-

2025-08-22 19:53:42 -04:00
parent c85812ddb6
commit 738499037f
4 changed files with 191 additions and 14 deletions
--- a/internal/repository/postgres/permission_repository.go
+++ b/internal/repository/postgres/permission_repository.go
@ -269,14 +269,81 @@ func (r *GrantedPermissionRepository) GrantPermissions(ctx context.Context, gran

 // GetGrantedPermissions retrieves all granted permissions for a token
 func (r *GrantedPermissionRepository) GetGrantedPermissions(ctx context.Context, tokenType domain.TokenType, tokenID uuid.UUID) ([]*domain.GrantedPermission, error) {
-	// TODO: Implement actual granted permissions retrieval
-	return []*domain.GrantedPermission{}, nil
+	query := `
+		SELECT id, token_type, token_id, permission_id, scope, created_at, created_by, revoked
+		FROM granted_permissions 
+		WHERE token_type = $1 AND token_id = $2 AND revoked = false
+		ORDER BY created_at ASC
+	`
+
+	db := r.db.GetDB().(*sql.DB)
+	rows, err := db.QueryContext(ctx, query, string(tokenType), tokenID)
+	if err != nil {
+		return nil, fmt.Errorf("failed to query granted permissions: %w", err)
+	}
+	defer rows.Close()
+
+	var permissions []*domain.GrantedPermission
+	for rows.Next() {
+		perm := &domain.GrantedPermission{}
+		var tokenTypeStr string
+
+		err := rows.Scan(
+			&perm.ID,
+			&tokenTypeStr,
+			&perm.TokenID,
+			&perm.PermissionID,
+			&perm.Scope,
+			&perm.CreatedAt,
+			&perm.CreatedBy,
+			&perm.Revoked,
+		)
+
+		if err != nil {
+			return nil, fmt.Errorf("failed to scan granted permission: %w", err)
+		}
+
+		perm.TokenType = domain.TokenType(tokenTypeStr)
+		permissions = append(permissions, perm)
+	}
+
+	if err = rows.Err(); err != nil {
+		return nil, fmt.Errorf("error iterating granted permissions: %w", err)
+	}
+
+	return permissions, nil
 }

 // GetGrantedPermissionScopes retrieves only the scopes for a token (more efficient)
 func (r *GrantedPermissionRepository) GetGrantedPermissionScopes(ctx context.Context, tokenType domain.TokenType, tokenID uuid.UUID) ([]string, error) {
-	// TODO: Implement actual scope retrieval
-	return []string{}, nil
+	query := `
+		SELECT scope
+		FROM granted_permissions 
+		WHERE token_type = $1 AND token_id = $2 AND revoked = false
+		ORDER BY scope ASC
+	`
+
+	db := r.db.GetDB().(*sql.DB)
+	rows, err := db.QueryContext(ctx, query, string(tokenType), tokenID)
+	if err != nil {
+		return nil, fmt.Errorf("failed to query granted permission scopes: %w", err)
+	}
+	defer rows.Close()
+
+	var scopes []string
+	for rows.Next() {
+		var scope string
+		if err := rows.Scan(&scope); err != nil {
+			return nil, fmt.Errorf("failed to scan permission scope: %w", err)
+		}
+		scopes = append(scopes, scope)
+	}
+
+	if err = rows.Err(); err != nil {
+		return nil, fmt.Errorf("error iterating permission scopes: %w", err)
+	}
+
+	return scopes, nil
 }

 // RevokePermission revokes a specific permission from a token