rework of permissions needed

packages/httpRequest/get.go

@@ -2,6 +2,7 @@ package httpRequest
 
 import (
 	"context"
+	"errors"
 	"net/http"
 
 	"go-socket/packages/convertions"
@@ -34,6 +35,7 @@ func getUserByToken(ctx context.Context, token string) (*types.User, error) {
 	}
 	return getUserById(ctx, userId)
 }
+
 func getConnectionWithResponseOnFail(response *http.ResponseWriter, request *http.Request, user *types.User) (*types.Connection, bool) {
 	connectionId, err := convertions.StringToUuid(request.FormValue("connectionid"))
 	if err != nil {
@@ -47,3 +49,45 @@ func getConnectionWithResponseOnFail(response *http.ResponseWriter, request *htt
 	}
 	return conn, true
 }
+
+func getHubByIdStr(ctx context.Context, hubId string) (*types.Hub, error) {
+	hubUuid, err := convertions.StringToUuid(hubId)
+	if err != nil {
+		return nil, err
+	}
+
+	hub, ok := cache.GetHubById(hubUuid)
+	if !ok {
+		hub = types.NewHub()
+		hub.Id = hubUuid
+		if err := postgresql.GetWholeHub(ctx, hub); err != nil {
+			return nil, err
+		}
+	}
+	return hub, nil
+}
+
+func getHubUserIfValidWithResponseOnFail(ctx context.Context, response http.ResponseWriter, token string, hubId string) (
+	*types.User, *types.HubUser, *types.Hub, error) {
+	hub, err := getHubByIdStr(ctx, hubId)
+	if err != nil {
+		http.Error(response, "invalid hubid", http.StatusBadRequest)
+		return nil, nil, nil, errors.New("no such hub")
+	}
+
+	user, err := getUserByToken(ctx, token)
+	if err != nil {
+		http.Error(response, "invalid token", http.StatusBadRequest)
+		return nil, nil, nil, errors.New("invalid token")
+	}
+
+	hub.Mu.RLock()
+	hubUser, ok := hub.Users[user.Id]
+	hub.Mu.RUnlock()
+	if !ok {
+		http.Error(response, "invalid hubid", http.StatusUnauthorized)
+		return nil, nil, nil, errors.New("invalid hubid")
+	}
+
+	return user, hubUser, hub, nil
+}

packages/httpRequest/hubs.go

@@ -11,6 +11,15 @@ import (
 	"github.com/google/uuid"
 )
 
+func hasHubUserPermission(user *types.HubUser, hub *types.Hub, permission types.RolePermission) bool {
+	for _, roleId := range user.Roles {
+		if role, ok := hub.Roles[roleId]; ok && role.HasPermission(permission) {
+			return true
+		}
+	}
+	return false
+}
+
 func HandleHubCreate(response http.ResponseWriter, request *http.Request) {
 	if !validCheckWithResponseOnFail(&response, request, normal) {
 		return
@@ -85,3 +94,40 @@ func HandleHubCreate(response http.ResponseWriter, request *http.Request) {
 	response.WriteHeader(http.StatusCreated)
 	response.Write([]byte(hub.Id.String()))
 }
+
+func HandleHubDelete(response http.ResponseWriter, request *http.Request) {
+	if !validCheckWithResponseOnFail(&response, request, normal) {
+		return
+	}
+	ctx := request.Context()
+
+	_, hubUser, hub, err := getHubUserIfValidWithResponseOnFail(ctx, response, request.Header.Get("token"), request.Header.Get("hubid"))
+	if err != nil {
+		return
+	}
+
+	if !hasHubUserPermission(hubUser, hub, types.PermissionRemoveHub) {
+		http.Error(response, "forbidden", http.StatusForbidden)
+		return
+	}
+
+	if err := postgresql.HubDelete(ctx, hub); err != nil {
+		http.Error(response, "internal server error", http.StatusInternalServerError)
+		return
+	}
+	cache.DeleteHub(hub)
+
+	response.WriteHeader(http.StatusOK)
+}
+
+func HandleHubGet(response http.ResponseWriter, request *http.Request) {
+	if !validCheckWithResponseOnFail(&response, request, normal) {
+		return
+	}
+	ctx := request.Context()
+	_, _, hub, err := getHubUserIfValidWithResponseOnFail(ctx, response, request.Header.Get("token"), request.Header.Get("hubid"))
+	if err != nil {
+		return
+	}
+	
+}