From eab02c9e7a891a1072071411a537e64bcaa64629 Mon Sep 17 00:00:00 2001
From: Dita Aji Pratama <ditaajipratama@protonmail.com>
Date: Sun, 10 Aug 2025 13:17:22 +0700
Subject: [PATCH] Authsquare extra: Roles list + Bruno

---
 bruno/Authsquare/Extra/Roles/List.bru   | 28 +++++++++++++++++++
 bruno/Authsquare/Extra/Roles/folder.bru |  8 ++++++
 bruno/Authsquare/Extra/folder.bru       |  8 ++++++
 bruno/Authsquare/Logout.bru             |  2 +-
 config/navigation.py                    |  4 +--
 handler.py                              | 11 ++++++++
 modules/api/roles.py                    | 20 +++++++------
 modules/public/roles.py                 | 37 +++++++++++++++++++++++++
 pages/public/roles.html                 |  5 ++++
 static/js/roles.js                      | 19 +++++++++++++
 10 files changed, 130 insertions(+), 12 deletions(-)
 create mode 100644 bruno/Authsquare/Extra/Roles/List.bru
 create mode 100644 bruno/Authsquare/Extra/Roles/folder.bru
 create mode 100644 bruno/Authsquare/Extra/folder.bru
 create mode 100644 modules/public/roles.py
 create mode 100644 pages/public/roles.html
 create mode 100644 static/js/roles.js

diff --git a/bruno/Authsquare/Extra/Roles/List.bru b/bruno/Authsquare/Extra/Roles/List.bru
new file mode 100644
index 0000000..dbc45ac
--- /dev/null
+++ b/bruno/Authsquare/Extra/Roles/List.bru
@@ -0,0 +1,28 @@
+meta {
+  name: List
+  type: http
+  seq: 9
+}
+
+post {
+  url: http://localhost:11000/api/auth/roles/:alder
+  body: none
+  auth: none
+}
+
+params:path {
+  alder: list
+}
+
+headers {
+  Authorization: Bearer xx.xx.xx
+}
+
+body:json {
+  {
+    "roles":[2],
+    "email":"user2@domain.com",
+    "username":"admin2",
+    "password":"mypassword"
+  }
+}
diff --git a/bruno/Authsquare/Extra/Roles/folder.bru b/bruno/Authsquare/Extra/Roles/folder.bru
new file mode 100644
index 0000000..002f9b7
--- /dev/null
+++ b/bruno/Authsquare/Extra/Roles/folder.bru
@@ -0,0 +1,8 @@
+meta {
+  name: Roles
+  seq: 1
+}
+
+auth {
+  mode: inherit
+}
diff --git a/bruno/Authsquare/Extra/folder.bru b/bruno/Authsquare/Extra/folder.bru
new file mode 100644
index 0000000..b9ef1cd
--- /dev/null
+++ b/bruno/Authsquare/Extra/folder.bru
@@ -0,0 +1,8 @@
+meta {
+  name: Extra
+  seq: 8
+}
+
+auth {
+  mode: inherit
+}
diff --git a/bruno/Authsquare/Logout.bru b/bruno/Authsquare/Logout.bru
index f97a3f0..43648e6 100644
--- a/bruno/Authsquare/Logout.bru
+++ b/bruno/Authsquare/Logout.bru
@@ -1,7 +1,7 @@
 meta {
   name: Logout
   type: http
-  seq: 8
+  seq: 9
 }
 
 post {
diff --git a/config/navigation.py b/config/navigation.py
index c084c39..30cdbef 100644
--- a/config/navigation.py
+++ b/config/navigation.py
@@ -8,9 +8,9 @@ menu        = {
                 "roles":[0,1,2,3]
             },
             {
-                "name":"Dashboard",
+                "name":"Roles",
                 "target":"_self",
-                "href":"/dashboard",
+                "href":"/roles",
                 "roles":[1,2]
             },
             {
diff --git a/handler.py b/handler.py
index 3663e15..07f8ada 100644
--- a/handler.py
+++ b/handler.py
@@ -22,6 +22,8 @@ import	modules.public.login	as public_login
 import	modules.public.forgot	as public_forgot
 import	modules.public.reset	as public_reset
 
+import	modules.public.roles	as public_roles
+
 import  modules.api.auth        as api_auth
 import  modules.api.roles	as api_auth_roles
 import  modules.api.users	as api_auth_users
@@ -118,6 +120,15 @@ def index():
     else:
         redirect('/')
 
+@app.route('/roles')
+def index():
+    params = {
+        "mako"  : {
+            "website" : template_public.main(directory.page["public"], "roles")
+        }
+    }
+    return public_roles.roles().html(params)
+        
 @app.route('/api/auth/register/<roles>', method=['OPTIONS', 'POST'])
 def index(roles):
     try:
diff --git a/modules/api/roles.py b/modules/api/roles.py
index d242114..9425146 100644
--- a/modules/api/roles.py
+++ b/modules/api/roles.py
@@ -48,17 +48,19 @@ class roles:
         APIADDR         = "/api/auth/roles/list"
         response        = {}
 
-        loggorilla.prcss(APIADDR, "Define parameters")
-        token           = params["token"    ]
-        allowed_roles   = [1,2] # Roles list is public or not?
-
-        loggorilla.prcss(APIADDR, "Account validation")
-        user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, token)
-        user            = user_validation['data']
-
         self.cursor.execute("BEGIN;")
         try:
-            self.cursor.execute("select auth_roles.id, auth_roles.name, (select count(*) from auth_profile_roles apr where apr.roles = auth_roles.id) AS `count` from auth_roles;")
+            loggorilla.prcss(APIADDR, "Extract the Authorization token from Header")
+            auth_header 	= request.get_header('Authorization')
+            token 		= auth_header.split(' ')[1]
+            loggorilla.prcss(APIADDR, "Define parameters")
+            allowed_roles   = [1,2] # Roles list is public or not?
+
+            loggorilla.prcss(APIADDR, "Account validation")
+            user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, token)
+            user            = user_validation['data']
+
+            self.cursor.execute("select auth_roles.id, auth_roles.name, (select count(*) from auth_profile_roles apr where apr.roles = auth_roles.id) AS `count` from auth_roles order by auth_roles.id;")
             r_roles = self.cursor.fetchall()
             response["status"   ] = "success"
             response["desc"     ] = "data collected"
diff --git a/modules/public/roles.py b/modules/public/roles.py
new file mode 100644
index 0000000..2a43764
--- /dev/null
+++ b/modules/public/roles.py
@@ -0,0 +1,37 @@
+from    mako.template           import  Template
+from    config                  import  globalvar, navigation
+from    scripts                 import  loggorilla
+
+import  procedure.validation    as 		procedure_validation
+
+class roles:
+
+    def __init__(self):
+        pass
+
+    def html(self, params):
+        APIADDR         = "/roles"
+
+        loggorilla.prcss(APIADDR, "Define page parameters")
+        active_page     = "Roles"
+        allowed_roles   = [1,2]
+
+        loggorilla.prcss(APIADDR, "Account validation")
+        user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
+        user            = user_validation['data']
+
+        return Template(params["mako"]["website"]['index']).render(
+            title	= globalvar.title,
+            header	= globalvar.header,
+            navbar	= Template(params["mako"]["website"]['navbar']).render(
+                menu		= navigation.menu['public']['navbar'],
+                user_roles	= user['profile']['roles'],
+                active_page	= active_page
+            ),
+            footer	= Template(params["mako"]["website"]['footer']).render(
+                copyright	= globalvar.copyright,
+            ),
+            container	= Template(params["mako"]["website"]['container']).render(
+                token       = user['token']
+            )
+        )
diff --git a/pages/public/roles.html b/pages/public/roles.html
new file mode 100644
index 0000000..9c74566
--- /dev/null
+++ b/pages/public/roles.html
@@ -0,0 +1,5 @@
+<input type="hidden" id="form-token" value="${token}">
+<ul id="lister"></ul>
+
+<script type="text/javascript" src="/js/carrack.js"></script>
+<script type="text/javascript" src="/js/roles.js"></script>
diff --git a/static/js/roles.js b/static/js/roles.js
new file mode 100644
index 0000000..6c901a9
--- /dev/null
+++ b/static/js/roles.js
@@ -0,0 +1,19 @@
+var token    = document.getElementById("form-token"      ).value;
+const lister = document.getElementById("lister");
+
+sendHttpRequest("/api/auth/roles/list", "POST", null,
+    function (error, response) {
+        if (error) console.error("Error:", error);
+        else {
+            console.log("JSON Response:", response);
+            const ls = JSON.parse(response);
+
+            ls.data.forEach(data => {
+                const postElement = document.createElement("div");
+                postElement.innerHTML = `<li>[${data.id}] ${data.name} - Total user(s): ${data.count}</li>`;
+                lister.appendChild(postElement);
+            });
+        }
+    }, "application/json", `Bearer ${token}`
+);
+