Junie: TOTP flow update and db migrations.

data/auth.go

@@ -7,7 +7,16 @@ import (
 	"github.com/oklog/ulid/v2"
 )
 
-// Permission represents a system permission
+const (
+	// Constants for error messages
+	errScanPermission     = "failed to scan permission: %w"
+	errIteratePermissions = "error iterating permissions: %w"
+
+	// Constants for comparison
+	zeroCount = 0
+)
+
+// Permission represents a system permission.
 type Permission struct {
 	ID          string
 	Resource    string
@@ -15,12 +24,12 @@ type Permission struct {
 	Description string
 }
 
-// AuthorizationService provides methods for checking user permissions
+// AuthorizationService provides methods for checking user permissions.
 type AuthorizationService struct {
 	db *sql.DB
 }
 
-// NewAuthorizationService creates a new authorization service
+// NewAuthorizationService creates a new authorization service.
 func NewAuthorizationService(db *sql.DB) *AuthorizationService {
 	return &AuthorizationService{db: db}
 }
@@ -40,10 +49,10 @@ func (a *AuthorizationService) UserHasPermission(userID, resource, action string
 		return false, fmt.Errorf("failed to check user permission: %w", err)
 	}
 
-	return count > 0, nil
+	return count > zeroCount, nil
 }
 
-// GetUserPermissions returns all permissions for a user based on their roles
+// GetUserPermissions returns all permissions for a user based on their roles.
 func (a *AuthorizationService) GetUserPermissions(userID string) ([]Permission, error) {
 	query := `
 		SELECT DISTINCT p.id, p.resource, p.action, p.description FROM permissions p
@@ -61,20 +70,20 @@ func (a *AuthorizationService) GetUserPermissions(userID string) ([]Permission,
 	var permissions []Permission
 	for rows.Next() {
 		var perm Permission
-		if err := rows.Scan(&perm.ID, &perm.Resource, &perm.Action, &perm.Description); err != nil {
-			return nil, fmt.Errorf("failed to scan permission: %w", err)
+		if scanErr := rows.Scan(&perm.ID, &perm.Resource, &perm.Action, &perm.Description); scanErr != nil {
+			return nil, fmt.Errorf(errScanPermission, scanErr)
 		}
 		permissions = append(permissions, perm)
 	}
 
-	if err := rows.Err(); err != nil {
-		return nil, fmt.Errorf("error iterating permissions: %w", err)
+	if rowErr := rows.Err(); rowErr != nil {
+		return nil, fmt.Errorf(errIteratePermissions, rowErr)
 	}
 
 	return permissions, nil
 }
 
-// GetRolePermissions returns all permissions for a specific role
+// GetRolePermissions returns all permissions for a specific role.
 func (a *AuthorizationService) GetRolePermissions(roleID string) ([]Permission, error) {
 	query := `
 		SELECT p.id, p.resource, p.action, p.description FROM permissions p
@@ -91,14 +100,14 @@ func (a *AuthorizationService) GetRolePermissions(roleID string) ([]Permission,
 	var permissions []Permission
 	for rows.Next() {
 		var perm Permission
-		if err := rows.Scan(&perm.ID, &perm.Resource, &perm.Action, &perm.Description); err != nil {
-			return nil, fmt.Errorf("failed to scan permission: %w", err)
+		if scanErr := rows.Scan(&perm.ID, &perm.Resource, &perm.Action, &perm.Description); scanErr != nil {
+			return nil, fmt.Errorf(errScanPermission, scanErr)
 		}
 		permissions = append(permissions, perm)
 	}
 
-	if err := rows.Err(); err != nil {
-		return nil, fmt.Errorf("error iterating permissions: %w", err)
+	if rowErr := rows.Err(); rowErr != nil {
+		return nil, fmt.Errorf(errIteratePermissions, rowErr)
 	}
 
 	return permissions, nil
@@ -142,7 +151,7 @@ func (a *AuthorizationService) RevokePermissionFromRole(roleID, permissionID str
 	return nil
 }
 
-// GetAllPermissions returns all permissions in the system
+// GetAllPermissions returns all permissions in the system.
 func (a *AuthorizationService) GetAllPermissions() ([]Permission, error) {
 	query := `SELECT id, resource, action, description FROM permissions`
 
@@ -155,14 +164,14 @@ func (a *AuthorizationService) GetAllPermissions() ([]Permission, error) {
 	var permissions []Permission
 	for rows.Next() {
 		var perm Permission
-		if err := rows.Scan(&perm.ID, &perm.Resource, &perm.Action, &perm.Description); err != nil {
-			return nil, fmt.Errorf("failed to scan permission: %w", err)
+		if scanErr := rows.Scan(&perm.ID, &perm.Resource, &perm.Action, &perm.Description); scanErr != nil {
+			return nil, fmt.Errorf(errScanPermission, scanErr)
 		}
 		permissions = append(permissions, perm)
 	}
 
-	if err := rows.Err(); err != nil {
-		return nil, fmt.Errorf("error iterating permissions: %w", err)
+	if rowErr := rows.Err(); rowErr != nil {
+		return nil, fmt.Errorf(errIteratePermissions, rowErr)
 	}
 
 	return permissions, nil