handlers: permisison check for all pages + retrieve user-specific permissions for pages (if any)

2019-05-03 15:59:29 +02:00
parent e87c3a0f4d
commit 7630301168
23 changed files with 167 additions and 34 deletions
--- a/handlers/handler.cpp
+++ b/handlers/handler.cpp
@@ -74,3 +74,19 @@ QueryOption Handler::queryOption(const Request &r) const

 	return result;
 }
+
+Response Handler::handle(const Request &r)
+{
+	if(!canAccess(this->userSession->user.permissions))
+	{
+		return errorResponse("Permission denied", accessErrorMessage());
+	}
+	return handleRequest(r);
+}
+
+Permissions Handler::effectivePermissions(std::string page)
+{
+	return this->database->createPermissionsDao()
+		->find(page, this->userSession->user.login)
+		.value_or(this->userSession->user.permissions);
+}