go/todo-api
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity
Files
main
todo-api/internal/repository/user_repository.go
Rene Nochebuena 3fcba82448 feat(todo-api): add full-stack POC demonstrating micro-lib v0.9.0 
Runnable REST API exercising every micro-lib tier in a containerless setup: N-layer architecture, SQLite persistence, header-based auth simulating Firebase output, and bit-mask RBAC enforcement.

What's included:
- cmd/todo-api: minimal main delegating to application.Run
- internal/application: full object graph wiring — launcher, sqlite, httpserver, httpmw stack, routes in BeforeStart
- internal/domain: User entity, ResourceTodos constant, PermReadTodo/PermWriteTodo bit positions
- internal/repository: TodoRepository, UserRepository, DBPermissionProvider (SQLite via modernc)
- internal/service: TodoService, UserService with interface-based dependencies
- internal/handler: TodoHandler, UserHandler using httputil adapters and valid for input validation
- internal/middleware: Auth (X-User-ID → rbac.Identity) and Require (bit-mask permission gate)
- logAdapter: bridges logz.Logger.With return type to httpmw.Logger interface
- SQLite schema: users, user_role (bitmask), todos; migrations run in BeforeStart
- Routes: POST /users (open), GET+POST /todos (RBAC), GET /users (RBAC)

Tested-via: todo-api POC integration
Reviewed-against: docs/adr/
2026-03-19 13:55:08 +00:00

92 lines
2.7 KiB
Go
Raw Permalink Blame History

package repository
import (
"context"
"database/sql"
"errors"
"code.nochebuena.dev/go/rbac"
"code.nochebuena.dev/go/sqlite"
"code.nochebuena.dev/go/xerrors"
"code.nochebuena.dev/go/todo-api/internal/domain"
)
// UserRepository defines persistence operations for users and their role bits.
type UserRepository interface {
FindAll(ctx context.Context) ([]domain.User, error)
FindByID(ctx context.Context, id string) (domain.User, error)
Create(ctx context.Context, user domain.User) (domain.User, error)
SetPermissions(ctx context.Context, userID, resource string, mask rbac.PermissionMask) error
}
type userRepository struct {
db sqlite.Client
}
// NewUserRepository returns a SQLite-backed UserRepository.
func NewUserRepository(db sqlite.Client) UserRepository {
return &userRepository{db: db}
}
func (r *userRepository) FindAll(ctx context.Context) ([]domain.User, error) {
rows, err := r.db.GetExecutor(ctx).QueryContext(ctx,
`SELECT id, name, email, created_at FROM users ORDER BY created_at DESC`,
)
if err != nil {
return nil, r.db.HandleError(err)
}
defer rows.Close()
var users []domain.User
for rows.Next() {
var u domain.User
if err := rows.Scan(&u.ID, &u.Name, &u.Email, &u.CreatedAt); err != nil {
return nil, err
}
users = append(users, u)
}
if err := rows.Err(); err != nil {
return nil, err
}
if users == nil {
users = []domain.User{}
}
return users, nil
}
func (r *userRepository) FindByID(ctx context.Context, id string) (domain.User, error) {
row := r.db.GetExecutor(ctx).QueryRowContext(ctx,
`SELECT id, name, email, created_at FROM users WHERE id = ?`, id,
)
var u domain.User
if err := row.Scan(&u.ID, &u.Name, &u.Email, &u.CreatedAt); err != nil {
if errors.Is(err, sql.ErrNoRows) {
return domain.User{}, xerrors.New(xerrors.ErrNotFound, "user not found")
}
return domain.User{}, r.db.HandleError(err)
}
return u, nil
}
func (r *userRepository) Create(ctx context.Context, user domain.User) (domain.User, error) {
row := r.db.GetExecutor(ctx).QueryRowContext(ctx,
`INSERT INTO users (id, name, email) VALUES (?, ?, ?)
RETURNING id, name, email, created_at`,
user.ID, user.Name, user.Email,
)
var u domain.User
if err := row.Scan(&u.ID, &u.Name, &u.Email, &u.CreatedAt); err != nil {
return domain.User{}, r.db.HandleError(err)
}
return u, nil
}
func (r *userRepository) SetPermissions(ctx context.Context, userID, resource string, mask rbac.PermissionMask) error {
_, err := r.db.GetExecutor(ctx).ExecContext(ctx,
`INSERT INTO user_role (user_id, resource, permissions) VALUES (?, ?, ?)
ON CONFLICT (user_id, resource) DO UPDATE SET permissions = excluded.permissions`,
userID, resource, int64(mask),
)
return err
}
Reference in New Issue View Git Blame Copy Permalink