dbcc2d1d4a
- Deleted customer domain files including entities, services, handlers, and forms to streamline the codebase. - Removed customer-related routes and service initializations from the main application. - Updated Swagger documentation to reflect the removal of customer endpoints and definitions. - Cleaned up the project structure to enhance maintainability and focus on user management functionality.
903 lines
22 KiB
YAML
903 lines
22 KiB
YAML
basePath: /api/v1
|
|
definitions:
|
|
response.APIError:
|
|
properties:
|
|
code:
|
|
type: string
|
|
details:
|
|
type: string
|
|
message:
|
|
type: string
|
|
type: object
|
|
response.APIResponse:
|
|
properties:
|
|
data: {}
|
|
error:
|
|
$ref: '#/definitions/response.APIError'
|
|
message:
|
|
type: string
|
|
meta:
|
|
$ref: '#/definitions/response.Meta'
|
|
success:
|
|
type: boolean
|
|
type: object
|
|
response.Meta:
|
|
properties:
|
|
limit:
|
|
type: integer
|
|
offset:
|
|
type: integer
|
|
page:
|
|
type: integer
|
|
pages:
|
|
type: integer
|
|
total:
|
|
type: integer
|
|
type: object
|
|
user.AuthResponse:
|
|
properties:
|
|
access_token:
|
|
type: string
|
|
expires_at:
|
|
type: integer
|
|
refresh_token:
|
|
type: string
|
|
user:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
user.ChangePasswordForm:
|
|
properties:
|
|
new_password:
|
|
type: string
|
|
old_password:
|
|
type: string
|
|
type: object
|
|
user.CreateUserForm:
|
|
properties:
|
|
company_id:
|
|
type: string
|
|
department:
|
|
type: string
|
|
email:
|
|
type: string
|
|
full_name:
|
|
type: string
|
|
password:
|
|
type: string
|
|
phone:
|
|
type: string
|
|
position:
|
|
type: string
|
|
profile_image:
|
|
type: string
|
|
role:
|
|
type: string
|
|
username:
|
|
type: string
|
|
type: object
|
|
user.LoginForm:
|
|
properties:
|
|
password:
|
|
type: string
|
|
username:
|
|
type: string
|
|
type: object
|
|
user.RefreshTokenForm:
|
|
properties:
|
|
refresh_token:
|
|
type: string
|
|
type: object
|
|
user.ResetPasswordForm:
|
|
properties:
|
|
email:
|
|
type: string
|
|
type: object
|
|
user.UpdateUserForm:
|
|
properties:
|
|
company_id:
|
|
type: string
|
|
department:
|
|
type: string
|
|
email:
|
|
type: string
|
|
full_name:
|
|
type: string
|
|
phone:
|
|
type: string
|
|
position:
|
|
type: string
|
|
profile_image:
|
|
type: string
|
|
role:
|
|
type: string
|
|
status:
|
|
type: string
|
|
username:
|
|
type: string
|
|
type: object
|
|
user.UpdateUserRoleForm:
|
|
properties:
|
|
role:
|
|
type: string
|
|
type: object
|
|
user.UpdateUserStatusForm:
|
|
properties:
|
|
status:
|
|
type: string
|
|
type: object
|
|
user.UserListResponse:
|
|
properties:
|
|
limit:
|
|
type: integer
|
|
offset:
|
|
type: integer
|
|
total:
|
|
type: integer
|
|
total_pages:
|
|
type: integer
|
|
users:
|
|
items:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: array
|
|
type: object
|
|
user.UserResponse:
|
|
properties:
|
|
company_id:
|
|
type: string
|
|
created_at:
|
|
type: integer
|
|
created_by:
|
|
type: string
|
|
department:
|
|
type: string
|
|
email:
|
|
type: string
|
|
full_name:
|
|
type: string
|
|
id:
|
|
type: string
|
|
is_verified:
|
|
type: boolean
|
|
last_login_at:
|
|
type: integer
|
|
phone:
|
|
type: string
|
|
position:
|
|
type: string
|
|
profile_image:
|
|
type: string
|
|
role:
|
|
type: string
|
|
status:
|
|
type: string
|
|
updated_at:
|
|
type: integer
|
|
updated_by:
|
|
type: string
|
|
username:
|
|
type: string
|
|
type: object
|
|
host: localhost:8081
|
|
info:
|
|
contact:
|
|
email: support@swagger.io
|
|
name: API Support
|
|
url: http://www.swagger.io/support
|
|
description: This is the API documentation for the Tender Management System.
|
|
license:
|
|
name: Apache 2.0
|
|
url: http://www.apache.org/licenses/LICENSE-2.0.html
|
|
termsOfService: http://swagger.io/terms/
|
|
title: Tender Management API
|
|
version: 1.0.0
|
|
paths:
|
|
/users/admin:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: List users with search and filters (admin only)
|
|
parameters:
|
|
- description: Search term
|
|
in: query
|
|
name: search
|
|
type: string
|
|
- description: User status filter
|
|
in: query
|
|
name: status
|
|
type: string
|
|
- description: User role filter
|
|
in: query
|
|
name: role
|
|
type: string
|
|
- description: Company ID filter
|
|
in: query
|
|
name: company_id
|
|
type: string
|
|
- description: Limit results
|
|
in: query
|
|
name: limit
|
|
type: integer
|
|
- description: Offset results
|
|
in: query
|
|
name: offset
|
|
type: integer
|
|
- description: Sort field
|
|
in: query
|
|
name: sort_by
|
|
type: string
|
|
- description: Sort order
|
|
in: query
|
|
name: sort_order
|
|
type: string
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserListResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: List users
|
|
tags:
|
|
- users
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Create a new user (admin only)
|
|
parameters:
|
|
- description: User creation data
|
|
in: body
|
|
name: user
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.CreateUserForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"201":
|
|
description: Created
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Create user
|
|
tags:
|
|
- users
|
|
/users/admin/{id}:
|
|
delete:
|
|
consumes:
|
|
- application/json
|
|
description: Delete a user (admin only)
|
|
parameters:
|
|
- description: User ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Delete user
|
|
tags:
|
|
- users
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Get user details by ID (admin only)
|
|
parameters:
|
|
- description: User ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get user by ID
|
|
tags:
|
|
- users
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Update user information (admin only)
|
|
parameters:
|
|
- description: User ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
- description: User update data
|
|
in: body
|
|
name: user
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.UpdateUserForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Update user
|
|
tags:
|
|
- users
|
|
/users/admin/{id}/role:
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Update user role (admin only)
|
|
parameters:
|
|
- description: User ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
- description: Role update data
|
|
in: body
|
|
name: role
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.UpdateUserRoleForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Update user role
|
|
tags:
|
|
- users
|
|
/users/admin/{id}/status:
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Update user account status (admin only)
|
|
parameters:
|
|
- description: User ID
|
|
in: path
|
|
name: id
|
|
required: true
|
|
type: string
|
|
- description: Status update data
|
|
in: body
|
|
name: status
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.UpdateUserStatusForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Update user status
|
|
tags:
|
|
- users
|
|
/users/admin/company/{company_id}:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Get users belonging to a specific company (admin only)
|
|
parameters:
|
|
- description: Company ID
|
|
in: path
|
|
name: company_id
|
|
required: true
|
|
type: string
|
|
- description: Limit results
|
|
in: query
|
|
name: limit
|
|
type: integer
|
|
- description: Offset results
|
|
in: query
|
|
name: offset
|
|
type: integer
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get users by company ID
|
|
tags:
|
|
- users
|
|
/users/admin/role/{role}:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Get users with a specific role (admin only)
|
|
parameters:
|
|
- description: User role
|
|
in: path
|
|
name: role
|
|
required: true
|
|
type: string
|
|
- description: Limit results
|
|
in: query
|
|
name: limit
|
|
type: integer
|
|
- description: Offset results
|
|
in: query
|
|
name: offset
|
|
type: integer
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get users by role
|
|
tags:
|
|
- users
|
|
/users/change-password:
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Change current user password
|
|
parameters:
|
|
- description: Password change data
|
|
in: body
|
|
name: password
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.ChangePasswordForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Change password
|
|
tags:
|
|
- users
|
|
/users/login:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Authenticate user with email/username and password
|
|
parameters:
|
|
- description: Login credentials
|
|
in: body
|
|
name: login
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.LoginForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.AuthResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
summary: Login user
|
|
tags:
|
|
- users
|
|
/users/logout:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Logout current user and invalidate tokens
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Logout user
|
|
tags:
|
|
- users
|
|
/users/profile:
|
|
get:
|
|
consumes:
|
|
- application/json
|
|
description: Get current user profile information
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Get user profile
|
|
tags:
|
|
- users
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Update current user profile information
|
|
parameters:
|
|
- description: Profile update data
|
|
in: body
|
|
name: profile
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.UpdateUserForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.UserResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
security:
|
|
- BearerAuth: []
|
|
summary: Update user profile
|
|
tags:
|
|
- users
|
|
/users/refresh-token:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Refresh access token using refresh token
|
|
parameters:
|
|
- description: Refresh token
|
|
in: body
|
|
name: refresh
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.RefreshTokenForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/definitions/response.APIResponse'
|
|
- properties:
|
|
data:
|
|
$ref: '#/definitions/user.AuthResponse'
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
summary: Refresh access token
|
|
tags:
|
|
- users
|
|
/users/reset-password:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Send password reset email to user
|
|
parameters:
|
|
- description: Password reset request
|
|
in: body
|
|
name: reset
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/user.ResetPasswordForm'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
$ref: '#/definitions/response.APIResponse'
|
|
summary: Reset password
|
|
tags:
|
|
- users
|
|
securityDefinitions:
|
|
BearerAuth:
|
|
description: Type "Bearer" followed by a space and JWT token.
|
|
in: header
|
|
name: Authorization
|
|
type: apiKey
|
|
swagger: "2.0"
|
|
tags:
|
|
- description: Customer management operations
|
|
name: customers
|
|
- description: User management operations
|
|
name: users
|
|
- description: Health check operations
|
|
name: health
|
|
- description: Authentication operations
|
|
name: auth
|