From 03a708616211b31264e99d4dc8f6afd6c7258083 Mon Sep 17 00:00:00 2001
From: Naida  Vatric <naida.dozic@gmail.com>
Date: Thu, 31 Oct 2019 14:27:46 +0100
Subject: [PATCH] Added /clearpermiss started /testing

---
 endpoints/clearpermissions.js | 26 ++++++++++++++
 endpoints/testuserperm.js     | 67 +++++++++++++++++++++++++++++++++++
 helpfunctions/checkmemb.js    | 24 +++++++++++++
 permissions.js                | 14 +++++++-
 4 files changed, 130 insertions(+), 1 deletion(-)
 create mode 100644 endpoints/clearpermissions.js
 create mode 100644 endpoints/testuserperm.js
 create mode 100644 helpfunctions/checkmemb.js

diff --git a/endpoints/clearpermissions.js b/endpoints/clearpermissions.js
new file mode 100644
index 0000000..d0f4318
--- /dev/null
+++ b/endpoints/clearpermissions.js
@@ -0,0 +1,26 @@
+//Call for deleting all permissions from user or group
+//NOTE: not deleting inherited permissions
+//
+const handleClearPerm = (req, res, db) => {
+    //Parsing req body 
+    const { reqownertype, reqowner} =req.body;
+    //Checking for owner in table permissions and deleting all associated permissions
+    db('permissions')
+        .where('owner', 'ilike', reqowner)
+        //Checking for owner type (user or group) for cases of the same name 
+        .andWhere('ownertype', 'ilike', reqownertype) 
+        .del()
+        .then (count => {
+            if (count!==0) {
+                res.json(`Total of ${count} permissions cleared from ${reqownertype} ${reqowner}.`);
+            }
+            else {
+                throw err;
+            }
+        })
+        .catch (err => res.status(400).json('Error finding permissions owner in database.'));
+}
+
+module.exports = {
+    handleClearPerm
+}
\ No newline at end of file
diff --git a/endpoints/testuserperm.js b/endpoints/testuserperm.js
new file mode 100644
index 0000000..2c640ae
--- /dev/null
+++ b/endpoints/testuserperm.js
@@ -0,0 +1,67 @@
+//Call for testing if a particular user has a particular permission over a
+// particular object. Returns true or false. 
+//
+//Requiremenst for checking data in DB
+const checkmemb= require('../helpfunctions/checkmemb');
+
+const condTest = (req, res, db) => {
+    //Parsing req body 
+    const { reqowner, reqobjname, reqtype} =req.body;
+
+    //Checking for owner with particular permission over a particular object 
+    db.transaction (trx => {
+        trx.select('objname')
+        .from('permissions')
+        //First checking for directly associated permissions
+        .where('owner', 'ilike', reqowner)
+        //Checking only for users 
+        .andWhere('ownertype', 'ilike', 'user') 
+        .andWhere('objname', 'ilike', reqobjname)
+        .andWhere('type', 'ilike', reqtype)
+        .then (found => {
+            if (found.length !==0) {
+                return res.json(true);
+            }
+            //Checking for permissions inherited from groups
+            return trx('permissions')
+                .returning('owner')
+                //Checking only for groups
+                .where('ownertype', 'ilike', 'group')
+                //Checking for existance of group with particular permission over a particular object
+                .andWhere('objname', 'ilike', reqobjname)
+                .andWhere('type', 'ilike', reqtype)
+                .then (found => {
+                    //?
+                    console.log('found', found);
+                    //Found is an array of objects (rows from permissions table) where group has needed permisions
+                    //Check for every group if user is a member
+                    found.forEach( (row, index) => {
+                        //?
+                        console.log('row.owner', row.owner);
+                         // Check if our user is in found group and have inherited permission
+                        return trx('groups')
+                        .returning('*')
+                        .where('username', 'ilike', reqowner)
+                        .andWhere('groupname', 'ilike', 'admins')
+                        .then ( data => {
+                            console.log('data', data);
+                            if (data.length!==0) {
+                                return res.json(true);
+                            }
+                        })
+                        .then(trx.commit)
+                        .catch(trx.rollback)
+                    });
+                    return res.json(false);
+                })
+                
+        }) 
+        .then(trx.commit)
+        .catch(trx.rollback)
+        .catch (err => res.status(400).json('Error accesing database.'))
+    })
+}
+
+module.exports = {
+    condTest
+}
\ No newline at end of file
diff --git a/helpfunctions/checkmemb.js b/helpfunctions/checkmemb.js
new file mode 100644
index 0000000..d01648f
--- /dev/null
+++ b/helpfunctions/checkmemb.js
@@ -0,0 +1,24 @@
+//Checking if user is a member of a group
+//if yes returns true else returns false
+const checkMember = (requser, reqgroup, db) => {
+    let check;
+        db.transaction (trx => {
+            trx.select('username')
+            .from('groups')
+            .where('username', 'ilike', requser)
+            .andWhere('groupname', 'ilike', reqgroup)
+            .then ( data => {
+                if (data.length!==0) {
+                    check= true;
+                }
+                check= false;
+            })
+            .then(trx.commit)
+            .catch(trx.rollback)
+        });
+        console.log ('check', check);
+    return check;
+}
+module.exports = {
+    checkMember
+}
\ No newline at end of file
diff --git a/permissions.js b/permissions.js
index 56e5afd..3888ce8 100644
--- a/permissions.js
+++ b/permissions.js
@@ -25,6 +25,8 @@ const db = knex ({
 const addusertogroup= require('./endpoints/addusertogroup');
 const cleargroup= require('./endpoints/cleargroup');
 const addpermission= require('./endpoints/addpermission');
+const clearpermissions= require('./endpoints/clearpermissions');
+const testuserperm= require('./endpoints/testuserperm');
 
 //Checking basics
 app.get('/', (req, res) => {
@@ -45,7 +47,7 @@ app.post('/addusertogroup', [
 
 //Call for deleting all users from group
 app.delete('/cleargroup', (req,res) => {
-    cleargroup.handleClearGroup(req, res, db)
+    cleargroup.handleClearGroup(req, res, db);
 });
 
 //Call for adding a permission to a user or group
@@ -69,6 +71,16 @@ app.post('/addpermission', [
     }
     addpermission.handleAddPermission(req, res, db)});
 
+//Call for deleting all permissions from users or group
+app.delete('/clearpermissions', (req,res) => {
+    clearpermissions.handleClearPerm(req, res, db);
+});
+
+//Call for testing if a particular user has a particular permission over a
+// particular object
+app.post('/testuserperm', (req,res) => {
+    testuserperm.condTest(req, res, db);
+})
 
 //Listening on local port 3000 -temporary, to be changed to env Var
 app.listen(3000, () => {