initial permission supprt - fixes #10

dbtools.js

@@ -9,5 +9,5 @@ dbtools.createSchema = (db) => {
             service TEXT, \
             subcommand TEXT, \
             args TEXT \
-        )'); // the inner bracket for sql, the outer for closing the function*/
+        )'); // the inner bracket for sql, the outer for closing the function
 };

index.js

@@ -1,6 +1,7 @@
 const commands = require('./commands.js');
 const dbtools = require('./dbtools.js');
 const fs = require('fs');
+const permissions = require('./permissions.js');
 const sdk = require('matrix-js-sdk');
 const sqlite3 = require('sqlite3').verbose(); // .verbose until basics work
 const yaml = require('js-yaml');
@@ -34,6 +35,8 @@ matrixClient.on('Room.timeline', function(event, room, resetTimeline) {
 
     commands.expandCommand(body, commands.projects)
     .then((expansion) => {
+        permissions.eval(event.sender.userId, expansion, db)
+        .then((accessgranted) => {
             let subcommand = commands.projects[expansion.project][expansion.service][expansion.subcommand];
             const args = expansion.args.match(subcommand.regex);
 
@@ -43,6 +46,9 @@ matrixClient.on('Room.timeline', function(event, room, resetTimeline) {
             }
 
             subcommand.exec(args, room, event);
+        }, (fail) => {
+            matrixClient.sendNotice(room.roomId, event.sender.userId + ' ' + fail);
+        });
     }, (fail) => { // command not found
         let tmp = commands.suggestFix(body, commands.projects);
         if(tmp !== null){ //when the regex matches nothing

permissions.js

@@ -0,0 +1,50 @@
+const permissions = module.exports = {};
+
+permissions.eval = (mxid, expansion, db) => {
+    return new Promise((resolve, reject) => {
+        let accessGranted = false;
+
+        db.each('SELECT omni, project, service, subcommand, args \
+            FROM permissions \
+            WHERE mxid=?',
+        [mxid],
+        (err, row) => { // callback for each returned row
+            // check for omnipotence
+            if(row.omni === 1) {
+                accessGranted = true;
+                return;
+            };
+
+            // check for project permissions
+            const regexProject = new RegExp(row.project);
+            if(!regexProject.test(expansion.project)) {
+                return;
+            };
+            // check for service permissions
+            const regexService = new RegExp(row.service);
+            if(!regexService.test(expansion.service)) {
+                return;
+            };
+            // check for subcommand permissions
+            const regexSubcommand = new RegExp(row.subcommand);
+            if(!regexSubcommand.test(expansion.subcommand)) {
+                return;
+            };
+            // check for args permissions
+            const regexArgs = new RegExp(row.args);
+            if(regexArgs.test(expansion.args)) {
+                accessGranted = true;
+                return;
+            };
+        },
+        () => { // gets called after all rows are processed
+            if(accessGranted) {
+                resolve('access granted');
+                return;
+            } else {
+                reject('permission denied');
+                return;
+            };
+        });
+    });
+};