fix all issues

services/authorize.go

@@ -1,6 +1,40 @@
 package services
 
-func Authorize() bool {
-	// Authorization logic here
-	return true
+import (
+	"authorization/models"
+	"strings"
+)
+
+// Authorize checks if the user has permission to perform the action on the resource
+func Authorize(claims *models.Claims, request *models.AuthorizationRequest) (bool, string) {
+	// Verify the user ID matches the JWT claims
+	if claims.UserID != request.UserID {
+		return false, "User ID mismatch"
+	}
+
+	// Admin role has access to everything
+	if strings.ToLower(claims.Role) == "admin" {
+		return true, "Admin access granted"
+	}
+
+	// Add your custom authorization logic here
+	// Example: Role-based access control
+	switch strings.ToLower(claims.Role) {
+	case "user":
+		// Users can only read their own resources
+		if request.Action == "read" && strings.Contains(request.Resource, claims.UserID) {
+			return true, "User read access granted"
+		}
+		return false, "Insufficient permissions"
+
+	case "moderator":
+		// Moderators can read and update
+		if request.Action == "read" || request.Action == "update" {
+			return true, "Moderator access granted"
+		}
+		return false, "Moderators cannot perform this action"
+
+	default:
+		return false, "Unknown role"
+	}
 }