From 28711d1e9679291fa2ca580878751cdab8f1790e Mon Sep 17 00:00:00 2001
From: Ryan Tharp <neuro@interx.net>
Date: Mon, 17 Feb 2020 08:53:33 +0000
Subject: [PATCH] whitelist funcs

---
 models/role_permissions.js | 96 +++++++++++++++++++++++++++++++++++---
 1 file changed, 89 insertions(+), 7 deletions(-)

diff --git a/models/role_permissions.js b/models/role_permissions.js
index 623e66e..7e91f6d 100644
--- a/models/role_permissions.js
+++ b/models/role_permissions.js
@@ -1,6 +1,6 @@
 const userRole = require('./user_roles');
 
-var permissionModel;
+let permissionModel;
 
 const start = options => {
   const { schema } = options
@@ -69,9 +69,10 @@ const getUsers = (cb) => {
 
 const getRolesByUserId = (user_id, cb) => {
   if (user_id === undefined) {
-    console.error('storage::role_permissions:getRolesByUserId - given a user_id that is undefined');
+    console.error('model::role_permissions:getRolesByUserId - given a user_id that is undefined');
     return;
   }
+  // console.log('model::role_permissions:getRolesByUserId - looking up', user_id);
   return permissionModel.find({
     where: { entity_type: 'user', entity_id: user_id }, order: 'ord'
   }, cb);
@@ -229,7 +230,7 @@ module.exports = {
       permissionModel.find({ where: {
         entity_type: 'user', entity_id: user_id, object: 'server', object_id: 0
       }, order: 'ord'}, async (err, permissions) => {
-        if (err) console.error('storage:::role_permissions::unblacklistUserFromServer err', err);
+        if (err) console.error('storage:::role_permissions::blacklistUserFromServer err', err);
         if (permissions.length) {
           await Promise.all(
             permissions.map(async perm => {
@@ -255,14 +256,14 @@ module.exports = {
   },
   isBlacklisted: async user_id => {
     if (user_id === undefined) {
-      console.error('role_permissions:isBlacklisted given a user_id that is undefined');
+      console.trace('role_permissions:isBlacklisted given a user_id that is undefined');
       return;
     }
     const userPerms = await getRolesByUserId(user_id);
     if (!userPerms || !userPerms.length) {
       // no entries at all
       // FIXME: look up server default
-      console.log('role_permissions:isBlacklisted - no perms for', user_id);
+      //console.log('role_permissions:isBlacklisted - no perms for', user_id);
       return false;
     }
     const perms = userPerms.pop();
@@ -283,7 +284,7 @@ module.exports = {
   },
   unblacklistUserFromServer: async user_id => {
     if (user_id === undefined) {
-      console.error('role_permissions:unblacklistUserFromServer given a user_id that is undefined');
+      console.trace('role_permissions:unblacklistUserFromServer given a user_id that is undefined');
       return;
     }
     permissionModel.find({ where: {
@@ -301,4 +302,85 @@ module.exports = {
       );
     });
     return true;
-  },}
+  },
+  isWhitelisted: async user_id => {
+    if (user_id === undefined) {
+      console.trace('role_permissions:isWhitelisted given a user_id that is undefined');
+      return;
+    }
+    const userPerms = await getRolesByUserId(user_id);
+    if (!userPerms || !userPerms.length) {
+      // no entries at all
+      // FIXME: look up server default
+      //console.log('role_permissions:isWhitelisted - no perms for', user_id);
+      return false;
+    }
+    const perms = userPerms.pop();
+    const triboolPerms = [ 'allowed' ];
+    userPerms.map( perm_obj => {
+      triboolPerms.map( perm => {
+        // if -1 disable
+        if (perm_obj[perm] === -1) perms[perm] = -1;
+        // if 1 enable
+        else if (perm_obj[perm] === 1) perms[perm] = 1;
+      });
+    });
+    // not set one way or another
+    if (perms['allowed'] !== -1 && perms['allowed'] !== 1) {
+      // FIXME: look up server default
+      // write back to perms['allowed']
+    }
+    return perms['allowed'] === 1;
+  },
+  whitelistUserForServer: user_id => {
+    return new Promise(async (resolve, rej) => {
+      if (user_id === undefined) {
+        console.error('role_permissions:whitelistUserForServer given a user_id that is undefined');
+        return;
+      }
+      permissionModel.find({ where: {
+        entity_type: 'user', entity_id: user_id, object: 'server', object_id: 0
+      }, order: 'ord'}, async (err, permissions) => {
+        if (err) console.error('storage:::role_permissions::whitelistUserForServer err', err);
+        if (permissions.length) {
+          await Promise.all(
+            permissions.map(async perm => {
+              perm.allowed = 1;
+              await perm.save();
+            })
+          );
+          return resolve(true);
+        }
+        const permission = new permissionModel;
+        permission.entity_type = 'user';
+        permission.entity_id = user_id;
+        permission.object = 'server';
+        permission.object_id = 0;
+        permission.allowed = 1;
+        await permission.save();
+        resolve(true);
+      });
+    });
+  },
+  unwhitelistUserFromServer: async user_id => {
+    if (user_id === undefined) {
+      console.trace('role_permissions:unwhitelistUserFromServer given a user_id that is undefined');
+      return;
+    }
+    permissionModel.find({ where: {
+      entity_type: 'user', entity_id: user_id, object: 'server', object_id: 0
+    }, order: 'ord'}, async (err, permissions) => {
+      if (err) console.error('storage:::role_permissions::unwhitelistUserFromServer err', err);
+      if (!permissions || !permissions.length) {
+        return;
+      }
+      await Promise.all(
+        permissions.map(async perm => {
+          perm.allowed = 0;
+          await perm.save();
+        })
+      );
+    });
+    return true;
+  },
+}