get permission

src/Auth/Business/LuticateBusiness.php

@@ -63,7 +63,13 @@ class LuticateBusiness
 
         $permissions[] = LuticatePermissions::USER_LOGIN;
         foreach ($permissions as $permission) {
-            if (!LuticatePermissionsBusiness::getUserPermission(self::$_currentUser->getId(), $permission)) {
+            try {
+                $perm = LuticatePermissionsBusiness::getEffectivePermission(self::$_currentUser->getId(), $permission);
+                if (!$perm->getValue()) {
+                    return "Permission denied";
+                }
+            }catch (\Exception $e)
+            {
                 return "Permission denied";
             }
         }
@@ -120,12 +126,20 @@ class LuticateBusiness
         $route->post("$prefix/groups/$group_id/delUser/$user_id", "${ns}LuticateGroupsBusiness", "delUser", LuticatePermissions::GROUP_DEL_USER);
 
 
+        $route->post("$prefix/permissions/effective/$user_id/$permission_name", "${ns}LuticatePermissionsBusiness", "getEffectivePermission", LuticatePermissions::PERM_EFFECTIVE_GET);
+        $route->post("$prefix/permissions/effective/me/$permission_name", "${ns}LuticatePermissionsBusiness", "getEffectivePermissionMe");
+
+        $route->post("$prefix/permissions/$permission_name", "${ns}LuticatePermissionsBusiness", "get", LuticatePermissions::PERM_GET);
         $route->post("$prefix/permissions/add/$permission_name/$permission_value", "${ns}LuticatePermissionsBusiness", "add", LuticatePermissions::PERM_ADD);
         $route->post("$prefix/permissions/$permission_name/del", "${ns}LuticatePermissionsBusiness", "del", LuticatePermissions::PERM_DEL);
         $route->post("$prefix/permissions/$permission_name/edit/$permission_value", "${ns}LuticatePermissionsBusiness", "edit", LuticatePermissions::PERM_EDIT);
+
+        $route->post("$prefix/permissions/group/$group_id/$permission_name", "${ns}LuticatePermissionsGroupsBusiness", "get", LuticatePermissions::PERM_GROUP_GET);
         $route->post("$prefix/permissions/group/$group_id/add/$permission_name/$permission_value", "${ns}LuticatePermissionsGroupsBusiness", "add", LuticatePermissions::PERM_GROUP_ADD);
         $route->post("$prefix/permissions/group/$group_id/$permission_name/del", "${ns}LuticatePermissionsGroupsBusiness", "del", LuticatePermissions::PERM_GROUP_DEL);
         $route->post("$prefix/permissions/group/$group_id/$permission_name/edit/$permission_value", "${ns}LuticatePermissionsGroupsBusiness", "edit", LuticatePermissions::PERM_GROUP_EDIT);
+
+        $route->post("$prefix/permissions/user/$user_id/$permission_name", "${ns}LuticatePermissionsUsersBusiness", "get", LuticatePermissions::PERM_USER_GET);
         $route->post("$prefix/permissions/user/$user_id/add/$permission_name/$permission_value", "${ns}LuticatePermissionsUsersBusiness", "add", LuticatePermissions::PERM_USER_ADD);
         $route->post("$prefix/permissions/user/$user_id/$permission_name/del", "${ns}LuticatePermissionsUsersBusiness", "del", LuticatePermissions::PERM_USER_DEL);
         $route->post("$prefix/permissions/user/$user_id/$permission_name/edit/$permission_value", "${ns}LuticatePermissionsUsersBusiness", "edit", LuticatePermissions::PERM_USER_EDIT);

src/Auth/Business/LuticatePermissionsBusiness.php

@@ -21,25 +21,36 @@ class LuticatePermissionsBusiness extends LuBusiness {
         return $perm;
     }
 
-    public static function getUserPermission($user_id, $permission_name, $default = false)
+    public static function getEffectivePermission($user_id, $permission_name)
     {
-        $val = LuticatePermissionsDataAccess::getUserPermission($user_id, $permission_name);
-        if (is_null($val)) {
-            return $default;
-        }
-        return $val;
+        self::checkPermissionName($permission_name);
+        $val = LuticatePermissionsDataAccess::getEffectivePermission($user_id, $permission_name);
+        $perm = new LuticatePermissionsDbo();
+        $perm->setValue($val);
+        $perm->setName($permission_name);
+        return $perm;
     }
 
-    public static function getUserDynamicPermission($user_id, $permission_name, $action, $resource_id, $default = false)
+    public static function getEffectivePermissionMe($user, $permission_name)
+    {
+        return self::getEffectivePermission($user->getId(), $permission_name);
+    }
+
+    public static function getUserDynamicPermission($user_id, $permission_name, $action, $resource_id)
     {
         $dynamic_permission_name = "LU_DYN_" . $permission_name . "_" . $action . "_" . $resource_id;
-        $val = LuticatePermissionsDataAccess::getUserPermission($user_id, $dynamic_permission_name);
+        $val = LuticatePermissionsDataAccess::getEffectivePermission($user_id, $dynamic_permission_name);
         if (is_null($val)) {
-            return self::getUserPermission($user_id, $permission_name, $default);
+            return self::getEffectivePermission($user_id, $permission_name);
         }
         return $val;
     }
 
+    public static function get($permission_name)
+    {
+        return LuticatePermissionsDataAccess::getByName($permission_name);
+    }
+
     public static function add($permission_name, $permission_value)
     {
         $perm = LuticatePermissionsDataAccess::getByName($permission_name);

src/Auth/Business/LuticatePermissionsGroupsBusiness.php

@@ -12,6 +12,11 @@ class LuticatePermissionsGroupsBusiness extends LuBusiness {
         return new LuticatePermissionsGroupsDataAccess();
     }
 
+    public static function get($group_id, $permission_name)
+    {
+        return LuticatePermissionsGroupsDataAccess::getByName($group_id, $permission_name);
+    }
+
     public static function add($group_id, $permission_name, $permission_value)
     {
         LuticateGroupsBusiness::checkGroupId($group_id);

src/Auth/Business/LuticatePermissionsUsersBusiness.php

@@ -12,6 +12,11 @@ class LuticatePermissionsUsersBusiness extends LuBusiness {
         return new LuticatePermissionsUsersDataAccess();
     }
 
+    public static function get($user_id, $permission_name)
+    {
+        return LuticatePermissionsUsersDataAccess::getByName($user_id, $permission_name);
+    }
+
     public static function add($user_id, $permission_name, $permission_value)
     {
         LuticateUsersBusiness::checkUserId($user_id);

src/Auth/DBO/LuticatePermissions.php

@@ -24,12 +24,16 @@ class LuticatePermissions
     const GROUP_ADD_USER = "LU_GROUP_ADD_USER";
     const GROUP_DEL_USER = "LU_GROUP_DEL_USER";
 
+    const PERM_EFFECTIVE_GET = "LU_PERM_EFFECTIVE_GET";
+    const PERM_GET = "LU_PERM_GET";
     const PERM_ADD = "LU_PERM_ADD";
     const PERM_EDIT = "LU_PERM_EDIT";
     const PERM_DEL = "LU_PERM_DEL";
+    const PERM_GROUP_GET = "LU_PERM_GROUP_GET";
     const PERM_GROUP_ADD = "LU_PERM_GROUP_ADD";
     const PERM_GROUP_EDIT = "LU_PERM_GROUP_EDIT";
     const PERM_GROUP_DEL = "LU_PERM_GROUP_DEL";
+    const PERM_USER_GET = "LU_PERM_USER_GET";
     const PERM_USER_ADD = "LU_PERM_USER_ADD";
     const PERM_USER_EDIT = "LU_PERM_USER_EDIT";
     const PERM_USER_DEL = "LU_PERM_USER_DEL";

src/Auth/DataAccess/LuticatePermissionsDataAccess.php

@@ -13,7 +13,7 @@ class LuticatePermissionsDataAccess extends LuDataAccess {
         return new LuticatePermissions();
     }
 
-    public static function getUserPermission($user_id, $permission_name)
+    public static function getEffectivePermission($user_id, $permission_name)
     {
         return SpLuGetUserPermission::execute($user_id, $permission_name)->getVal();
     }