From 1962eebef53eb41a049518abe3af1261c41d67a6 Mon Sep 17 00:00:00 2001
From: jkoberg <jkoberg@owncloud.com>
Date: Tue, 1 Mar 2022 11:37:26 +0100
Subject: [PATCH] implement permission unit tests

Signed-off-by: jkoberg <jkoberg@owncloud.com>
---
 .../pkg/store/metadata/assignments_test.go    |  9 +++
 settings/pkg/store/metadata/permissions.go    | 60 +++++++++++++++++--
 settings/pkg/store/metadata/store.go          |  4 ++
 3 files changed, 68 insertions(+), 5 deletions(-)

diff --git a/settings/pkg/store/metadata/assignments_test.go b/settings/pkg/store/metadata/assignments_test.go
index a2b56e600a0..5dae88ae945 100644
--- a/settings/pkg/store/metadata/assignments_test.go
+++ b/settings/pkg/store/metadata/assignments_test.go
@@ -37,20 +37,28 @@ var (
 			},
 			Settings: []*settingsmsg.Setting{
 				{
+					Id:   "updateID",
 					Name: "update",
 					Value: &settingsmsg.Setting_PermissionValue{
 						PermissionValue: &settingsmsg.Permission{
 							Operation: settingsmsg.Permission_OPERATION_UPDATE,
 						},
 					},
+					Resource: &settingsmsg.Resource{
+						Type: settingsmsg.Resource_TYPE_SETTING,
+					},
 				},
 				{
+					Id:   "readID",
 					Name: "read",
 					Value: &settingsmsg.Setting_PermissionValue{
 						PermissionValue: &settingsmsg.Permission{
 							Operation: settingsmsg.Permission_OPERATION_READ,
 						},
 					},
+					Resource: &settingsmsg.Resource{
+						Type: settingsmsg.Resource_TYPE_BUNDLE,
+					},
 				},
 			},
 		},
@@ -65,6 +73,7 @@ var (
 			},
 			Settings: []*settingsmsg.Setting{
 				{
+					Id:   "readID",
 					Name: "read",
 					Value: &settingsmsg.Setting_PermissionValue{
 						PermissionValue: &settingsmsg.Permission{
diff --git a/settings/pkg/store/metadata/permissions.go b/settings/pkg/store/metadata/permissions.go
index 0a6133deb69..50ebe12a532 100644
--- a/settings/pkg/store/metadata/permissions.go
+++ b/settings/pkg/store/metadata/permissions.go
@@ -1,22 +1,72 @@
 package store
 
 import (
-	"errors"
-
 	settingsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/settings/v0"
+	"github.com/owncloud/ocis/settings/pkg/settings"
+	"github.com/owncloud/ocis/settings/pkg/util"
 )
 
 // ListPermissionsByResource collects all permissions from the provided roleIDs that match the requested resource
 func (s *Store) ListPermissionsByResource(resource *settingsmsg.Resource, roleIDs []string) ([]*settingsmsg.Permission, error) {
-	return nil, errors.New("not implemented")
+	records := make([]*settingsmsg.Permission, 0)
+	for _, roleID := range roleIDs {
+		role, err := s.ReadBundle(roleID)
+		if err != nil {
+			s.Logger.Debug().Str("roleID", roleID).Msg("role not found, skipping")
+			continue
+		}
+		records = append(records, extractPermissionsByResource(resource, role)...)
+	}
+	return records, nil
 }
 
 // ReadPermissionByID finds the permission in the roles, specified by the provided roleIDs
 func (s *Store) ReadPermissionByID(permissionID string, roleIDs []string) (*settingsmsg.Permission, error) {
-	return nil, errors.New("not implemented")
+	for _, roleID := range roleIDs {
+		role, err := s.ReadBundle(roleID)
+		if err != nil {
+			s.Logger.Debug().Str("roleID", roleID).Msg("role not found, skipping")
+			continue
+		}
+		for _, permission := range role.Settings {
+			if permission.Id == permissionID {
+				if value, ok := permission.Value.(*settingsmsg.Setting_PermissionValue); ok {
+					return value.PermissionValue, nil
+				}
+			}
+		}
+	}
+	return nil, nil
 }
 
 // ReadPermissionByName finds the permission in the roles, specified by the provided roleIDs
 func (s *Store) ReadPermissionByName(name string, roleIDs []string) (*settingsmsg.Permission, error) {
-	return nil, errors.New("not implemented")
+	for _, roleID := range roleIDs {
+		role, err := s.ReadBundle(roleID)
+		if err != nil {
+			s.Logger.Debug().Str("roleID", roleID).Msg("role not found, skipping")
+			continue
+		}
+		for _, permission := range role.Settings {
+			if permission.Name == name {
+				if value, ok := permission.Value.(*settingsmsg.Setting_PermissionValue); ok {
+					return value.PermissionValue, nil
+				}
+			}
+		}
+	}
+	return nil, settings.ErrPermissionNotFound
+}
+
+// extractPermissionsByResource collects all permissions from the provided role that match the requested resource
+func extractPermissionsByResource(resource *settingsmsg.Resource, role *settingsmsg.Bundle) []*settingsmsg.Permission {
+	permissions := make([]*settingsmsg.Permission, 0)
+	for _, setting := range role.Settings {
+		if value, ok := setting.Value.(*settingsmsg.Setting_PermissionValue); ok {
+			if util.IsResourceMatched(setting.Resource, resource) {
+				permissions = append(permissions, value.PermissionValue)
+			}
+		}
+	}
+	return permissions
 }
diff --git a/settings/pkg/store/metadata/store.go b/settings/pkg/store/metadata/store.go
index b77a6770fec..f7d987eecd2 100644
--- a/settings/pkg/store/metadata/store.go
+++ b/settings/pkg/store/metadata/store.go
@@ -50,6 +50,10 @@ func (s *Store) Init() {
 	s.l.Lock()
 	defer s.l.Unlock()
 
+	if s.mdc != nil {
+		return
+	}
+
 	var err error
 	//s.init.Do(func() {
 	//b := backoff.NewExponentialBackOff()