dev day #89

2026-06-04 18:52:56 +00:00 · 2025-11-11 10:29:30 +01:00
parent d5b4faea61
commit 8762bde4bf
139 changed files with 7240 additions and 2870 deletions
@@ -25,6 +25,12 @@ func (ctrl *EventController) GetEventByID(c *gin.Context) {
    }
    // If not public, allow only owner (when identified upstream)
    if !ev.IsPublic {
+        if roleVal, hasRole := c.Get("userRole"); hasRole {
+            if role, _ := roleVal.(string); role == "admin" {
+                c.JSON(http.StatusOK, ev)
+                return
+            }
+        }
        if userID, exists := c.Get("userID"); !exists || ev.CreatedByID != userID {
            c.JSON(http.StatusForbidden, gin.H{"error": "Not allowed"})
            return
@@ -112,19 +118,29 @@ func (ctrl *EventController) CreateEvent(c *gin.Context) {
 }

 func (ctrl *EventController) GetEvents(c *gin.Context) {
-	var events []models.Event
-	query := ctrl.DB.Preload("Attachments")
-	
-	if userID, exists := c.Get("userID"); !exists {
-		query = query.Where("is_public = ?", true)
-	} else {
-		query = query.Where("created_by_id = ? OR is_public = ?", userID, true)
-	}
+    var events []models.Event
+    query := ctrl.DB.Preload("Attachments")
+    // Admin sees all events
+    if roleVal, hasRole := c.Get("userRole"); hasRole {
+        if role, _ := roleVal.(string); role == "admin" {
+            if err := query.Find(&events).Error; err != nil {
+                c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to fetch events"})
+                return
+            }
+            c.JSON(http.StatusOK, events)
+            return
+        }
+    }
+    if userID, exists := c.Get("userID"); !exists {
+        query = query.Where("is_public = ?", true)
+    } else {
+        query = query.Where("created_by_id = ? OR is_public = ?", userID, true)
+    }

-	if err := query.Find(&events).Error; err != nil {
-		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to fetch events"})
-		return
-	}
+    if err := query.Find(&events).Error; err != nil {
+        c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to fetch events"})
+        return
+    }

 	c.JSON(http.StatusOK, events)
 }
@@ -132,17 +148,27 @@ func (ctrl *EventController) GetEvents(c *gin.Context) {
 func (ctrl *EventController) GetUpcomingEvents(c *gin.Context) {
    var events []models.Event
    query := ctrl.DB.Preload("Attachments").Where("start_time >= ?", time.Now()).Order("start_time ASC").Limit(5)
-	
-	if userID, exists := c.Get("userID"); !exists {
-		query = query.Where("is_public = ?", true)
-	} else {
-		query = query.Where("created_by_id = ? OR is_public = ?", userID, true)
-	}
+    // Admin sees all upcoming events
+    if roleVal, hasRole := c.Get("userRole"); hasRole {
+        if role, _ := roleVal.(string); role == "admin" {
+            if err := query.Find(&events).Error; err != nil {
+                c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to fetch events"})
+                return
+            }
+            c.JSON(http.StatusOK, events)
+            return
+        }
+    }
+    if userID, exists := c.Get("userID"); !exists {
+        query = query.Where("is_public = ?", true)
+    } else {
+        query = query.Where("created_by_id = ? OR is_public = ?", userID, true)
+    }

-	if err := query.Find(&events).Error; err != nil {
-		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to fetch events"})
-		return
-	}
+    if err := query.Find(&events).Error; err != nil {
+        c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to fetch events"})
+        return
+    }

 	c.JSON(http.StatusOK, events)
 }