From 39f90bae9e1bf909419a4208d86071cce552be0e Mon Sep 17 00:00:00 2001
From: Relintai <relintai@protonmail.com>
Date: Wed, 10 Nov 2021 20:08:42 +0100
Subject: [PATCH] use redirect rank permission.

---
 modules/rbac/rbac_controller.cpp            | 7 ++++++-
 modules/rbac/rbac_controller.h              | 3 +++
 modules/rbac/rbac_default_permissions.h     | 3 ++-
 modules/rbac/rbac_model.cpp                 | 9 +++++++--
 modules/rbac/rbac_model.h                   | 1 +
 modules/rbac/rbac_rank.cpp                  | 4 ++++
 modules/rbac/rbac_rank.h                    | 1 +
 modules/rbac_users/rbac_user_controller.cpp | 5 ++++-
 8 files changed, 28 insertions(+), 5 deletions(-)

diff --git a/modules/rbac/rbac_controller.cpp b/modules/rbac/rbac_controller.cpp
index db04885..bddbe66 100644
--- a/modules/rbac/rbac_controller.cpp
+++ b/modules/rbac/rbac_controller.cpp
@@ -578,7 +578,8 @@ void RBACController::register_permissions() {
 	register_permission("Update", RBAC_PERMISSION_UPDATE);
 	register_permission("Delete", RBAC_PERMISSION_DELETE);
 
-	register_rank_permission("Admin Panel", RBAC_PERMISSION_ADMIN_PANEL);
+	register_rank_permission("Admin Panel", RBAC_RANK_PERMISSION_ADMIN_PANEL);
+	register_rank_permission("Use Redirect", RBAC_RANK_PERMISSION_USE_REDIRECT);
 }
 
 Ref<RBACRank> RBACController::get_rank(int rank_id) {
@@ -593,6 +594,10 @@ Ref<RBACRank> RBACController::get_default_rank() {
 	return _ranks[get_default_rank_id()];
 }
 
+String &RBACController::get_redirect_url() {
+	return _redirect_url;
+}
+
 bool RBACController::continue_on_missing_default_rank() {
 	//todo, add setting
 	return false;
diff --git a/modules/rbac/rbac_controller.h b/modules/rbac/rbac_controller.h
index 77152d6..8fdb7ce 100644
--- a/modules/rbac/rbac_controller.h
+++ b/modules/rbac/rbac_controller.h
@@ -68,6 +68,8 @@ public:
 	int get_default_rank_id();
 	Ref<RBACRank> get_default_rank();
 
+	String &get_redirect_url();
+
 	bool continue_on_missing_default_rank();
 
 	static RBACController *get_singleton();
@@ -80,6 +82,7 @@ protected:
 
 	int _default_rank_id;
 	std::map<int, Ref<RBACRank> > _ranks;
+	String _redirect_url;
 
 	struct PermissionEntry {
 		String name;
diff --git a/modules/rbac/rbac_default_permissions.h b/modules/rbac/rbac_default_permissions.h
index 41ef024..619a917 100644
--- a/modules/rbac/rbac_default_permissions.h
+++ b/modules/rbac/rbac_default_permissions.h
@@ -12,7 +12,8 @@ enum RBACDefaultPermissions {
 };
 
 enum RBACDefaultRankPermissions {
-    RBAC_PERMISSION_ADMIN_PANEL = 1 << 0,
+    RBAC_RANK_PERMISSION_ADMIN_PANEL = 1 << 0,
+    RBAC_RANK_PERMISSION_USE_REDIRECT = 1 << 1,
 };
 
 #endif
\ No newline at end of file
diff --git a/modules/rbac/rbac_model.cpp b/modules/rbac/rbac_model.cpp
index c6decb1..39db31b 100644
--- a/modules/rbac/rbac_model.cpp
+++ b/modules/rbac/rbac_model.cpp
@@ -149,6 +149,11 @@ int RBACModel::get_default_rank() {
 	return 3;
 }
 
+String RBACModel::get_redirect_url() {
+	//todo, load this, and save it to a table (probably a new settings class)
+	return String("/user/login");
+}
+
 void RBACModel::create_table() {
 	Ref<TableBuilder> tb = DatabaseManager::get_singleton()->ddb->get_table_builder();
 
@@ -198,7 +203,7 @@ void RBACModel::create_default_entries() {
 
 	admin->name = "Admin";
 	admin->base_permissions = RBAC_PERMISSION_ALL;
-	admin->rank_permissions = RBAC_PERMISSION_ADMIN_PANEL;
+	admin->rank_permissions = RBAC_RANK_PERMISSION_ADMIN_PANEL;
 
 	save_rank(admin);
 
@@ -216,7 +221,7 @@ void RBACModel::create_default_entries() {
 
 	guest->name = "Guest";
 	guest->base_permissions = RBAC_PERMISSION_READ;
-	guest->rank_permissions = 0;
+	guest->rank_permissions = RBAC_RANK_PERMISSION_USE_REDIRECT;
 
 	save_rank(guest);
 }
diff --git a/modules/rbac/rbac_model.h b/modules/rbac/rbac_model.h
index 9ff370e..7c30fed 100644
--- a/modules/rbac/rbac_model.h
+++ b/modules/rbac/rbac_model.h
@@ -20,6 +20,7 @@ public:
 	virtual void save_rank(const Ref<RBACRank> &rank);
 	virtual void save_permission(const Ref<RBACPermission> &permission);
 	virtual int get_default_rank();
+	virtual String get_redirect_url();
 
 	void create_table();
 	void drop_table();
diff --git a/modules/rbac/rbac_rank.cpp b/modules/rbac/rbac_rank.cpp
index 205afda..745162f 100644
--- a/modules/rbac/rbac_rank.cpp
+++ b/modules/rbac/rbac_rank.cpp
@@ -8,6 +8,10 @@ bool RBACRank::has_permission(Request *request, const int permission) {
 	return (base_permissions & permission) != 0;
 }
 
+bool RBACRank::has_rank_permission(const int permission) {
+	return (rank_permissions & permission) != 0;
+}
+
 void RBACRank::sort_permissions() {
 	for (int i = 0; i < permissions.size(); ++i) {
 		for (int j = i + 1; j < permissions.size(); ++j) {
diff --git a/modules/rbac/rbac_rank.h b/modules/rbac/rbac_rank.h
index 045125d..1421a0b 100644
--- a/modules/rbac/rbac_rank.h
+++ b/modules/rbac/rbac_rank.h
@@ -26,6 +26,7 @@ public:
 	Vector<Ref<RBACPermission> > permissions;
 
 	bool has_permission(Request *request, const int permission);
+	bool has_rank_permission(const int permission);
 
 	void sort_permissions();
 
diff --git a/modules/rbac_users/rbac_user_controller.cpp b/modules/rbac_users/rbac_user_controller.cpp
index 36bb157..097de9e 100644
--- a/modules/rbac_users/rbac_user_controller.cpp
+++ b/modules/rbac_users/rbac_user_controller.cpp
@@ -67,7 +67,10 @@ void RBACUserController::rbac_default_user_session_middleware(Object *instance,
 	}
 
 	if (!rank->has_permission(request, RBAC_PERMISSION_READ)) {
-		//todo implement redirect perm
+		if (rank->has_rank_permission(RBAC_RANK_PERMISSION_USE_REDIRECT)) {
+			request->send_redirect(RBACController::get_singleton()->get_redirect_url());
+			return;
+		}
 
 		request->send_error(404);
 		return;