From f16fc68e24cbb9d75c4ee6bffe2cea5e5fa921da Mon Sep 17 00:00:00 2001
From: Pasha <pashamullin202@gmail.com>
Date: Sat, 31 May 2025 10:43:33 +0300
Subject: [PATCH] update with new update repo methods

---
 go.mod                                        |  4 +-
 go.sum                                        |  4 ++
 .../controllers/http_controllers/quiz/quiz.go | 45 ++++++++++++++-----
 .../http_controllers/quiz/route.go            |  2 +-
 4 files changed, 42 insertions(+), 13 deletions(-)

diff --git a/go.mod b/go.mod
index ad28f38..5e74cbb 100644
--- a/go.mod
+++ b/go.mod
@@ -2,12 +2,11 @@ module gitea.pena/SQuiz/core
 
 go 1.23.8
 
-
 require (
 	gitea.pena/PenaSide/common v0.0.0-20250421103113-7e4b3ae9e1e0
 	gitea.pena/PenaSide/hlog v0.0.0-20241125221102-a54c29c002a9
 	gitea.pena/PenaSide/trashlog v0.0.0-20250224122049-ddb4d72e9d07
-	gitea.pena/SQuiz/common v0.0.0-20250514124515-870e52266ca5
+	gitea.pena/SQuiz/common v0.0.0-20250531072420-f9ec7a513967
 	github.com/caarlos0/env/v8 v8.0.0
 	github.com/go-redis/redis/v8 v8.11.5
 	github.com/gofiber/fiber/v2 v2.52.6
@@ -25,6 +24,7 @@ require (
 )
 
 require (
+	gitea.pena/PenaSide/linters-golang v0.0.0-20241207122018-933207374735 // indirect
 	github.com/ClickHouse/clickhouse-go v1.5.4 // indirect
 	github.com/andybalholm/brotli v1.1.1 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
diff --git a/go.sum b/go.sum
index 866c551..48c1e83 100644
--- a/go.sum
+++ b/go.sum
@@ -3,10 +3,14 @@ gitea.pena/PenaSide/common v0.0.0-20250421103113-7e4b3ae9e1e0 h1:+gvpAPo1+1WtCpA
 gitea.pena/PenaSide/common v0.0.0-20250421103113-7e4b3ae9e1e0/go.mod h1:91EuBCgcqgJ6mG36n2pds8sPwwfaJytLWOzY3h2YFKU=
 gitea.pena/PenaSide/hlog v0.0.0-20241125221102-a54c29c002a9 h1:tBkXWNIt8icmkMMnq8MA421RWkUy4OZh5P7C3q8uCu4=
 gitea.pena/PenaSide/hlog v0.0.0-20241125221102-a54c29c002a9/go.mod h1:sanhSL8aEsfcq21P+eItYiAnKAre+B67nGJmDfk2cf0=
+gitea.pena/PenaSide/linters-golang v0.0.0-20241207122018-933207374735 h1:jDVeUhGBTXBibmW5dmtJg2m2+z5z2Rf6J4G0LpjVoJ0=
+gitea.pena/PenaSide/linters-golang v0.0.0-20241207122018-933207374735/go.mod h1:gdd+vOT6up9STkEbxa2qESLIMZFjCmRbkcheFQCVgZU=
 gitea.pena/PenaSide/trashlog v0.0.0-20250224122049-ddb4d72e9d07 h1:bUIUgzXQt16aBqSccI//BaODpRCTIaqlddSepM98QSc=
 gitea.pena/PenaSide/trashlog v0.0.0-20250224122049-ddb4d72e9d07/go.mod h1:GRfWJerTUlgy82CiYAxE4tVYSVV54zEJJQy17Fx46E4=
 gitea.pena/SQuiz/common v0.0.0-20250514124515-870e52266ca5 h1:C+iCsGMSUJonOTNNk8wWYOfzZ0Jjw+2IQ5FaEGwRVT0=
 gitea.pena/SQuiz/common v0.0.0-20250514124515-870e52266ca5/go.mod h1:zCrUwDh0APpztKk6NUqTZv+zhjVbWpGBJiJ5z9dAH0U=
+gitea.pena/SQuiz/common v0.0.0-20250531072420-f9ec7a513967 h1:pS6MAVGSp/84d8TpX8g+xlcKAgkf3ordEWFtpN9Evu0=
+gitea.pena/SQuiz/common v0.0.0-20250531072420-f9ec7a513967/go.mod h1:zCrUwDh0APpztKk6NUqTZv+zhjVbWpGBJiJ5z9dAH0U=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/ClickHouse/clickhouse-go v1.5.4 h1:cKjXeYLNWVJIx2J1K6H2CqyRmfwVJVY1OV1coaaFcI0=
 github.com/ClickHouse/clickhouse-go v1.5.4/go.mod h1:EaI/sW7Azgz9UATzd5ZdZHRUhHgv5+JMS9NSr2smCJI=
diff --git a/internal/controllers/http_controllers/quiz/quiz.go b/internal/controllers/http_controllers/quiz/quiz.go
index fa035e2..5cf10a5 100644
--- a/internal/controllers/http_controllers/quiz/quiz.go
+++ b/internal/controllers/http_controllers/quiz/quiz.go
@@ -594,14 +594,24 @@ func (s *Quiz) CreateQuizAuditory(ctx *fiber.Ctx) error {
 func (s *Quiz) GetQuizAuditory(ctx *fiber.Ctx) error {
 	quizIDStr := ctx.Params("quizID")
 	quizID, err := strconv.ParseInt(quizIDStr, 10, 64)
+	if err != nil || quizID == 0 {
+		return ctx.Status(fiber.StatusBadRequest).SendString("invalid quiz ID")
+	}
+
+	accountID, ok := middleware.GetAccountId(ctx)
+	if !ok {
+		return ctx.Status(fiber.StatusUnauthorized).SendString("account id is required")
+	}
+
+	isOwner, err := s.dal.QuizRepo.CheckQuizOwner(ctx.Context(), accountID, uint64(quizID))
 	if err != nil {
-		return ctx.Status(fiber.StatusBadRequest).SendString("invalid quiz ID")
+		return ctx.Status(fiber.StatusInternalServerError).SendString("failed to check ownership: " + err.Error())
 	}
 
-	if quizID == 0 {
-		return ctx.Status(fiber.StatusBadRequest).SendString("invalid quiz ID")
+	if !isOwner {
+		return ctx.Status(fiber.StatusForbidden).SendString("you are not the owner")
 	}
-
+	
 	result, err := s.dal.QuizRepo.GetQuizAudience(ctx.Context(), quizID)
 	if err != nil {
 		return ctx.Status(fiber.StatusInternalServerError).SendString(err.Error())
@@ -613,15 +623,30 @@ func (s *Quiz) GetQuizAuditory(ctx *fiber.Ctx) error {
 func (s *Quiz) DeleteQuizAuditory(ctx *fiber.Ctx) error {
 	quizIDStr := ctx.Params("quizID")
 	quizID, err := strconv.ParseInt(quizIDStr, 10, 64)
+	if err != nil || quizID == 0 {
+		return ctx.Status(fiber.StatusBadRequest).SendString("invalid quiz ID")
+	}
+
+	audienceIDStr := ctx.Params("audienceID")
+	audienceID, err := strconv.ParseInt(audienceIDStr, 10, 64)
+	if err != nil || audienceID == 0 {
+		return ctx.Status(fiber.StatusBadRequest).SendString("invalid audience ID")
+	}
+
+	accountID, ok := middleware.GetAccountId(ctx)
+	if !ok {
+		return ctx.Status(fiber.StatusUnauthorized).SendString("account id is required")
+	}
+
+	isOwner, err := s.dal.QuizRepo.CheckIsOwnerAudience(ctx.Context(), quizID, audienceID, accountID)
 	if err != nil {
-		return ctx.Status(fiber.StatusBadRequest).SendString("invalid quiz ID")
+		return ctx.Status(fiber.StatusInternalServerError).SendString("failed to check ownership: " + err.Error())
+	}
+	if !isOwner {
+		return ctx.Status(fiber.StatusForbidden).SendString("you are not the owner of this quiz audience")
 	}
 
-	if quizID == 0 {
-		return ctx.Status(fiber.StatusBadRequest).SendString("invalid quiz ID")
-	}
-
-	err = s.dal.QuizRepo.DeleteQuizAudience(ctx.Context(), quizID)
+	err = s.dal.QuizRepo.DeleteQuizAudience(ctx.Context(), quizID, audienceID)
 	if err != nil {
 		return ctx.Status(fiber.StatusInternalServerError).SendString(err.Error())
 	}
diff --git a/internal/controllers/http_controllers/quiz/route.go b/internal/controllers/http_controllers/quiz/route.go
index 7187c5d..e3be692 100644
--- a/internal/controllers/http_controllers/quiz/route.go
+++ b/internal/controllers/http_controllers/quiz/route.go
@@ -14,7 +14,7 @@ func (r *Quiz) Register(router fiber.Router) {
 	router.Post("/template", r.TemplateCopy)
 	router.Post("/:quizID/auditory", r.CreateQuizAuditory)
 	router.Get("/:quizID/auditory", r.GetQuizAuditory)
-	router.Delete("/:quizID/auditory", r.DeleteQuizAuditory)
+	router.Delete("/:quizID/auditory/:audienceID", r.DeleteQuizAuditory)
 }
 
 func (r *Quiz) Name() string {