329 lines
48 KiB
Plaintext
329 lines
48 KiB
Plaintext
# Authorization Audit - 20251123-080450
|
|
== Role Checks ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:284:func requireRole(next http.HandlerFunc, allowedRoles ...string) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:287: userRoles, err := extractRoles(claims)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:289: http.Error(w, "No roles found", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:293: for _, userRole := range userRoles {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:294: for _, allowedRole := range allowedRoles {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:295: if userRole == allowedRole {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:302: http.Error(w, "Insufficient permissions", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:306:func extractRoles(claims jwt.MapClaims) ([]string, error) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:307: rawRoles, ok := claims["roles"]
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:309: return nil, errors.New("roles missing")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:312: switch v := rawRoles.(type) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:316: roleStr, ok := r.(string)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:318: return nil, errors.New("role not string")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:320: out = append(out, roleStr)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:326: return nil, errors.New("invalid roles type")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:330:func hasRole(claims jwt.MapClaims, role string) bool {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:331: roles, err := extractRoles(claims)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:335: for _, r := range roles {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:336: if r == role {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:608: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:652: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:757: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:801: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1085: requireRole(closeQuestionHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1120: requireRole(verifyAnswerHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:294: roles, err := extractRoles(claims)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:296: http.Error(w, "Invalid token roles", http.StatusUnauthorized)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:302: ctx = context.WithValue(ctx, "roles", roles)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:309:// requireRole middleware checks if user has required role
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:310:func requireRole(next http.HandlerFunc, allowedRoles ...string) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:312: userRoles, ok := r.Context().Value("roles").([]string)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:314: http.Error(w, "No roles found in token", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:318: // Check if user has any of the allowed roles
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:319: hasRole := false
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:320: for _, userRole := range userRoles {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:321: for _, allowedRole := range allowedRoles {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:322: if userRole == allowedRole {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:323: hasRole = true
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:327: if hasRole {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:332: if !hasRole {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:333: http.Error(w, "Insufficient permissions", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:341:func extractRoles(claims jwt.MapClaims) ([]string, error) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:342: rawRoles, ok := claims["roles"]
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:344: return nil, errors.New("roles missing")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:347: switch v := rawRoles.(type) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:351: roleStr, ok := r.(string)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:353: return nil, errors.New("role value not string")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:355: out = append(out, roleStr)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:361: return nil, errors.New("roles claim type invalid")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:393:func hasAnyRole(ctx context.Context, allowedRoles ...string) bool {
|
|
|
|
== Admin-Only Endpoints ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:608: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:652: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:757: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:801: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:882:// POST /answers/:id/verify - Verify answer (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1016:// POST /questions/:id/close - Close question (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1085: requireRole(closeQuestionHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1120: requireRole(verifyAnswerHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:102: // Invoice routes (protected - staff/admin can create, clients can view their own)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:419: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:445: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:451: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:468: // Authorization: STAFF/ADMIN can see all or filtered, CLIENTs only see their own
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:469: if hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:600: isStaffOrAdmin := hasAnyRole(r.Context(), "STAFF", "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:702: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:739: // Authorization: STAFF/ADMIN can see all payments, CLIENTs only see payments for their invoices
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:740: if hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:895: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:951: isStaffOrAdmin := hasAnyRole(r.Context(), "STAFF", "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:97: // Approval routes (STAFF/ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:98: http.HandleFunc("/projects/pending", requireRole(handlePendingProjects, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:99: http.HandleFunc("/projects/approve/", requireRole(handleProjectApproval, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:105: // Work order routes (protected - staff/admin only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:106: http.HandleFunc("/workorders", requireRole(handleWorkOrders, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:107: http.HandleFunc("/workorders/", requireRole(handleWorkOrderByID, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:413: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:441: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:447: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:463: // Authorization: STAFF/ADMIN can see all approved projects, CLIENTs only see their own approved projects
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:464: if hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:530: // STAFF/ADMIN creating projects are auto-approved
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:577: // Authorization: Check if user is owner (CLIENT), requester, or has elevated role (STAFF/ADMIN)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:580: isStaffOrAdmin := hasAnyRole(r.Context(), "STAFF", "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:607: isStaffOrAdmin := hasAnyRole(r.Context(), "STAFF", "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:656: // Authorization check - only STAFF/ADMIN can delete (protect clients from accidental deletion)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:657: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:658: http.Error(w, "Forbidden: only STAFF or ADMIN can delete projects", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:684: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:711: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:717: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:734: // Authorization: STAFF/ADMIN can see all tasks (optionally filtered), CLIENTs only see tasks for their projects
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:735: if hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:871: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:901: // Note: Only STAFF/ADMIN can reach here due to handler check, but verify project access
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:960: // Note: Only STAFF/ADMIN can reach here due to handler check, but verify project access
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:1286:// getProjectRequest returns a single project request (must be owned by user or STAFF/ADMIN)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:1310: // Authorization: Only requester or STAFF/ADMIN can view
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:1312: isStaffOrAdmin := hasAnyRole(r.Context(), "STAFF", "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:1365:// ===== APPROVAL HANDLERS (STAFF/ADMIN only) =====
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:188: http.HandleFunc("/link-identity", authenticate(requireRole(handleLinkIdentity, "CLIENT", "STAFF", "ADMIN")))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:189: http.HandleFunc("/unlink-identity", authenticate(requireRole(handleUnlinkIdentity, "CLIENT", "STAFF", "ADMIN")))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:195: // Admin routes (ADMIN only) - Note: SUPERUSER has implicit access
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:196: http.HandleFunc("/admin/users", authenticate(requireRole(handleGetAllUsers, "ADMIN", "SUPERUSER")))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:197: http.HandleFunc("/admin/users/promote-role", authenticate(requireRole(handlePromoteUserRole, "ADMIN", "SUPERUSER")))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:198: http.HandleFunc("/admin/users/demote-role", authenticate(requireRole(handleDemoteUserRole, "ADMIN", "SUPERUSER")))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:388: // Staff/Admin roles can only be granted by existing ADMIN/SUPERUSER
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:504: // Staff/Admin roles can only be granted by existing ADMIN/SUPERUSER
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1129:// ===== ADMIN ENDPOINTS =====
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1143:// handleGetAllUsers returns all users (ADMIN/SUPERUSER only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1203:// handleDemoteUserRole allows ADMIN/SUPERUSER users to remove roles from other users
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1204:// ADMIN can only demote CLIENT, STAFF, ADMIN roles (cannot touch SUPERUSER)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1213: adminUserID := int(claims["userId"].(float64))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1228: validRoles := map[string]bool{"CLIENT": true, "STAFF": true, "ADMIN": true}
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1230: http.Error(w, "Invalid role. Must be CLIENT, STAFF, or ADMIN", http.StatusBadRequest)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1244: // If not superuser, verify target is not a superuser (ADMINs cannot touch SUPERUSERs)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1251: http.Error(w, "Forbidden: ADMINs cannot modify SUPERUSER accounts", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1256: // Prevent admin from demoting themselves from ADMIN role
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1257: if req.UserID == adminUserID && req.Role == "ADMIN" && !isSuperuser {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1258: http.Error(w, "Cannot remove your own ADMIN role", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1318: adminUserID, req.Role, req.UserID, userName)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1326:// handlePromoteUserRole allows ADMIN/SUPERUSER users to grant roles to other users
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1327:// ADMIN can only promote to CLIENT, STAFF, ADMIN
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1336: adminUserID := int(claims["userId"].(float64))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1346: validRoles := map[string]bool{"CLIENT": true, "STAFF": true, "ADMIN": true}
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1352: http.Error(w, "Invalid role. Must be CLIENT, STAFF, or ADMIN", http.StatusBadRequest)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1366: // If not superuser, verify target is not a superuser (ADMINs cannot touch SUPERUSERs)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1373: http.Error(w, "Forbidden: ADMINs cannot modify SUPERUSER accounts", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1420: adminUserID, req.Role, req.UserID, userName)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:22: StatusPendingReview = "PENDING_REVIEW" // Submitted for admin review
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:23: StatusApproved = "APPROVED" // Approved by admin, ready to publish
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:25: StatusRejected = "REJECTED" // Rejected by admin with feedback
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:29:// Blog type constants - SITE blogs are admin/staff content, USER blogs are community content
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:31: BlogTypeSite = "SITE" // Official site blogs (admin/staff authored)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:52: Verified bool `json:"verified"` // True if admin-verified content (for USER blogs/tutorials)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:206: // All existing blogs default to SITE type and verified (since they were created by staff/admin)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:450: // Only show SITE blogs (admin/staff official content) - USER blogs are in /community/blogs
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:523:// ============ STAFF/ADMIN ENDPOINTS ============
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:525:// GET /admin/blogs - List all SITE blogs with filters (STAFF sees own, ADMIN sees all)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:530: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:540: // STAFF can only see their own blogs unless they're ADMIN
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:584:// GET /admin/blogs/pending - List SITE blogs pending review (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:617:// POST /admin/blogs - Create a new SITE blog (STAFF creates as DRAFT, ADMIN can create as any status)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:622: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:652: // STAFF always creates as DRAFT, ADMIN can create directly as PUBLISHED
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:688:// PUT /admin/blogs/:slug - Update a blog (author can update own DRAFT/REJECTED, ADMIN can update any)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:693: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:695: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:768:// POST /admin/blogs/:slug/submit - Submit blog for review (STAFF only, moves DRAFT -> PENDING_REVIEW)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:774: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:806:// POST /admin/blogs/:slug/review - Review a blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:812: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:866:// POST /admin/blogs/:slug/publish - Publish an approved blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:872: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:882: // ADMIN can publish from APPROVED status (normal flow) or DRAFT (skip review for admin-created content)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:900:// POST /admin/blogs/:slug/unpublish - Unpublish a blog (ADMIN only, moves to ARCHIVED)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:906: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:932:// DELETE /admin/blogs/:slug - Delete a blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:938: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:958:// These endpoints are completely separate from SITE blogs (admin/staff content)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1282:// ============ ADMIN COMMUNITY MANAGEMENT ENDPOINTS ============
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1284:// GET /admin/community/blogs - List all community blogs (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1326:// POST /admin/community/blogs/:slug/promote - Promote a community blog to SITE blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1332: slug := strings.TrimPrefix(r.URL.Path, "/admin/community/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1367:// DELETE /admin/community/blogs/:slug - Admin delete any community blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1368:func adminDeleteCommunityBlogHandler(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1373: slug := strings.TrimPrefix(r.URL.Path, "/admin/community/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1393:// POST /admin/community/blogs/:slug/archive - Archive a community blog (hide from public)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1399: slug := strings.TrimPrefix(r.URL.Path, "/admin/community/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1426:// POST /admin/community/blogs/:slug/verify - Verify a community blog/tutorial (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1427:// This marks content as admin-verified without promoting to site blog
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1433: slug := strings.TrimPrefix(r.URL.Path, "/admin/community/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1467:// POST /admin/community/blogs/:slug/unverify - Remove verification from a community blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1473: slug := strings.TrimPrefix(r.URL.Path, "/admin/community/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1540: // ============ ADMIN ROUTES ============
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1541: // GET /admin/blogs - List all blogs (STAFF sees own, ADMIN sees all)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1542: http.HandleFunc("/admin/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1549: requireRole(listAllBlogsHandler, "STAFF", "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1551: requireRole(createBlogHandler, "STAFF", "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1557: // GET /admin/blogs/pending - List pending review (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1558: http.HandleFunc("/admin/blogs/pending", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1565: requireRole(listPendingReviewHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1572: http.HandleFunc("/admin/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1585: requireRole(submitForReviewHandler, "STAFF", "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1591: requireRole(reviewBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1597: requireRole(publishBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1603: requireRole(unpublishBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1608: // /admin/blogs/:slug - CRUD operations
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1610: requireRole(updateBlogHandler, "STAFF", "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1612: requireRole(deleteBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1671: // ============ ADMIN COMMUNITY MANAGEMENT ROUTES ============
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1673: // GET /admin/community/blogs - List all community blogs (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1674: http.HandleFunc("/admin/community/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1681: requireRole(listAllCommunityBlogsHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1688: http.HandleFunc("/admin/community/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1700: requireRole(promoteCommunityBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1706: requireRole(verifyCommunityBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1712: requireRole(unverifyCommunityBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1718: requireRole(archiveCommunityBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1723: // DELETE /admin/community/blogs/:slug
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1725: requireRole(adminDeleteCommunityBlogHandler, "ADMIN")(w, r)
|
|
|
|
== Ownership Checks (IDOR Prevention) ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:182: CREATE INDEX IF NOT EXISTS idx_votes_user ON forum_votes(user_id);
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:347: if id, ok := claims["user_id"].(float64); ok {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:617: // Check ownership
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:625: if authorID != userID && !isAdmin {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:661: // Check ownership
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:669: if authorID != userID && !isAdmin {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:766: // Check ownership
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:774: if authorID != userID && !isAdmin {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:810: // Check ownership and get question ID
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:818: if authorID != userID && !isAdmin {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:866: if questionAuthorID != userID {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:897: verified_at = CURRENT_TIMESTAMP WHERE id = $2`, userID, id)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:903: log.Printf("AUDIT: Admin %d verified answer %d", userID, id)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:936: err = db.QueryRow("SELECT vote_type FROM forum_votes WHERE user_id = $1 AND target_type = 'question' AND target_id = $2",
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:950: db.Exec("UPDATE forum_votes SET vote_type = $1 WHERE user_id = $2 AND target_type = 'question' AND target_id = $3",
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:990: err = db.QueryRow("SELECT vote_type FROM forum_votes WHERE user_id = $1 AND target_type = 'answer' AND target_id = $2",
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1004: db.Exec("UPDATE forum_votes SET vote_type = $1 WHERE user_id = $2 AND target_type = 'answer' AND target_id = $3",
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:366: if id, ok := claims["user_id"]; ok {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:476: WHERE client_id = $1
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:495: WHERE client_id = $1
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:615: err := db.QueryRow(`SELECT client_id, status FROM invoices WHERE id = $1`, id).Scan(&existingClientID, &existingStatus)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:764: err = db.QueryRow(`SELECT client_id FROM invoices WHERE id = $1`, invoiceID).Scan(&ownerID)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:772: if ownerID != userID {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:792: WHERE i.client_id = $1
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:897: err = db.QueryRow(`SELECT client_id FROM invoices WHERE id = $1`, p.InvoiceID).Scan(&ownerID)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:899: http.Error(w, "Failed to verify ownership", http.StatusInternalServerError)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:902: if ownerID != userID {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:933: // Get invoice details including client_id for ownership check
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:360: if id, ok := claims["user_id"]; ok {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:482: WHERE client_id = $1 AND COALESCE(approval_status, 'APPROVED') = 'APPROVED'
|
|
|
|
== Middleware Protection ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:210:func authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:285: return authMiddleware(func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1055: authMiddleware(createQuestionHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1073: authMiddleware(createAnswerHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1079: authMiddleware(voteQuestionHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1093: authMiddleware(updateQuestionHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1095: authMiddleware(deleteQuestionHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1114: authMiddleware(acceptAnswerHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1126: authMiddleware(voteAnswerHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1132: authMiddleware(updateAnswerHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1134: authMiddleware(deleteAnswerHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main_test.go:33:func TestCORSMiddleware(t *testing.T) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main_test.go:38: handler := corsMiddleware(testHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:103: http.HandleFunc("/invoices", authMiddleware(handleInvoices))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:104: http.HandleFunc("/invoices/", authMiddleware(handleInvoiceByID))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:107: http.HandleFunc("/payments", authMiddleware(handlePayments))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:108: http.HandleFunc("/payments/", authMiddleware(handlePaymentByID))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:111: http.HandleFunc("/invoices/create-payment-intent", authMiddleware(createStripePaymentIntent))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:124: Handler: corsMiddleware(http.DefaultServeMux),
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:207:func corsMiddleware(next http.Handler) http.Handler {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:241:// authMiddleware validates JWT token and extracts user info
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:242:func authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:309:// requireRole middleware checks if user has required role
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:311: return authMiddleware(func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main_test.go:33:func TestCORSMiddleware(t *testing.T) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main_test.go:39: // Wrap with CORS middleware
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main_test.go:40: handler := corsMiddleware(testHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:90: http.HandleFunc("/projects", authMiddleware(handleProjects))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:91: http.HandleFunc("/projects/", authMiddleware(handleProjectByID))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:94: http.HandleFunc("/project-requests", authMiddleware(handleProjectRequests))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:95: http.HandleFunc("/project-requests/", authMiddleware(handleProjectRequestByID))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:102: http.HandleFunc("/tasks", authMiddleware(handleTasks))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:103: http.HandleFunc("/tasks/", authMiddleware(handleTaskByID))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:117: Handler: corsMiddleware(http.DefaultServeMux),
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:200:// corsMiddleware adds CORS headers to allow frontend to communicate with backend
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:201:func corsMiddleware(next http.Handler) http.Handler {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:235:// authMiddleware validates JWT token and extracts user info
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:236:func authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:303:// requireRole middleware checks if user has required role
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:305: return authMiddleware(func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:213: Handler: corsMiddleware(http.DefaultServeMux),
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:313:func corsMiddleware(next http.Handler) http.Handler {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:59: // CORS middleware
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:60: handler := corsMiddleware(mux)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:122:func corsMiddleware(next http.Handler) http.Handler {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:240:func authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:278: return authMiddleware(func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1632: authMiddleware(createCommunityBlogHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1646: authMiddleware(listMyBlogsHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1663: authMiddleware(updateCommunityBlogHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1665: authMiddleware(deleteCommunityBlogHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:55: mux.HandleFunc("/submit", corsMiddleware(submitHandler))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:56: mux.HandleFunc("/health", corsMiddleware(healthHandler))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:59: mux.HandleFunc("/submissions", corsMiddleware(authMiddleware(listSubmissionsHandler)))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:60: mux.HandleFunc("/submissions/", corsMiddleware(authMiddleware(submissionHandler)))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:148:func corsMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:181:func authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
|
|
== Unprotected Routes ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1046: http.HandleFunc("/questions", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1061: http.HandleFunc("/questions/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1102: http.HandleFunc("/answers/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1142: http.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:114: http.HandleFunc("/webhooks/stripe", handleStripeWebhook)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:117: http.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:98: http.HandleFunc("/projects/pending", requireRole(handlePendingProjects, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:99: http.HandleFunc("/projects/approve/", requireRole(handleProjectApproval, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:106: http.HandleFunc("/workorders", requireRole(handleWorkOrders, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:107: http.HandleFunc("/workorders/", requireRole(handleWorkOrderByID, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:110: http.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/example-function/main.go:46: http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/example-function/main.go:50: http.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:54: mux.HandleFunc("/health", healthHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:55: mux.HandleFunc("/peer-info", peerInfoHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:56: mux.HandleFunc("/connect", connectHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:57: mux.HandleFunc("/peers", peersHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1513: http.HandleFunc("/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1527: http.HandleFunc("/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1542: http.HandleFunc("/admin/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1558: http.HandleFunc("/admin/blogs/pending", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1572: http.HandleFunc("/admin/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1622: http.HandleFunc("/community/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1639: http.HandleFunc("/community/my-blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1653: http.HandleFunc("/community/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1674: http.HandleFunc("/admin/community/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1688: http.HandleFunc("/admin/community/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1733: http.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:55: mux.HandleFunc("/submit", corsMiddleware(submitHandler))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:56: mux.HandleFunc("/health", corsMiddleware(healthHandler))
|