From 19856a386c72d481c44ba75ac1c8b4c8e55db723 Mon Sep 17 00:00:00 2001
From: grimhilt <grimhilt@users.noreply.github.com>
Date: Tue, 8 Aug 2023 14:18:13 +0200
Subject: [PATCH] improve permissions systems

---
 src/api/models.py      |  6 +++---
 src/api/permissions.py | 42 +++++++++++++++++++++++++++++++-----------
 2 files changed, 34 insertions(+), 14 deletions(-)

diff --git a/src/api/models.py b/src/api/models.py
index c414632..f49e466 100644
--- a/src/api/models.py
+++ b/src/api/models.py
@@ -42,9 +42,9 @@ class UserRole(db.Model):
 class Role(db.Model):
     id = db.Column(db.Integer, primary_key=True, autoincrement=True)
     name = db.Column(db.String)
-    parent_id = db.Column(db.Integer, db.ForeignKey('role.id'))
-    can_create_role = db.Column(db.Boolean, default=False)
-    can_create_playlist = db.Column(db.Boolean, default=False)
+    user_id = db.Column(db.Integer, db.ForeignKey('user.id'), default=None)
+    permissions= db.Column(db.Integer, default=0)
+    parent_id = db.Column(db.Integer, db.ForeignKey('role.id'), default=None)
     users = db.relationship('User', secondary='UserRole', back_populates='roles')
 
     def as_dict(self):
diff --git a/src/api/permissions.py b/src/api/permissions.py
index 49cc798..9dbca69 100644
--- a/src/api/permissions.py
+++ b/src/api/permissions.py
@@ -1,11 +1,18 @@
-from enum import Enum
+from enum import IntEnum
 import functools
 from flask import request, jsonify
 from flask_login import current_user
 from . import db
 from .models import Playlist, PlaylistFile, User, Role, UserRole
 
-Perm = Enum('Perm', ['CREATE_ROLE', 'CREATE_PLAYLIST', 'VIEW_PLAYLIST', 'OWN_PLAYLIST', 'EDIT_PLAYLIST', 'ACTIVATE_PLAYLIST'])
+class Perm(IntEnum):
+    CREATE_USER = 0
+    CREATE_ROLE = 1
+    CREATE_PLAYLIST = 2
+    VIEW_PLAYLIST = 3
+    OWN_PLAYLIST = 4
+    EDIT_PLAYLIST = 5
+    ACTIVATE_PLAYLIST = 6
 
 class permissions:
     
@@ -32,6 +39,8 @@ class permissions:
 def CheckPermissionFactory(perm):
     print(perm)
     match perm:
+        case Perm.CREATE_USER:
+            return CheckCreateUser()
         case Perm.CREATE_ROLE:
             return CheckCreateRole()
         case Perm.CREATE_PLAYLIST:
@@ -55,7 +64,14 @@ def get_playlist_id(args):
         print("in")
         return json['playlist_id']
     return
-    
+
+def checkBit(permissions, index):
+    binStr = bin(permissions)
+    lenStr = len(binStr)
+    print(binStr)
+    print(lenStr)
+    print(lenStr - index)
+    return binStr[lenStr - index - 1] == '1'
 
 class CheckNone:
     def is_valid(self, args):
@@ -110,17 +126,21 @@ class CheckEditPlaylist:
         # todo check edit
         return False
 
-class CheckCreatePlaylist:
-    def is_valid(self, _):
-        has_role_to_create = next( \
-                (True \
-                for role in current_user.as_dict()['roles'] \
-                if role['can_create_playlist']), \
-                None)
+class CheckCreateUser:
+    def __init__(self):
+        self.message = "You don't have the permission to create an user"
+        self.status_code = 403
 
+    def is_valid(self, _):
+        return checkBit(current_user.as_dict()['roles'][0]['permissions'], Perm.CREATE_USER)
+
+class CheckCreatePlaylist:
+    def __init__(self):
         self.message = "You don't have the permission to create a playlist"
         self.status_code = 403
-        return has_role_to_create
+
+    def is_valid(self, _):
+        return checkBit(current_user.as_dict()['roles'][0]['permissions'], Perm.CREATE_PLAYLIST)
 
 class CheckActivatePlaylist:
     def __init__(self):