331 lines
48 KiB
Plaintext
331 lines
48 KiB
Plaintext
# Authorization Audit - 20251123-092507
|
|
== Role Checks ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:284:func requireRole(next http.HandlerFunc, allowedRoles ...string) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:287: userRoles, err := extractRoles(claims)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:289: http.Error(w, "No roles found", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:293: for _, userRole := range userRoles {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:294: for _, allowedRole := range allowedRoles {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:295: if userRole == allowedRole {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:302: http.Error(w, "Insufficient permissions", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:306:func extractRoles(claims jwt.MapClaims) ([]string, error) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:307: rawRoles, ok := claims["roles"]
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:309: return nil, errors.New("roles missing")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:312: switch v := rawRoles.(type) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:316: roleStr, ok := r.(string)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:318: return nil, errors.New("role not string")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:320: out = append(out, roleStr)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:326: return nil, errors.New("invalid roles type")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:330:func hasRole(claims jwt.MapClaims, role string) bool {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:331: roles, err := extractRoles(claims)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:335: for _, r := range roles {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:336: // SUPERUSER has all permissions
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:340: if r == role {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:612: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:656: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:761: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:805: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1089: requireRole(closeQuestionHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1124: requireRole(verifyAnswerHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:233: w.Header().Set("Permissions-Policy", "geolocation=(), microphone=(), camera=()")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:304: roles, err := extractRoles(claims)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:306: http.Error(w, "Invalid token roles", http.StatusUnauthorized)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:312: ctx = context.WithValue(ctx, "roles", roles)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:319:// requireRole middleware checks if user has required role
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:320:func requireRole(next http.HandlerFunc, allowedRoles ...string) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:322: userRoles, ok := r.Context().Value("roles").([]string)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:324: http.Error(w, "No roles found in token", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:328: // Check if user has any of the allowed roles
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:329: hasRole := false
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:330: for _, userRole := range userRoles {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:331: for _, allowedRole := range allowedRoles {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:332: if userRole == allowedRole {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:333: hasRole = true
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:337: if hasRole {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:342: if !hasRole {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:343: http.Error(w, "Insufficient permissions", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:351:func extractRoles(claims jwt.MapClaims) ([]string, error) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:352: rawRoles, ok := claims["roles"]
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:354: return nil, errors.New("roles missing")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:357: switch v := rawRoles.(type) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:361: roleStr, ok := r.(string)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:363: return nil, errors.New("role value not string")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:365: out = append(out, roleStr)
|
|
|
|
== Admin-Only Endpoints ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:612: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:656: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:761: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:805: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:886:// POST /answers/:id/verify - Verify answer (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1020:// POST /questions/:id/close - Close question (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1089: requireRole(closeQuestionHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1124: requireRole(verifyAnswerHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:102: // Invoice routes (protected - staff/admin can create, clients can view their own)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:429: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:455: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:461: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:478: // Authorization: STAFF/ADMIN can see all or filtered, CLIENTs only see their own
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:479: if hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:610: isStaffOrAdmin := hasAnyRole(r.Context(), "STAFF", "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:712: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:749: // Authorization: STAFF/ADMIN can see all payments, CLIENTs only see payments for their invoices
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:750: if hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:905: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:961: isStaffOrAdmin := hasAnyRole(r.Context(), "STAFF", "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:97: // Approval routes (STAFF/ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:98: http.HandleFunc("/projects/pending", requireRole(handlePendingProjects, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:99: http.HandleFunc("/projects/approve/", requireRole(handleProjectApproval, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:105: // Work order routes (protected - staff/admin only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:106: http.HandleFunc("/workorders", requireRole(handleWorkOrders, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:107: http.HandleFunc("/workorders/", requireRole(handleWorkOrderByID, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:423: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:451: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:457: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:473: // Authorization: STAFF/ADMIN can see all approved projects, CLIENTs only see their own approved projects
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:474: if hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:540: // STAFF/ADMIN creating projects are auto-approved
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:587: // Authorization: Check if user is owner (CLIENT), requester, or has elevated role (STAFF/ADMIN)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:590: isStaffOrAdmin := hasAnyRole(r.Context(), "STAFF", "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:617: isStaffOrAdmin := hasAnyRole(r.Context(), "STAFF", "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:666: // Authorization check - only STAFF/ADMIN can delete (protect clients from accidental deletion)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:667: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:668: http.Error(w, "Forbidden: only STAFF or ADMIN can delete projects", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:694: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:721: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:727: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:744: // Authorization: STAFF/ADMIN can see all tasks (optionally filtered), CLIENTs only see tasks for their projects
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:745: if hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:881: if !hasAnyRole(r.Context(), "STAFF", "ADMIN") {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:911: // Note: Only STAFF/ADMIN can reach here due to handler check, but verify project access
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:970: // Note: Only STAFF/ADMIN can reach here due to handler check, but verify project access
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:1296:// getProjectRequest returns a single project request (must be owned by user or STAFF/ADMIN)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:1320: // Authorization: Only requester or STAFF/ADMIN can view
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:1322: isStaffOrAdmin := hasAnyRole(r.Context(), "STAFF", "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:1375:// ===== APPROVAL HANDLERS (STAFF/ADMIN only) =====
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:319: http.HandleFunc("/link-identity", authenticate(requireRole(handleLinkIdentity, "CLIENT", "STAFF", "ADMIN")))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:320: http.HandleFunc("/unlink-identity", authenticate(requireRole(handleUnlinkIdentity, "CLIENT", "STAFF", "ADMIN")))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:326: // Admin routes (ADMIN only) - Note: SUPERUSER has implicit access
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:327: http.HandleFunc("/admin/users", authenticate(requireRole(handleGetAllUsers, "ADMIN", "SUPERUSER")))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:328: http.HandleFunc("/admin/users/promote-role", authenticate(requireRole(handlePromoteUserRole, "ADMIN", "SUPERUSER")))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:329: http.HandleFunc("/admin/users/demote-role", authenticate(requireRole(handleDemoteUserRole, "ADMIN", "SUPERUSER")))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:536: // Staff/Admin roles can only be granted by existing ADMIN/SUPERUSER
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:660: // Staff/Admin roles can only be granted by existing ADMIN/SUPERUSER
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1321:// ===== ADMIN ENDPOINTS =====
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1335:// handleGetAllUsers returns all users (ADMIN/SUPERUSER only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1395:// handleDemoteUserRole allows ADMIN/SUPERUSER users to remove roles from other users
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1396:// ADMIN can only demote CLIENT, STAFF, ADMIN roles (cannot touch SUPERUSER)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1405: adminUserID := int(claims["userId"].(float64))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1420: validRoles := map[string]bool{"CLIENT": true, "STAFF": true, "ADMIN": true}
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1422: http.Error(w, "Invalid role. Must be CLIENT, STAFF, or ADMIN", http.StatusBadRequest)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1436: // If not superuser, verify target is not a superuser (ADMINs cannot touch SUPERUSERs)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1443: http.Error(w, "Forbidden: ADMINs cannot modify SUPERUSER accounts", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1448: // Prevent admin from demoting themselves from ADMIN role
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1449: if req.UserID == adminUserID && req.Role == "ADMIN" && !isSuperuser {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1450: http.Error(w, "Cannot remove your own ADMIN role", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1510: adminUserID, req.Role, req.UserID, userName)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1518:// handlePromoteUserRole allows ADMIN/SUPERUSER users to grant roles to other users
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1519:// ADMIN can only promote to CLIENT, STAFF, ADMIN
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1528: adminUserID := int(claims["userId"].(float64))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1538: validRoles := map[string]bool{"CLIENT": true, "STAFF": true, "ADMIN": true}
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1544: http.Error(w, "Invalid role. Must be CLIENT, STAFF, or ADMIN", http.StatusBadRequest)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1558: // If not superuser, verify target is not a superuser (ADMINs cannot touch SUPERUSERs)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1565: http.Error(w, "Forbidden: ADMINs cannot modify SUPERUSER accounts", http.StatusForbidden)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:1612: adminUserID, req.Role, req.UserID, userName)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:22: StatusPendingReview = "PENDING_REVIEW" // Submitted for admin review
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:23: StatusApproved = "APPROVED" // Approved by admin, ready to publish
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:25: StatusRejected = "REJECTED" // Rejected by admin with feedback
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:29:// Blog type constants - SITE blogs are admin/staff content, USER blogs are community content
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:31: BlogTypeSite = "SITE" // Official site blogs (admin/staff authored)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:52: Verified bool `json:"verified"` // True if admin-verified content (for USER blogs/tutorials)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:206: // All existing blogs default to SITE type and verified (since they were created by staff/admin)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:454: // Only show SITE blogs (admin/staff official content) - USER blogs are in /community/blogs
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:527:// ============ STAFF/ADMIN ENDPOINTS ============
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:529:// GET /admin/blogs - List all SITE blogs with filters (STAFF sees own, ADMIN sees all)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:534: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:544: // STAFF can only see their own blogs unless they're ADMIN
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:588:// GET /admin/blogs/pending - List SITE blogs pending review (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:621:// POST /admin/blogs - Create a new SITE blog (STAFF creates as DRAFT, ADMIN can create as any status)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:626: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:656: // STAFF always creates as DRAFT, ADMIN can create directly as PUBLISHED
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:692:// PUT /admin/blogs/:slug - Update a blog (author can update own DRAFT/REJECTED, ADMIN can update any)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:697: isAdmin := hasRole(claims, "ADMIN")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:699: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:772:// POST /admin/blogs/:slug/submit - Submit blog for review (STAFF only, moves DRAFT -> PENDING_REVIEW)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:778: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:810:// POST /admin/blogs/:slug/review - Review a blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:816: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:870:// POST /admin/blogs/:slug/publish - Publish an approved blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:876: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:886: // ADMIN can publish from APPROVED status (normal flow) or DRAFT (skip review for admin-created content)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:904:// POST /admin/blogs/:slug/unpublish - Unpublish a blog (ADMIN only, moves to ARCHIVED)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:910: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:936:// DELETE /admin/blogs/:slug - Delete a blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:942: slug := strings.TrimPrefix(r.URL.Path, "/admin/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:962:// These endpoints are completely separate from SITE blogs (admin/staff content)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1286:// ============ ADMIN COMMUNITY MANAGEMENT ENDPOINTS ============
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1288:// GET /admin/community/blogs - List all community blogs (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1330:// POST /admin/community/blogs/:slug/promote - Promote a community blog to SITE blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1336: slug := strings.TrimPrefix(r.URL.Path, "/admin/community/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1371:// DELETE /admin/community/blogs/:slug - Admin delete any community blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1372:func adminDeleteCommunityBlogHandler(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1377: slug := strings.TrimPrefix(r.URL.Path, "/admin/community/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1397:// POST /admin/community/blogs/:slug/archive - Archive a community blog (hide from public)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1403: slug := strings.TrimPrefix(r.URL.Path, "/admin/community/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1430:// POST /admin/community/blogs/:slug/verify - Verify a community blog/tutorial (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1431:// This marks content as admin-verified without promoting to site blog
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1437: slug := strings.TrimPrefix(r.URL.Path, "/admin/community/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1471:// POST /admin/community/blogs/:slug/unverify - Remove verification from a community blog (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1477: slug := strings.TrimPrefix(r.URL.Path, "/admin/community/blogs/")
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1544: // ============ ADMIN ROUTES ============
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1545: // GET /admin/blogs - List all blogs (STAFF sees own, ADMIN sees all)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1546: http.HandleFunc("/admin/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1553: requireRole(listAllBlogsHandler, "STAFF", "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1555: requireRole(createBlogHandler, "STAFF", "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1561: // GET /admin/blogs/pending - List pending review (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1562: http.HandleFunc("/admin/blogs/pending", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1569: requireRole(listPendingReviewHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1576: http.HandleFunc("/admin/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1589: requireRole(submitForReviewHandler, "STAFF", "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1595: requireRole(reviewBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1601: requireRole(publishBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1607: requireRole(unpublishBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1612: // /admin/blogs/:slug - CRUD operations
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1614: requireRole(updateBlogHandler, "STAFF", "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1616: requireRole(deleteBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1675: // ============ ADMIN COMMUNITY MANAGEMENT ROUTES ============
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1677: // GET /admin/community/blogs - List all community blogs (ADMIN only)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1678: http.HandleFunc("/admin/community/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1685: requireRole(listAllCommunityBlogsHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1692: http.HandleFunc("/admin/community/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1704: requireRole(promoteCommunityBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1710: requireRole(verifyCommunityBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1716: requireRole(unverifyCommunityBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1722: requireRole(archiveCommunityBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1727: // DELETE /admin/community/blogs/:slug
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1729: requireRole(adminDeleteCommunityBlogHandler, "ADMIN")(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:231: // Check for admin/staff roles (only they can view submissions)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:248: if roleStr == "SUPERUSER" || roleStr == "ADMIN" || roleStr == "STAFF" {
|
|
|
|
== Ownership Checks (IDOR Prevention) ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:182: CREATE INDEX IF NOT EXISTS idx_votes_user ON forum_votes(user_id);
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:351: if id, ok := claims["user_id"].(float64); ok {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:621: // Check ownership
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:629: if authorID != userID && !isAdmin {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:665: // Check ownership
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:673: if authorID != userID && !isAdmin {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:770: // Check ownership
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:778: if authorID != userID && !isAdmin {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:814: // Check ownership and get question ID
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:822: if authorID != userID && !isAdmin {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:870: if questionAuthorID != userID {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:901: verified_at = CURRENT_TIMESTAMP WHERE id = $2`, userID, id)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:907: log.Printf("AUDIT: Admin %d verified answer %d", userID, id)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:940: err = db.QueryRow("SELECT vote_type FROM forum_votes WHERE user_id = $1 AND target_type = 'question' AND target_id = $2",
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:954: db.Exec("UPDATE forum_votes SET vote_type = $1 WHERE user_id = $2 AND target_type = 'question' AND target_id = $3",
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:994: err = db.QueryRow("SELECT vote_type FROM forum_votes WHERE user_id = $1 AND target_type = 'answer' AND target_id = $2",
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1008: db.Exec("UPDATE forum_votes SET vote_type = $1 WHERE user_id = $2 AND target_type = 'answer' AND target_id = $3",
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:376: if id, ok := claims["user_id"]; ok {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:486: WHERE client_id = $1
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:505: WHERE client_id = $1
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:625: err := db.QueryRow(`SELECT client_id, status FROM invoices WHERE id = $1`, id).Scan(&existingClientID, &existingStatus)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:774: err = db.QueryRow(`SELECT client_id FROM invoices WHERE id = $1`, invoiceID).Scan(&ownerID)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:782: if ownerID != userID {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:802: WHERE i.client_id = $1
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:907: err = db.QueryRow(`SELECT client_id FROM invoices WHERE id = $1`, p.InvoiceID).Scan(&ownerID)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:909: http.Error(w, "Failed to verify ownership", http.StatusInternalServerError)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:912: if ownerID != userID {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:943: // Get invoice details including client_id for ownership check
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:370: if id, ok := claims["user_id"]; ok {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:492: WHERE client_id = $1 AND COALESCE(approval_status, 'APPROVED') = 'APPROVED'
|
|
|
|
== Middleware Protection ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:210:func authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:285: return authMiddleware(func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1059: authMiddleware(createQuestionHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1077: authMiddleware(createAnswerHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1083: authMiddleware(voteQuestionHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1097: authMiddleware(updateQuestionHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1099: authMiddleware(deleteQuestionHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1118: authMiddleware(acceptAnswerHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1130: authMiddleware(voteAnswerHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1136: authMiddleware(updateAnswerHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1138: authMiddleware(deleteAnswerHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main_test.go:33:func TestCORSMiddleware(t *testing.T) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main_test.go:38: handler := corsMiddleware(testHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:103: http.HandleFunc("/invoices", authMiddleware(handleInvoices))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:104: http.HandleFunc("/invoices/", authMiddleware(handleInvoiceByID))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:107: http.HandleFunc("/payments", authMiddleware(handlePayments))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:108: http.HandleFunc("/payments/", authMiddleware(handlePaymentByID))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:111: http.HandleFunc("/invoices/create-payment-intent", authMiddleware(createStripePaymentIntent))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:124: Handler: corsMiddleware(http.DefaultServeMux),
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:207:func corsMiddleware(next http.Handler) http.Handler {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:251:// authMiddleware validates JWT token and extracts user info
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:252:func authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:319:// requireRole middleware checks if user has required role
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:321: return authMiddleware(func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main_test.go:33:func TestCORSMiddleware(t *testing.T) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main_test.go:39: // Wrap with CORS middleware
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main_test.go:40: handler := corsMiddleware(testHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:90: http.HandleFunc("/projects", authMiddleware(handleProjects))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:91: http.HandleFunc("/projects/", authMiddleware(handleProjectByID))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:94: http.HandleFunc("/project-requests", authMiddleware(handleProjectRequests))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:95: http.HandleFunc("/project-requests/", authMiddleware(handleProjectRequestByID))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:102: http.HandleFunc("/tasks", authMiddleware(handleTasks))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:103: http.HandleFunc("/tasks/", authMiddleware(handleTaskByID))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:117: Handler: corsMiddleware(http.DefaultServeMux),
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:200:// corsMiddleware adds CORS headers to allow frontend to communicate with backend
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:201:func corsMiddleware(next http.Handler) http.Handler {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:245:// authMiddleware validates JWT token and extracts user info
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:246:func authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:313:// requireRole middleware checks if user has required role
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:315: return authMiddleware(func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:344: Handler: corsMiddleware(http.DefaultServeMux),
|
|
/home/administrator/projects/coppertone.tech/backend/functions/auth-service/main.go:444:func corsMiddleware(next http.Handler) http.Handler {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:59: // CORS middleware
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:60: handler := corsMiddleware(mux)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:122:func corsMiddleware(next http.Handler) http.Handler {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:240:func authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:278: return authMiddleware(func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1636: authMiddleware(createCommunityBlogHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1650: authMiddleware(listMyBlogsHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1667: authMiddleware(updateCommunityBlogHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1669: authMiddleware(deleteCommunityBlogHandler)(w, r)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:65: mux.HandleFunc("/submit", corsMiddleware(submitHandler))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:66: mux.HandleFunc("/health", corsMiddleware(healthHandler))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:69: mux.HandleFunc("/submissions", corsMiddleware(authMiddleware(listSubmissionsHandler)))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:70: mux.HandleFunc("/submissions/", corsMiddleware(authMiddleware(submissionHandler)))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:154:func corsMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:196:func authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
|
|
== Unprotected Routes ==
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1050: http.HandleFunc("/questions", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1065: http.HandleFunc("/questions/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1106: http.HandleFunc("/answers/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/forum-service/main.go:1146: http.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:114: http.HandleFunc("/webhooks/stripe", handleStripeWebhook)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/payment-service/main.go:117: http.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:98: http.HandleFunc("/projects/pending", requireRole(handlePendingProjects, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:99: http.HandleFunc("/projects/approve/", requireRole(handleProjectApproval, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:106: http.HandleFunc("/workorders", requireRole(handleWorkOrders, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:107: http.HandleFunc("/workorders/", requireRole(handleWorkOrderByID, "STAFF", "ADMIN"))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/work-management-service/main.go:110: http.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/example-function/main.go:46: http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/example-function/main.go:50: http.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:54: mux.HandleFunc("/health", healthHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:55: mux.HandleFunc("/peer-info", peerInfoHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:56: mux.HandleFunc("/connect", connectHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/ipfs-service/main.go:57: mux.HandleFunc("/peers", peersHandler)
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1517: http.HandleFunc("/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1531: http.HandleFunc("/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1546: http.HandleFunc("/admin/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1562: http.HandleFunc("/admin/blogs/pending", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1576: http.HandleFunc("/admin/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1626: http.HandleFunc("/community/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1643: http.HandleFunc("/community/my-blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1657: http.HandleFunc("/community/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1678: http.HandleFunc("/admin/community/blogs", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1692: http.HandleFunc("/admin/community/blogs/", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/blog-service/main.go:1737: http.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:65: mux.HandleFunc("/submit", corsMiddleware(submitHandler))
|
|
/home/administrator/projects/coppertone.tech/backend/functions/contact-service/main.go:66: mux.HandleFunc("/health", corsMiddleware(healthHandler))
|