diff --git a/settings/pkg/store/metadata/assignments_test.go b/settings/pkg/store/metadata/assignments_test.go index a2b56e600a0..5dae88ae945 100644 --- a/settings/pkg/store/metadata/assignments_test.go +++ b/settings/pkg/store/metadata/assignments_test.go @@ -37,20 +37,28 @@ var ( }, Settings: []*settingsmsg.Setting{ { + Id: "updateID", Name: "update", Value: &settingsmsg.Setting_PermissionValue{ PermissionValue: &settingsmsg.Permission{ Operation: settingsmsg.Permission_OPERATION_UPDATE, }, }, + Resource: &settingsmsg.Resource{ + Type: settingsmsg.Resource_TYPE_SETTING, + }, }, { + Id: "readID", Name: "read", Value: &settingsmsg.Setting_PermissionValue{ PermissionValue: &settingsmsg.Permission{ Operation: settingsmsg.Permission_OPERATION_READ, }, }, + Resource: &settingsmsg.Resource{ + Type: settingsmsg.Resource_TYPE_BUNDLE, + }, }, }, }, @@ -65,6 +73,7 @@ var ( }, Settings: []*settingsmsg.Setting{ { + Id: "readID", Name: "read", Value: &settingsmsg.Setting_PermissionValue{ PermissionValue: &settingsmsg.Permission{ diff --git a/settings/pkg/store/metadata/permissions.go b/settings/pkg/store/metadata/permissions.go index 0a6133deb69..50ebe12a532 100644 --- a/settings/pkg/store/metadata/permissions.go +++ b/settings/pkg/store/metadata/permissions.go @@ -1,22 +1,72 @@ package store import ( - "errors" - settingsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/settings/v0" + "github.com/owncloud/ocis/settings/pkg/settings" + "github.com/owncloud/ocis/settings/pkg/util" ) // ListPermissionsByResource collects all permissions from the provided roleIDs that match the requested resource func (s *Store) ListPermissionsByResource(resource *settingsmsg.Resource, roleIDs []string) ([]*settingsmsg.Permission, error) { - return nil, errors.New("not implemented") + records := make([]*settingsmsg.Permission, 0) + for _, roleID := range roleIDs { + role, err := s.ReadBundle(roleID) + if err != nil { + s.Logger.Debug().Str("roleID", roleID).Msg("role not found, skipping") + continue + } + records = append(records, extractPermissionsByResource(resource, role)...) + } + return records, nil } // ReadPermissionByID finds the permission in the roles, specified by the provided roleIDs func (s *Store) ReadPermissionByID(permissionID string, roleIDs []string) (*settingsmsg.Permission, error) { - return nil, errors.New("not implemented") + for _, roleID := range roleIDs { + role, err := s.ReadBundle(roleID) + if err != nil { + s.Logger.Debug().Str("roleID", roleID).Msg("role not found, skipping") + continue + } + for _, permission := range role.Settings { + if permission.Id == permissionID { + if value, ok := permission.Value.(*settingsmsg.Setting_PermissionValue); ok { + return value.PermissionValue, nil + } + } + } + } + return nil, nil } // ReadPermissionByName finds the permission in the roles, specified by the provided roleIDs func (s *Store) ReadPermissionByName(name string, roleIDs []string) (*settingsmsg.Permission, error) { - return nil, errors.New("not implemented") + for _, roleID := range roleIDs { + role, err := s.ReadBundle(roleID) + if err != nil { + s.Logger.Debug().Str("roleID", roleID).Msg("role not found, skipping") + continue + } + for _, permission := range role.Settings { + if permission.Name == name { + if value, ok := permission.Value.(*settingsmsg.Setting_PermissionValue); ok { + return value.PermissionValue, nil + } + } + } + } + return nil, settings.ErrPermissionNotFound +} + +// extractPermissionsByResource collects all permissions from the provided role that match the requested resource +func extractPermissionsByResource(resource *settingsmsg.Resource, role *settingsmsg.Bundle) []*settingsmsg.Permission { + permissions := make([]*settingsmsg.Permission, 0) + for _, setting := range role.Settings { + if value, ok := setting.Value.(*settingsmsg.Setting_PermissionValue); ok { + if util.IsResourceMatched(setting.Resource, resource) { + permissions = append(permissions, value.PermissionValue) + } + } + } + return permissions } diff --git a/settings/pkg/store/metadata/store.go b/settings/pkg/store/metadata/store.go index b77a6770fec..f7d987eecd2 100644 --- a/settings/pkg/store/metadata/store.go +++ b/settings/pkg/store/metadata/store.go @@ -50,6 +50,10 @@ func (s *Store) Init() { s.l.Lock() defer s.l.Unlock() + if s.mdc != nil { + return + } + var err error //s.init.Do(func() { //b := backoff.NewExponentialBackOff()