From 588abd27128ac0d2dfa58e8dab14c83332784760 Mon Sep 17 00:00:00 2001
From: quentin <qrs01@snowtx.com>
Date: Sat, 13 Jul 2024 12:58:35 -0500
Subject: [PATCH] Added PermissionAuthentication

---
 .../GrantNames/PermissionGrantNames.cs        | 14 ++++++
 .../Interfaces/IPermissionAuthentication.cs   |  9 ++++
 .../PermissionAuthentication.cs               | 44 +++++++++++++++++++
 API/Controllers/PermissionController.cs       |  2 +-
 API/Services/PermissionService.cs             |  4 +-
 5 files changed, 70 insertions(+), 3 deletions(-)
 create mode 100644 API/Authentication/GrantNames/PermissionGrantNames.cs
 create mode 100644 API/Authentication/Interfaces/IPermissionAuthentication.cs
 create mode 100644 API/Authentication/PermissionAuthentication.cs

diff --git a/API/Authentication/GrantNames/PermissionGrantNames.cs b/API/Authentication/GrantNames/PermissionGrantNames.cs
new file mode 100644
index 0000000..197ddd2
--- /dev/null
+++ b/API/Authentication/GrantNames/PermissionGrantNames.cs
@@ -0,0 +1,14 @@
+namespace API.Authentication.GrantNames
+{
+	public static class PermissionGrantNames
+	{
+		public const string CanGetAll = "api.permission.get.all";
+		public const string CanGetAny = "api.permission.get.any";
+		public const string CanGet = "api.permission.get";
+		public const string CanAdd = "api.permission.add";
+		public const string CanUpdateAny = "api.permission.update.any";
+		public const string CanUpdate = "api.permission.update";
+		public const string CanDeleteAny = "api.permission.delete.any";
+		public const string CanDelete = "api.permission.delete";
+	}
+}
diff --git a/API/Authentication/Interfaces/IPermissionAuthentication.cs b/API/Authentication/Interfaces/IPermissionAuthentication.cs
new file mode 100644
index 0000000..7d963e3
--- /dev/null
+++ b/API/Authentication/Interfaces/IPermissionAuthentication.cs
@@ -0,0 +1,9 @@
+using API.DTO.Base;
+using DAL.Models;
+
+namespace API.Authentication.Interfaces
+{
+	public interface IPermissionAuthentication : IGenericAuthentication<PermissionDTO, Permission>
+	{
+	}
+}
diff --git a/API/Authentication/PermissionAuthentication.cs b/API/Authentication/PermissionAuthentication.cs
new file mode 100644
index 0000000..1148239
--- /dev/null
+++ b/API/Authentication/PermissionAuthentication.cs
@@ -0,0 +1,44 @@
+using API.Authentication.GrantNames;
+using API.Authentication.Interfaces;
+using API.DTO.Base;
+using API.Services;
+using DAL.Models;
+
+namespace API.Authentication
+{
+	public class PermissionAuthentication : IPermissionAuthentication
+	{
+		private readonly GrantService _grantService;
+		private readonly ILogger<PermissionAuthentication> _logger;
+		public PermissionAuthentication(ILogger<PermissionAuthentication> logger, GrantService grantService)
+		{
+			_logger = logger;
+			_grantService = grantService;
+		}
+
+		public bool canGetAll(User user)
+		{
+			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanGetAll);
+		}
+		public bool canGet(Permission model, User user)
+		{
+			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanGetAny) ||
+			       _grantService.getULongValues(user.permissionId, PermissionGrantNames.CanGet).Exists(x => x == model.id);
+		}
+		public bool canAdd(PermissionDTO item, User user)
+		{
+			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanAdd);
+		}
+		public bool canUpdate(Permission model, User user)
+		{
+			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanUpdateAny) ||
+			       _grantService.getULongValues(user.permissionId, PermissionGrantNames.CanUpdate).Exists(x => x == model.id);
+		}
+		public bool canDelete(Permission model, User user)
+		{
+			return (_grantService.hasGrant(user.permissionId, PermissionGrantNames.CanDeleteAny) ||
+			        _grantService.getULongValues(user.permissionId, PermissionGrantNames.CanDelete).Exists(x => x == model.id))
+			       && model.id != user.permissionId;
+		}
+	}
+}
diff --git a/API/Controllers/PermissionController.cs b/API/Controllers/PermissionController.cs
index db962ad..f7342a5 100644
--- a/API/Controllers/PermissionController.cs
+++ b/API/Controllers/PermissionController.cs
@@ -10,7 +10,7 @@ namespace API.Controllers
 {
 	[ApiController]
 	[Route("api/v1/[controller]")]
-	public class PermissionController : CRUDBase<PermissionController, PermissionDTO, PermissionUpdateDTO, Permission, AuditPermission, IYesAuthentication, PermissionService>
+	public class PermissionController : CRUDBase<PermissionController, PermissionDTO, PermissionUpdateDTO, Permission, AuditPermission, IPermissionAuthentication, PermissionService>
 	{
 		public PermissionController(ILogger<PermissionController> logger, UserService userService, PermissionService service) : base(logger, userService, service)
 		{
diff --git a/API/Services/PermissionService.cs b/API/Services/PermissionService.cs
index b1dc81b..4648876 100644
--- a/API/Services/PermissionService.cs
+++ b/API/Services/PermissionService.cs
@@ -6,10 +6,10 @@ using DAL.Models.Audits;
 
 namespace API.Services
 {
-	public class PermissionService : ServiceBase<PermissionService, PermissionDTO, Permission, AuditPermission, IYesAuthentication>
+	public class PermissionService : ServiceBase<PermissionService, PermissionDTO, Permission, AuditPermission, IPermissionAuthentication>
 	{
 
-		public PermissionService(ILogger<PermissionService> logger, SASGContext context, IYesAuthentication auth) : base(logger, context, auth)
+		public PermissionService(ILogger<PermissionService> logger, SASGContext context, IPermissionAuthentication auth) : base(logger, context, auth)
 		{
 		}
 	}