♻️ Use power level permission management

pkg/models/accounts.go

@@ -5,8 +5,6 @@ import (
 	"github.com/spf13/viper"
 	"path/filepath"
 	"time"
-
-	"gorm.io/datatypes"
 )
 
 type AccountState = int8
@@ -33,7 +31,7 @@ type Account struct {
 	ThirdClients  []ThirdClient    `json:"clients"`
 	Notifications []Notification   `json:"notifications" gorm:"foreignKey:RecipientID"`
 	ConfirmedAt   *time.Time       `json:"confirmed_at"`
-	Permissions   datatypes.JSONType[[]string] `json:"permissions"`
+	PowerLevel    int              `json:"power_level"`
 }
 
 func (v Account) GetPrimaryEmail() AccountContact {

pkg/server/auth.go

@@ -29,7 +29,6 @@ var auth = keyauth.New(keyauth.Config{
 		}
 
 		c.Locals("principal", user)
-		c.Locals("permissions", user.Permissions.Data())
 
 		return true, nil
 	},

pkg/services/accounts.go

@@ -7,7 +7,6 @@ import (
 	"fmt"
 	"github.com/google/uuid"
 	"github.com/samber/lo"
-	"gorm.io/datatypes"
 	"gorm.io/gorm"
 	"time"
 )
@@ -68,7 +67,7 @@ func CreateAccount(name, nick, email, password string) (models.Account, error) {
 				VerifiedAt: nil,
 			},
 		},
-		Permissions: datatypes.NewJSONType(make([]string, 0)),
+		PowerLevel:  0,
 		ConfirmedAt: nil,
 	}
 
@@ -100,6 +99,7 @@ func ConfirmAccount(code string) error {
 
 	return database.C.Transaction(func(tx *gorm.DB) error {
 		user.ConfirmedAt = lo.ToPtr(time.Now())
+		user.PowerLevel += 5
 
 		if err := database.C.Delete(&token).Error; err != nil {
 			return err