diff --git a/backlib/src/main/java/net/miarma/api/backlib/middlewares/AbstractAuthGuard.java b/backlib/src/main/java/net/miarma/api/backlib/middlewares/AbstractAuthGuard.java index e45bffa..3db07e7 100644 --- a/backlib/src/main/java/net/miarma/api/backlib/middlewares/AbstractAuthGuard.java +++ b/backlib/src/main/java/net/miarma/api/backlib/middlewares/AbstractAuthGuard.java @@ -30,16 +30,26 @@ public abstract class AbstractAuthGuard & IUserRole> { } int userId = JWTManager.getInstance().extractUserId(token); - + String roleStr = JWTManager.getInstance().extractRole(token); + + R role; + try { + role = parseRole(roleStr); + } catch (Exception e) { + JsonUtil.sendJson(ctx, ApiStatus.UNAUTHORIZED, "Invalid role"); + return; + } + + ctx.put("userId", userId); + ctx.put("role", role); + getUserEntity(userId, ctx, entity -> { if (entity == null) { JsonUtil.sendJson(ctx, ApiStatus.UNAUTHORIZED, "User not found"); return; } - R userRole = extractRoleFromEntity(entity); - - if (allowedRoles.length == 0 || hasPermission(entity, userRole, allowedRoles)) { + if (allowedRoles.length == 0 || isRoleAllowed(role, allowedRoles)) { ctx.put("userEntity", entity); ctx.next(); } else { @@ -49,18 +59,8 @@ public abstract class AbstractAuthGuard & IUserRole> { }; } -<<<<<<< HEAD protected boolean isRoleAllowed(R role, R... allowedRoles) { - for (R allowed : allowedRoles) { - if (role == allowed) return true; -======= - protected R extractRoleFromEntity(U user) { - try { - return (R) user.getClass().getMethod("getRole").invoke(user); - } catch (Exception e) { - return null; ->>>>>>> refs/remotes/origin/dev - } + for (R allowed : allowedRoles) if (role == allowed) return true; return false; } protected String extractToken(RoutingContext ctx) { diff --git a/microservices/core/src/main/java/net/miarma/api/microservices/core/routing/middlewares/CoreAuthGuard.java b/microservices/core/src/main/java/net/miarma/api/microservices/core/routing/middlewares/CoreAuthGuard.java index 3e67edb..503da6b 100644 --- a/microservices/core/src/main/java/net/miarma/api/microservices/core/routing/middlewares/CoreAuthGuard.java +++ b/microservices/core/src/main/java/net/miarma/api/microservices/core/routing/middlewares/CoreAuthGuard.java @@ -29,10 +29,8 @@ public class CoreAuthGuard extends AbstractAuthGuard { } @Override - protected boolean hasPermission(UserEntity member, CoreUserRole userRole, CoreUserRole... allowedRoles) { - if (member == null) return false; - if (member.getGlobal_role() == CoreUserRole.ADMIN) return true; - return false; + protected boolean hasPermission(UserEntity user, CoreUserRole userRole) { + return user.getGlobal_role() == CoreUserRole.ADMIN; } } diff --git a/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/middlewares/HuertosAuthGuard.java b/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/middlewares/HuertosAuthGuard.java index cfb0213..ad523b7 100644 --- a/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/middlewares/HuertosAuthGuard.java +++ b/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/middlewares/HuertosAuthGuard.java @@ -34,14 +34,8 @@ public class HuertosAuthGuard extends AbstractAuthGuard>>>>>> refs/remotes/origin/dev } } diff --git a/microservices/huertosdecine/src/main/java/net/miarma/api/microservices/huertosdecine/routing/middlewares/CineAuthGuard.java b/microservices/huertosdecine/src/main/java/net/miarma/api/microservices/huertosdecine/routing/middlewares/CineAuthGuard.java index 02f3736..181bc3e 100644 --- a/microservices/huertosdecine/src/main/java/net/miarma/api/microservices/huertosdecine/routing/middlewares/CineAuthGuard.java +++ b/microservices/huertosdecine/src/main/java/net/miarma/api/microservices/huertosdecine/routing/middlewares/CineAuthGuard.java @@ -29,13 +29,8 @@ public class CineAuthGuard extends AbstractAuthGuard } @Override - protected boolean hasPermission(ViewerEntity member, CineUserRole userRole, CineUserRole... allowedRoles) { - if (member == null) return false; - if (member.getRole() == CineUserRole.ADMIN) return true; - for (CineUserRole role : allowedRoles) { - if (member.getRole() == role) return true; - } - return false; + protected boolean hasPermission(ViewerEntity user, CineUserRole userRole) { + return user.getRole() == CineUserRole.ADMIN; } } diff --git a/microservices/miarmacraft/src/main/java/net/miarma/api/microservices/miarmacraft/routing/middlewares/MMCAuthGuard.java b/microservices/miarmacraft/src/main/java/net/miarma/api/microservices/miarmacraft/routing/middlewares/MMCAuthGuard.java index 6a1b3b4..dac2e70 100644 --- a/microservices/miarmacraft/src/main/java/net/miarma/api/microservices/miarmacraft/routing/middlewares/MMCAuthGuard.java +++ b/microservices/miarmacraft/src/main/java/net/miarma/api/microservices/miarmacraft/routing/middlewares/MMCAuthGuard.java @@ -29,13 +29,8 @@ public class MMCAuthGuard extends AbstractAuthGuard { } @Override - protected boolean hasPermission(PlayerEntity member, MMCUserRole userRole, MMCUserRole... allowedRoles) { - if (member == null) return false; - if (member.getRole() == MMCUserRole.ADMIN) return true; - for (MMCUserRole role : allowedRoles) { - if (member.getRole() == role) return true; - } - return false; + protected boolean hasPermission(PlayerEntity user, MMCUserRole userRole) { + return user.getRole() == MMCUserRole.ADMIN; } }