From 39d68c77c8f2db088221363e8c202a2b4cc5114c Mon Sep 17 00:00:00 2001 From: Qynn Schwaab Date: Tue, 1 Apr 2025 17:40:52 -0400 Subject: [PATCH] chore: upddate ecommerce updateProductStock scopes + quantity --- internal/ecommerce/service.go | 8 ++------ internal/middleware/oauth2.go | 10 ++++++++++ 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/internal/ecommerce/service.go b/internal/ecommerce/service.go index 014cdb0..3fef00f 100644 --- a/internal/ecommerce/service.go +++ b/internal/ecommerce/service.go @@ -3,7 +3,6 @@ package ecommerce import ( "encoding/json" "fmt" - "math" "net/http" "strconv" "time" @@ -205,7 +204,7 @@ func HandleUpdateProductStock(rw http.ResponseWriter, r *http.Request) { rw.Header().Set("Content-Type", "application/json") scopes, scopesFound := middleware.OAuth2Scopes(r) - if !scopesFound || !scopes.Has([]string{"admin"}) { + if !scopesFound || !scopes.HasOneOf([]string{"admin", "producs:udpate"}) { http.Error(rw, `{"error": "insufficient scopes"}`, http.StatusForbidden) return } @@ -235,13 +234,10 @@ func HandleUpdateProductStock(rw http.ResponseWriter, r *http.Request) { return } - // Seed cannot be 0 otherwise faker picks a random one - faker := gofakeit.New(productID + 1) - now := time.Now().Truncate(24 * time.Second) if err := enc.Encode(ProductInventoryStatus{ ProductID: rawID, - Quantity: faker.IntRange(int(math.Abs(float64(form.QuantityDelta))), 100) + form.QuantityDelta, + Quantity: int(10*productID) + form.QuantityDelta, UpdatedAt: now, }); err != nil { http.Error(rw, `{"error": "could not encode response"}`, http.StatusInternalServerError) diff --git a/internal/middleware/oauth2.go b/internal/middleware/oauth2.go index ce5a9a5..cbdc9b2 100644 --- a/internal/middleware/oauth2.go +++ b/internal/middleware/oauth2.go @@ -87,3 +87,13 @@ func (s Scopes) Has(requiredScopes []string) bool { return true } + +func (s Scopes) HasOneOf(allowedScopes []string) bool { + for _, scope := range allowedScopes { + if slices.Contains(s, scope) { + return true + } + } + + return false +}