unmarshal(data, &v); err != nil {
return fmt.Errorf("invalid JSON for Nullable: %w", err)
}
n.Value = &v
n.Valid = true
return nil
}
backend/internal/types/ulid.go
+77
View File
@@ -0,0 +1,77 @@
package types
import (
"context"
"database/sql/driver"
"fmt"
"github.com/oklog/ulid/v2"
"gorm.io/gorm"
"gorm.io/gorm/clause"
)
// ULID wraps ulid.ULID to make it work nicely with GORM
type ULID struct {
ulid.ULID
}
// NewULIDWrapper creates a new ULID with a new ULID
func NewULIDWrapper() ULID {
return ULID{ULID: ulid.Make()}
}
// FromULID creates a ULID from a ulid.ULID
func FromULID(id ulid.ULID) ULID {
return ULID{ULID: id}
}
// ULIDWrapperFromString creates a ULID from a string
func ULIDFromString(id string) (ULID, error) {
parsed, err := ulid.Parse(id)
if err != nil {
return ULID{}, fmt.Errorf("failed to parse ULID string: %w", err)
}
return ULID{ULID: parsed}, nil
}
// Scan implements the sql.Scanner interface for ULID
func (u *ULID) Scan(src any) error {
switch v := src.(type) {
case []byte:
// If it's exactly 16 bytes, it's the binary representation
if len(v) == 16 {
copy(u.ULID[:], v)
return nil
}
// Otherwise, try as string
return fmt.Errorf("cannot scan []byte of length %d into ULID", len(v))
case string:
parsed, err := ulid.Parse(v)
if err != nil {
return fmt.Errorf("failed to parse ULID: %w", err)
}
u.ULID = parsed
return nil
default:
return fmt.Errorf("cannot scan %T into ULID", src)
}
}
// Value implements the driver.Valuer interface for ULID
// Returns the binary representation of the ULID for maximum efficiency
func (u ULID) Value() (driver.Value, error) {
return u.ULID.Bytes(), nil
}
// GormValue implements the gorm.Valuer interface for ULID
func (u ULID) GormValue(ctx context.Context, db *gorm.DB) clause.Expr {
return clause.Expr{
SQL: "?",
Vars: []any{u.Bytes()},
}
}
// Compare implements comparison for ULID
func (u ULID) Compare(other ULID) int {
return u.ULID.Compare(other.ULID)
}
backend/migrate
Executable
BIN
View File
Binary file not shown.
backend/postman/activity.postman_collection.json
+168
View File
@@ -0,0 +1,168 @@
{
"info": {
"_postman_id": "YOUR_POSTMAN_ID",
"name": "Activity API",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "GET /api/activities",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/activities",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"activities"
]
}
},
"response": []
},
{
"name": "GET /api/activities/:id",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/activities/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"activities",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
},
{
"name": "POST /api/activities",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n\t\"name\": \"\",\n\t\"billingRate\": 0\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/activities",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"activities"
]
}
},
"response": []
},
{
"name": "PUT /api/activities/:id",
"request": {
"method": "PUT",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n\t\"name\": \"\",\n\t\"billingRate\": 0\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/activities/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"activities",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
},
{
"name": "DELETE /api/activities/:id",
"request": {
"method": "DELETE",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/activities/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"activities",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
}
]
}
backend/postman/company.postman_collection.json
+168
View File
@@ -0,0 +1,168 @@
{
"info": {
"_postman_id": "YOUR_POSTMAN_ID",
"name": "Company API",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "GET /api/companies",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/companies",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"companies"
]
}
},
"response": []
},
{
"name": "GET /api/companies/:id",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/companies/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"companies",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
},
{
"name": "POST /api/companies",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n\t\"name\": \"\"\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/companies",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"companies"
]
}
},
"response": []
},
{
"name": "PUT /api/companies/:id",
"request": {
"method": "PUT",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n\t\"name\": \"\"\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/companies/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"companies",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
},
{
"name": "DELETE /api/companies/:id",
"request": {
"method": "DELETE",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/companies/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"companies",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
}
]
}
backend/postman/customer.postman_collection.json
+200
View File
@@ -0,0 +1,200 @@
{
"info": {
"_postman_id": "YOUR_POSTMAN_ID",
"name": "Customer API",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "GET /api/customers",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/customers",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"customers"
]
}
},
"response": []
},
{
"name": "GET /api/customers/:id",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/customers/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"customers",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
},
{
"name": "GET /api/customers/company/:companyId",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/customers/company/:companyId",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"customers",
"company",
":companyId"
],
"variable": [
{
"key": "companyId",
"value": ""
}
]
}
},
"response": []
},
{
"name": "POST /api/customers",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n\t\"name\": \"\",\n\t\"companyId\": \"\",\n\t\"ownerUserID\": \"\"\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/customers",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"customers"
]
}
},
"response": []
},
{
"name": "PUT /api/customers/:id",
"request": {
"method": "PUT",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n\t\"name\": \"\",\n\t\"companyId\": \"\",\n\t\"ownerUserID\": \"\"\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/customers/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"customers",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
},
{
"name": "DELETE /api/customers/:id",
"request": {
"method": "DELETE",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/customers/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"customers",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
}
]
}
backend/postman/project.postman_collection.json
+225
View File
@@ -0,0 +1,225 @@
{
"info": {
"_postman_id": "YOUR_POSTMAN_ID",
"name": "Project API",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "GET /api/projects",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/projects",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"projects"
]
}
},
"response": []
},
{
"name": "GET /api/projects/with-customers",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/projects/with-customers",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"projects",
"with-customers"
]
}
},
"response": []
},
{
"name": "GET /api/projects/:id",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/projects/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"projects",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
},
{
"name": "GET /api/projects/customer/:customerId",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/projects/customer/:customerId",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"projects",
"customer",
":customerId"
],
"variable": [
{
"key": "customerId",
"value": ""
}
]
}
},
"response": []
},
{
"name": "POST /api/projects",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n\t\"name\": \"\",\n\t\"customerId\": \"\"\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/projects",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"projects"
]
}
},
"response": []
},
{
"name": "PUT /api/projects/:id",
"request": {
"method": "PUT",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n\t\"name\": \"\",\n\t\"customerId\": \"\"\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/projects/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"projects",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
},
{
"name": "DELETE /api/projects/:id",
"request": {
"method": "DELETE",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/projects/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"projects",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
}
]
}
backend/postman/timeentry.postman_collection.json
+292
View File
@@ -0,0 +1,292 @@
{
"info": {
"_postman_id": "YOUR_POSTMAN_ID",
"name": "TimeEntry API",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "GET /api/time-entries",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/time-entries",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"time-entries"
]
}
},
"response": []
},
{
"name": "GET /api/time-entries/me",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/time-entries/me",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"time-entries",
"me"
]
}
},
"response": []
},
{
"name": "GET /api/time-entries/range",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/time-entries/range?start=2023-01-01T00:00:00Z&end=2023-01-02T00:00:00Z",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"time-entries",
"range"
],
"query": [
{
"key": "start",
"value": "2023-01-01T00:00:00Z"
},
{
"key": "end",
"value": "2023-01-02T00:00:00Z"
}
]
}
},
"response": []
},
{
"name": "GET /api/time-entries/:id",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/time-entries/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"time-entries",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
},
{
"name": "GET /api/time-entries/user/:userId",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/time-entries/user/:userId",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"time-entries",
"user",
":userId"
],
"variable": [
{
"key": "userId",
"value": ""
}
]
}
},
"response": []
},
{
"name": "GET /api/time-entries/project/:projectId",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/time-entries/project/:projectId",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"time-entries",
"project",
":projectId"
],
"variable": [
{
"key": "projectId",
"value": ""
}
]
}
},
"response": []
},
{
"name": "POST /api/time-entries",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"userID\": \"\",\n \"projectID\": \"\",\n \"activityID\": \"\",\n \"start\": \"2023-01-01T00:00:00Z\",\n \"end\": \"2023-01-01T01:00:00Z\",\n \"description\": \"\",\n \"billable\": true\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/time-entries",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"time-entries"
]
}
},
"response": []
},
{
"name": "PUT /api/time-entries/:id",
"request": {
"method": "PUT",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"userID\": \"\",\n \"projectID\": \"\",\n \"activityID\": \"\",\n \"start\": \"2023-01-01T00:00:00Z\",\n \"end\": \"2023-01-01T01:00:00Z\",\n \"description\": \"\",\n \"billable\": true\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/time-entries/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"time-entries",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
},
{
"name": "DELETE /api/time-entries/:id",
"request": {
"method": "DELETE",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/time-entries/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"time-entries",
":id"
],
"variable": [
{
"key": "id",
"value": ""
}
]
}
},
"response": []
}
]
}
backend/postman/user.postman_collection.json
+241
View File
@@ -0,0 +1,241 @@
{
"info": {
"_postman_id": "YOUR_POSTMAN_ID",
"name": "User API",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "Auth",
"item": [
{
"name": "POST /api/auth/login",
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "raw",
"raw": "{\n\t\"email\": \"\",\n\t\"password\": \"\"\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/auth/login",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"auth",
"login"
]
}
},
"response": []
},
{
"name": "POST /api/auth/register",
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "raw",
"raw": "{\n\t\"email\": \"\",\n\t\"password\": \"\",\n\t\"role\": \"user\",\n\t\"companyID\": \"\",\n\t\"hourlyRate\": 0\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/auth/register",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"auth",
"register"
]
}
},
"response": []
},
{
"name": "GET /api/auth/me",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/auth/me",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"auth",
"me"
]
}
},
"response": []
}
]
},
{
"name": "Users",
"item": [
{
"name": "GET /api/users",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/users",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"users"
]
}
},
"response": []
},
{
"name": "GET /api/users/:id",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/users/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"users",
":id"
]
}
},
"response": []
},
{
"name": "POST /api/users",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n\t\"email\": \"\",\n\t\"password\": \"\",\n\t\"role\": \"user\",\n\t\"companyID\": \"\",\n\t\"hourlyRate\": 0\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/users",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"users"
]
}
},
"response": []
},
{
"name": "PUT /api/users/:id",
"request": {
"method": "PUT",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n\t\"email\": \"\",\n\t\"password\": \"\",\n\t\"role\": \"user\",\n\t\"companyID\": \"\",\n\t\"hourlyRate\": 0\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{API_URL}}/api/users/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"users",
":id"
]
}
},
"response": []
},
{
"name": "DELETE /api/users/:id",
"request": {
"method": "DELETE",
"header": [
{
"key": "Authorization",
"value": "Bearer {{JWT_TOKEN}}",
"type": "text"
}
],
"url": {
"raw": "{{API_URL}}/api/users/:id",
"host": [
"{{API_URL}}"
],
"path": [
"api",
"users",
":id"
]
}
},
"response": []
}
]
}
]
}
backend/scripts/fix_tygo.go
+62
View File
@@ -0,0 +1,62 @@
package main
import (
"fmt"
"os"
"os/exec"
"strings"
)
const (
dtoFilePath = "../frontend/src/types/dto.ts"
importStatement = `import { Nullable } from "./nullable";`
)
func main() {
// Run Tygo first
fmt.Println("🔄 Running tygo...")
if err := runTygo(); err != nil {
fmt.Println("❌ Error running tygo:", err)
os.Exit(1)
}
// Read dto.ts file
content, err := os.ReadFile(dtoFilePath)
if err != nil {
fmt.Println("❌ Could not read dto.ts:", err)
os.Exit(1)
}
// Convert to string
dtoContent := string(content)
// Check if import already exists
if strings.Contains(dtoContent, importStatement) {
fmt.Println("️ Import already exists in dto.ts, skipping.")
return
}
// Add import statement at the beginning
newContent := importStatement + "\n" + dtoContent
if err := os.WriteFile(dtoFilePath, []byte(newContent), 0644); err != nil {
fmt.Println("❌ Error writing dto.ts:", err)
os.Exit(1)
}
fmt.Println("✅ Successfully added Nullable<T> import to dto.ts")
}
// Runs Tygo command
func runTygo() error {
cmd := "tygo"
output, err := exec.Command(cmd, "generate").CombinedOutput()
if err != nil {
fmt.Println("Tygo output:", string(output))
return err
}
if len(output) > 0 {
fmt.Println("Tygo output:", string(output))
return nil
}
return nil
}
backend/tygo.yaml
+7
View File
@@ -0,0 +1,7 @@
packages:
- path: "github.com/timetracker/backend/internal/api/dto"
type_mappings:
"time.Time": "string"
"types.ULID": "string"
"types.Nullable": "Nullable"
output_path: ../frontend/src/types/dto.ts
backend/tygo.yml
-6
View File
@@ -1,6 +0,0 @@
packages:
- path: github.com/timetracker/backend/dto
type_mappings:
"time.Time": "string"
"ulid.ULID": "string"
output_path: ../frontend/src/types/dto.ts
docker-compose.yml
+26
View File
@@ -0,0 +1,26 @@
services:
db:
image: postgres:14
container_name: timetracker_db
restart: always
ports:
- "5432:5432"
environment:
POSTGRES_USER: timetracker
POSTGRES_PASSWORD: password
POSTGRES_DB: timetracker
volumes:
- db_data:/var/lib/postgresql/data
pgadmin:
image: dpage/pgadmin4
container_name: pgadmin
environment:
PGADMIN_DEFAULT_EMAIL: admin@example.com
PGADMIN_DEFAULT_PASSWORD: admin
ports:
- "8081:80"
depends_on:
- db
volumes:
db_data:
docu/backend_architecture.md
+1 -1
View File
@@ -2,7 +2,7 @@
**Note:** This document describes a *conceptual* architecture and is not a final, binding requirement.
The backend is written in Go and follows the principles of **Clean Architecture** and **Domain-Driven Design (DDD)**.
The backend is written in Go using idiomatic Go patterns. While initially following Clean Architecture and DDD principles, we've adapted to a more pragmatic approach that better fits Go's conventions and reduces boilerplate code.
## Project Structure
```
docu/database_schema.md
-194
View File
@@ -1,194 +0,0 @@
# Database Schema (PostgreSQL)
```sql
-- Multi-Tenant
CREATE TABLE companies (
id UUID PRIMARY KEY,
name VARCHAR(255) NOT NULL,
address TEXT,
contact_email VARCHAR(255),
contact_phone VARCHAR(50),
logo_url TEXT,
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
-- Go structs for creating and updating customers
-- type CustomerCreate struct {
-- Name string
-- CompanyID int
-- }
-- type CustomerUpdate struct {
-- ID ulid.ULID
-- Name *string
-- CompanyID *int
-- }
-- Go structs for creating and updating companies
-- type CompanyCreate struct {
-- Name string
-- }
-- type CompanyUpdate struct {
-- ID ulid.ULID
-- Name *string
-- }
-- Go structs for creating and updating activities
-- type ActivityCreate struct {
-- Name string
-- BillingRate float64
-- }
-- type ActivityUpdate struct {
-- ID ulid.ULID
-- Name *string
-- BillingRate *float64
-- }
-- Users and Roles
CREATE TABLE roles (
id SERIAL PRIMARY KEY,
name VARCHAR(50) UNIQUE NOT NULL,
permissions JSONB
);
CREATE TABLE users (
id UUID PRIMARY KEY,
company_id UUID REFERENCES companies(id),
email VARCHAR(255) UNIQUE NOT NULL,
password_hash VARCHAR(255) NOT NULL,
first_name VARCHAR(100),
last_name VARCHAR(100),
role_id INTEGER REFERENCES roles(id),
hourly_rate DECIMAL(10, 2),
is_active BOOLEAN DEFAULT TRUE,
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
-- Customers
CREATE TABLE customers (
id UUID PRIMARY KEY,
company_id UUID NOT NULL REFERENCES companies(id),
name VARCHAR(255) NOT NULL,
contact_person VARCHAR(255),
email VARCHAR(255),
phone VARCHAR(50),
address TEXT,
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
-- Projects
CREATE TABLE projects (
id UUID PRIMARY KEY,
company_id UUID NOT NULL REFERENCES companies(id),
customer_id UUID REFERENCES customers(id),
name VARCHAR(255) NOT NULL,
description TEXT,
start_date DATE,
end_date DATE,
status VARCHAR(50),
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
-- Activities
CREATE TABLE activities (
id UUID PRIMARY KEY,
company_id UUID NOT NULL REFERENCES companies(id),
name VARCHAR(255) NOT NULL,
description TEXT,
billing_rate DECIMAL(10, 2),
is_active BOOLEAN DEFAULT TRUE,
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
-- Time bookings
CREATE TABLE time_entries (
id UUID PRIMARY KEY,
company_id UUID NOT NULL REFERENCES companies(id),
user_id UUID NOT NULL REFERENCES users(id),
project_id UUID NOT NULL REFERENCES projects(id),
activity_id UUID NOT NULL REFERENCES activities(id),
start_time TIMESTAMP NOT NULL,
end_time TIMESTAMP NOT NULL,
duration INTEGER NOT NULL, -- in minutes
description TEXT,
billable_percentage INTEGER NOT NULL DEFAULT 100,
billing_rate DECIMAL(10, 2),
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
-- Version 2: Sprint/Task Management
CREATE TABLE sprints (
id UUID PRIMARY KEY,
project_id UUID NOT NULL REFERENCES projects(id),
name VARCHAR(255) NOT NULL,
start_date DATE NOT NULL,
end_date DATE NOT NULL,
status VARCHAR(50),
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
CREATE TABLE task_statuses (
id SERIAL PRIMARY KEY,
company_id UUID NOT NULL REFERENCES companies(id),
name VARCHAR(100) NOT NULL,
color VARCHAR(7),
position INTEGER NOT NULL,
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
CREATE TABLE tasks (
id UUID PRIMARY KEY,
company_id UUID NOT NULL REFERENCES companies(id),
project_id UUID NOT NULL REFERENCES projects(id),
sprint_id UUID REFERENCES sprints(id),
title VARCHAR(255) NOT NULL,
description TEXT,
assignee_id UUID REFERENCES users(id),
status_id INTEGER REFERENCES task_statuses(id),
priority VARCHAR(50),
estimate INTEGER, -- in minutes
due_date TIMESTAMP,
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
CREATE TABLE kanban_boards (
id UUID PRIMARY KEY,
company_id UUID NOT NULL REFERENCES companies(id),
project_id UUID NOT NULL REFERENCES projects(id),
name VARCHAR(255) NOT NULL,
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
CREATE TABLE kanban_columns (
id UUID PRIMARY KEY,
board_id UUID NOT NULL REFERENCES kanban_boards(id),
name VARCHAR(100) NOT NULL,
position INTEGER NOT NULL,
task_status_id INTEGER REFERENCES task_statuses(id),
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
-- Linking time entries and tasks
ALTER TABLE time_entries ADD COLUMN task_id UUID REFERENCES tasks(id);
-- Indexes for performance
CREATE INDEX idx_time_entries_user ON time_entries(user_id);
CREATE INDEX idx_time_entries_project ON time_entries(project_id);
CREATE INDEX idx_time_entries_date ON time_entries(start_time);
CREATE INDEX idx_projects_company ON projects(company_id);
CREATE INDEX idx_users_company ON users(company_id);
CREATE INDEX idx_tasks_project ON tasks(project_id);
CREATE INDEX idx_tasks_sprint ON tasks(sprint_id);
docu/deployment_devops.md
-17
View File
@@ -1,17 +0,0 @@
# Deployment and DevOps
## Containerization
- Docker containers for backend and frontend
- Docker Compose for development environment
- Kubernetes manifests for production environment
## CI/CD Pipeline
- Automated tests (Unit, Integration, E2E)
- Automated deployment
- Version management
## Monitoring and Logging
- Prometheus for metrics
- Grafana for visualization
- ELK Stack or similar for logging
- Alerting for critical events
docu/permissions_plan.md
+250
View File
@@ -0,0 +1,250 @@
# Berechtigungssystem Plan
Dieser Plan beschreibt die Implementierung eines scope-basierten Berechtigungssystems für das TimeTracker-Projekt.
## Grundkonzept
- Ein **Benutzer** kann eine **Rolle** annehmen, aber immer nur eine ist aktiv.
- Eine **Rolle** besteht aus mehreren **Policies**.
- Eine **Policy** hat einen Namen und eine Map, die **Scopes** (z. B. `items/books`) einem **Berechtigungsschlüssel** (Bitflag) zuordnet.
- Berechtigungsschlüssel sind Bitflags, die Permissions wie `read`, `write`, `create`, `list`, `delete`, `moderate`, `superadmin` usw. repräsentieren.
- Scopes können **Wildcards** enthalten, z. B. `items/*`, das auf `items/books` vererbt wird.
- Ziel: Berechtigungen sowohl im Go-Backend (für API-Sicherheit) als auch im TypeScript-Frontend (für UI-Anpassung) evaluieren.
## Implementierung im Go-Backend
### 1. Ordnerstruktur
- Neuer Ordner: `backend/internal/permissions`
- Dateien:
- `permissions.go`: `Permission`-Konstanten (Bitflags).
- `policy.go`: `Policy`-Struktur.
- `role.go`: `Role`-Struktur.
- `user.go`: Erweiterung der `User`-Struktur.
- `matching.go`: `matchScope`-Funktion.
- `evaluator.go`: `EffectivePermissions`- und `HasPermission`-Funktionen.
### 2. Go-Strukturen
- `permissions.go`:
```go
package permissions
type Permission uint64
const (
PermRead Permission = 1 << iota // 1
PermWrite // 2
PermCreate // 4
PermList // 8
PermDelete // 16
PermModerate // 32
PermSuperadmin // 64
)
```
- `policy.go`:
```go
package permissions
type Policy struct {
Name string
Scopes map[string]Permission
}
```
- `role.go`:
```go
package permissions
type Role struct {
Name string
Policies []Policy
}
```
- `user.go`:
```go
package permissions
import "github.com/your-org/your-project/backend/internal/models" // Pfad anpassen
type User struct {
models.User // Einbettung
ActiveRole *Role
}
```
### 3. Funktionen
- `matching.go`:
```go
package permissions
import "strings"
func MatchScope(pattern, scope string) bool {
if strings.HasSuffix(pattern, "/*") {
prefix := strings.TrimSuffix(pattern, "/*")
return strings.HasPrefix(scope, prefix)
}
return pattern == scope
}
```
- `evaluator.go`:
```go
package permissions
func (u *User) EffectivePermissions(scope string) Permission {
if u.ActiveRole == nil {
return 0
}
var perm Permission
for _, policy := range u.ActiveRole.Policies {
for pat, p := range policy.Scopes {
if MatchScope(pat, scope) {
perm |= p
}
}
}
return perm
}
func (u *User) HasPermission(scope string, requiredPerm Permission) bool {
effective := u.EffectivePermissions(scope)
return (effective & requiredPerm) == requiredPerm
}
```
### 4. Integration in die API-Handler
- Anpassung der `jwt_auth.go` Middleware.
- Verwendung von `HasPermission` in den API-Handlern.
## Persistierung (Datenbank)
### 1. Datenbankmodell
- Zwei neue Tabellen: `roles` und `policies`.
- `roles`:
- `id` (ULID, Primärschlüssel)
- `name` (VARCHAR, eindeutig)
- `policies`:
- `id` (ULID, Primärschlüssel)
- `name` (VARCHAR, eindeutig)
- `role_id` (ULID, Fremdschlüssel, der auf `roles.id` verweist)
- `scopes` (JSONB oder TEXT, speichert die `map[string]Permission` als JSON)
- Beziehung: 1:n zwischen `roles` und `policies`.
### 2. Go-Strukturen (Anpassungen)
- `role.go`:
```go
package permissions
import (
"github.com/your-org/your-project/backend/internal/types" // Pfad anpassen
)
type Role struct {
ID types.ULID `gorm:"primaryKey;type:bytea"`
Name string `gorm:"unique;not null"`
Policies []Policy `gorm:"foreignKey:RoleID"`
}
```
- `policy.go`:
```go
package permissions
import (
"encoding/json"
"database/sql/driver"
"errors"
"fmt"
"github.com/your-org/your-project/backend/internal/types" // Pfad anpassen
"gorm.io/gorm"
"gorm.io/gorm/clause"
)
type Policy struct {
ID types.ULID `gorm:"primaryKey;type:bytea"`
Name string `gorm:"not null"`
RoleID types.ULID `gorm:"type:bytea"` //Fremdschlüssel
Scopes Scopes `gorm:"type:jsonb;not null"` // JSONB-Spalte
}
//Scopes type to handle JSON marshalling
type Scopes map[string]Permission
// Scan scan value into Jsonb, implements sql.Scanner interface
func (j *Scopes) Scan(value interface{}) error {
bytes, ok := value.([]byte)
if !ok {
return errors.New(fmt.Sprint("Failed to unmarshal JSONB value:", value))
}
var scopes map[string]Permission
if err := json.Unmarshal(bytes, &scopes); err != nil {
return err
}
*j = scopes
return nil
}
// Value return json value, implement driver.Valuer interface
func (j Scopes) Value() (driver.Value, error) {
return json.Marshal(j)
}
```
### 3. Migration
- Verwendung des vorhandenen Migrations-Frameworks (`backend/cmd/migrate/main.go`).
### 4. Seed-Daten
- Optionale Seed-Daten (`backend/cmd/seed/main.go`).
### 5. Anpassung der Funktionen
- Anpassung von `EffectivePermissions` und `HasPermission` in `evaluator.go` für Datenbankzugriff.
## Mermaid Diagramm
```mermaid
graph LR
subgraph Benutzer
U[User] --> AR(ActiveRole)
end
subgraph Rolle
AR --> R(Role)
R --> P1(Policy 1)
R --> P2(Policy 2)
R --> Pn(Policy n)
end
subgraph Policy
P1 --> S1(Scope 1: Permissions)
P1 --> S2(Scope 2: Permissions)
P2 --> S3(Scope 3: Permissions)
Pn --> Sm(Scope m: Permissions)
end
S1 -- Permissions --> PR(PermRead)
S1 -- Permissions --> PW(PermWrite)
S2 -- Permissions --> PL(PermList)
Sm -- Permissions --> PD(PermDelete)
style U fill:#f9f,stroke:#333,stroke-width:2px
style R fill:#ccf,stroke:#333,stroke-width:2px
style P1,P2,Pn fill:#ddf,stroke:#333,stroke-width:2px
style S1,S2,S3,Sm fill:#eef,stroke:#333,stroke-width:1px
style PR,PW,PL,PD fill:#ff9,stroke:#333,stroke-width:1px
docu/swagger_documentation.md
+84
View File
@@ -0,0 +1,84 @@
# Swagger Documentation
This document explains how to access and update the Swagger documentation for the Time Tracker API.
## Accessing Swagger UI
After starting the backend server, access the Swagger UI at:
```
http://localhost:8080/swagger/index.html
```
This interactive interface allows you to:
- Browse all available API endpoints
- See request parameters and response formats
- Test API calls directly from the browser
## Updating Swagger Documentation
To update the Swagger documentation for the Time Tracker API, follow these steps:
1. **Add or update Swagger annotations in your code**
- Annotations should be added as comments above handler functions
- Use the correct types in annotations (e.g., `dto.ActivityDto` instead of `utils.ActivityResponse`)
- Make sure all parameters, responses, and types are properly documented
2. **Run the Swagger generation command**
```bash
cd backend && swag init -g cmd/api/main.go --output docs
```
This command:
- Uses `swag` CLI tool to parse your code
- Looks for the main entry point in `cmd/api/main.go`
- Outputs the generated files to the `docs` directory
3. **Verify the generated files**
The command will generate or update three files:
- `docs/docs.go` - Go code for the Swagger documentation
- `docs/swagger.json` - JSON representation of the API
- `docs/swagger.yaml` - YAML representation of the API
4. **Common issues and solutions**
- If you encounter "cannot find type definition" errors, check that you're using the correct type names in your annotations
- If endpoints are missing, ensure they have proper Swagger annotations
- If you change the base path or other global settings, update them in the `main.go` file annotations
## Swagger Annotation Examples
### Main API Information
In `main.go`:
```go
// @title Time Tracker API
// @version 1.0
// @description This is a simple time tracker API.
// @host localhost:8080
// @BasePath /api
// @securityDefinitions.apikey BearerAuth
// @in header
// @name Authorization
```
### Endpoint Documentation
Example from a handler function:
```go
// GetActivities handles GET /activities
//
// @Summary Get all activities
// @Description Get a list of all activities
// @Tags activities
// @Accept json
// @Produce json
// @Security BearerAuth
// @Success 200 {object} utils.Response{data=[]dto.ActivityDto}
// @Failure 401 {object} utils.Response{error=utils.ErrorInfo}
// @Failure 500 {object} utils.Response{error=utils.ErrorInfo}
// @Router /activities [get]
func (h *ActivityHandler) GetActivities(c *gin.Context) {
// Function implementation
}
```
Remember that the Swagger documentation is generated from the annotations in your code, so keeping these annotations up-to-date is essential for accurate API documentation.
flake.nix
+113
View File
@@ -0,0 +1,113 @@
{
description = "Development environment for Go and Next.js (TypeScript)";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, nixpkgs, flake-utils }:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = import nixpkgs {
inherit system;
config = {
allowUnfree = true;
};
};
# Go development tools
goPackages = with pkgs; [
go
gopls
golangci-lint
delve
go-outline
gotools
go-mockgen
gomodifytags
impl
gotests
];
# TypeScript/Next.js development tools
nodePackages = with pkgs; [
nodejs_20
nodePackages.typescript
nodePackages.typescript-language-server
nodePackages.yarn
nodePackages.pnpm
nodePackages.npm
nodePackages.prettier
nodePackages.eslint
nodePackages.next
];
# General development tools
commonPackages = with pkgs; [
git
gh
nixpkgs-fmt
pre-commit
ripgrep
jq
curl
coreutils
gnumake
];
# VSCode with extensions
vscodeWithExtensions = pkgs.vscode-with-extensions.override {
vscodeExtensions = with pkgs.vscode-extensions; [
golang.go # Go support
esbenp.prettier-vscode # Prettier
dbaeumer.vscode-eslint # ESLint
ms-vscode.vscode-typescript-tslint-plugin # TypeScript
bradlc.vscode-tailwindcss # Tailwind CSS support
jnoortheen.nix-ide # Nix support
] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
{
name = "nextjs";
publisher = "pulkitgangwar";
version = "1.0.6";
sha256 = "sha256-L6ZgqNkM0qzSiTKiGfgQB9m3U0HmwLA3NZ9nrslQjeg=";
}
];
};
in
{
devShells.default = pkgs.mkShell {
buildInputs = goPackages ++ nodePackages ++ commonPackages ++ [ vscodeWithExtensions ];
shellHook = ''
echo "🚀 Welcome to the Go and Next.js (TypeScript) development environment!"
echo "📦 Available tools:"
echo " Go: $(go version)"
echo " Node: $(node --version)"
echo " TypeScript: $(tsc --version)"
echo " Next.js: $(npx next --version)"
echo ""
echo "🔧 Use 'code .' to open VSCode with the appropriate extensions"
echo "🔄 Run 'nix flake update' to update dependencies"
'';
# Environment variables
GOROOT = "${pkgs.go}/share/go";
GOPATH = "$(pwd)/.go";
GO111MODULE = "on";
# NodeJS setup
NODE_OPTIONS = "--max-old-space-size=4096";
};
# Optional: Add custom packages if needed
packages = {
# Example of a custom package or script if needed
# my-tool = ...
};
# Default package if someone runs `nix build`
defaultPackage = self.devShells.${system}.default;
});
}
frontend/src/types/dto.ts
+41 -21
View File
@@ -1,3 +1,4 @@
import { Nullable } from "./nullable";
// Code generated by tygo. DO NOT EDIT.
//////////
@@ -24,6 +25,24 @@ export interface ActivityUpdateDto {
billingRate?: number /* float64 */;
}
//////////
// source: auth_dto.go
/**
* LoginDto represents the login request
*/
export interface LoginDto {
email: string;
password: string;
}
/**
* TokenDto represents the response after successful authentication
*/
export interface TokenDto {
token: string;
user: UserDto;
}
//////////
// source: company_dto.go
@@ -54,11 +73,12 @@ export interface CustomerDto {
updatedAt: string;
lastEditorID: string;
name: string;
companyId: number /* int */;
companyId?: string;
owningUserID?: string;
}
export interface CustomerCreateDto {
name: string;
companyId: number /* int */;
companyId?: string;
}
export interface CustomerUpdateDto {
id: string;
@@ -66,7 +86,8 @@ export interface CustomerUpdateDto {
updatedAt?: string;
lastEditorID?: string;
name?: string;
companyId?: number /* int */;
companyId?: Nullable<string>;
owningUserID?: Nullable<string>;
}
//////////
@@ -78,11 +99,11 @@ export interface ProjectDto {
updatedAt: string;
lastEditorID: string;
name: string;
customerId: number /* int */;
customerId: string;
}
export interface ProjectCreateDto {
name: string;
customerId: number /* int */;
customerId: string;
}
export interface ProjectUpdateDto {
id: string;
@@ -90,7 +111,7 @@ export interface ProjectUpdateDto {
updatedAt?: string;
lastEditorID?: string;
name?: string;
customerId?: number /* int */;
customerId?: string;
}
//////////
@@ -101,18 +122,18 @@ export interface TimeEntryDto {
createdAt: string;
updatedAt: string;
lastEditorID: string;
userId: number /* int */;
projectId: number /* int */;
activityId: number /* int */;
userId: string;
projectId: string;
activityId: string;
start: string;
end: string;
description: string;
billable: number /* int */; // Percentage (0-100)
}
export interface TimeEntryCreateDto {
userId: number /* int */;
projectId: number /* int */;
activityId: number /* int */;
userId: string;
projectId: string;
activityId: string;
start: string;
end: string;
description: string;
@@ -123,9 +144,9 @@ export interface TimeEntryUpdateDto {
createdAt?: string;
updatedAt?: string;
lastEditorID?: string;
userId?: number /* int */;
projectId?: number /* int */;
activityId?: number /* int */;
userId?: string;
projectId?: string;
activityId?: string;
start?: string;
end?: string;
description?: string;
@@ -141,16 +162,15 @@ export interface UserDto {
updatedAt: string;
lastEditorID: string;
email: string;
password: string; // Note: In a real application, you would NEVER send the password in a DTO. This is just for demonstration.
role: string;
companyId: number /* int */;
companyId?: string;
hourlyRate: number /* float64 */;
}
export interface UserCreateDto {
email: string;
password: string; // Note: In a real application, you would NEVER send the password in a DTO. This is just for demonstration.
password: string;
role: string;
companyId: number /* int */;
companyId?: string;
hourlyRate: number /* float64 */;
}
export interface UserUpdateDto {
@@ -159,8 +179,8 @@ export interface UserUpdateDto {
updatedAt?: string;
lastEditorID?: string;
email?: string;
password?: string; // Note: In a real application, you would NEVER send the password in a DTO. This is just for demonstration.
password?: string;
role?: string;
companyId?: number /* int */;
companyId?: Nullable<string>;
hourlyRate?: number /* float64 */;
}
frontend/src/types/nullable.ts
+1
View File
@@ -0,0 +1 @@
export type Nullable<T> = T | null;
refactor_plan.md
+25
View File
@@ -0,0 +1,25 @@
# Refactoring Plan for backend/internal/api/handlers
## Goal
Refactor the code in `backend/internal/api/handlers` to reduce repetition and create helper functions for boilerplate operations, utilizing functions from `backend/internal/api/utils/handler_utils.go` and creating new ones if necessary.
## Analysis
The following common patterns were identified in the handler files:
1. **Error Handling:** Each handler function repeats the same error handling pattern.
2. **DTO Binding:** Parsing the request body and handling potential errors.
3. **ID Parsing:** Parsing the ID from the URL and handling potential errors.
4. **DTO Conversion:** Converting between DTOs and models.
5. **Success Responses:** Calling `responses.SuccessResponse` with the appropriate HTTP status code and data.
6. **Not Found Responses:** Checking if a record exists and calling `responses.NotFoundResponse` if it doesn't.
The `Update` handler is the most complex and has the most potential for refactoring.
## Plan
1. **Implement a generic `HandleUpdate` function in `handler_utils.go`:** This function will encapsulate the common logic for updating entities, including parsing the ID, binding the JSON, converting the DTO to a model, calling the update function, and handling errors and not found cases. The function will also handle nullable fields correctly.
2. **Modify the existing handlers to use the new `HandleUpdate` function:** This will involve removing the duplicated code from each handler and calling the generic function instead.
3. **Create new helper functions in `handler_utils.go` if needed:** If there are any specific operations that are not covered by the existing utility functions, I will create new ones to handle them.