From d657a77a57e4d1b31816c31b31854da8566dfc32 Mon Sep 17 00:00:00 2001
From: Boris Tasevski <bora83ns@gmail.com>
Date: Wed, 6 Jul 2022 11:49:00 +0200
Subject: [PATCH] initial functionalities for users and roles implemented

---
 src/auth/models.cpp | 29 +++++++++++++++++++++++++++--
 src/auth/models.hpp |  3 ++-
 2 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/src/auth/models.cpp b/src/auth/models.cpp
index 153303e0c..7bc998215 100644
--- a/src/auth/models.cpp
+++ b/src/auth/models.cpp
@@ -8,7 +8,10 @@
 
 #include "auth/models.hpp"
 
+#include <algorithm>
+#include <iterator>
 #include <regex>
+#include <unordered_set>
 
 #include <gflags/gflags.h>
 
@@ -292,7 +295,8 @@ Role Role::Deserialize(const nlohmann::json &data) {
 }
 
 bool operator==(const Role &first, const Role &second) {
-  return first.rolename_ == second.rolename_ && first.permissions_ == second.permissions_;
+  return first.rolename_ == second.rolename_ && first.permissions_ == second.permissions_ &&
+         first.labelPermissions_ == second.labelPermissions_;
 }
 
 User::User(const std::string &username) : username_(utils::ToLowerCase(username)) {}
@@ -351,11 +355,31 @@ Permissions User::GetPermissions() const {
   return permissions_;
 }
 
+LabelPermissions User::GetLabelPermissions() const {
+  if (role_) {
+    std::unordered_set<std::string> resultGrants;
+
+    std::set_union(labelPermissions_.grants().begin(), labelPermissions_.grants().end(),
+                   role_->labelPermissions().grants().begin(), role_->labelPermissions().grants().end(),
+                   std::inserter(resultGrants, resultGrants.begin()));
+
+    std::unordered_set<std::string> resultDenies;
+
+    std::set_union(labelPermissions_.denies().begin(), labelPermissions_.denies().end(),
+                   role_->labelPermissions().denies().begin(), role_->labelPermissions().denies().end(),
+                   std::inserter(resultDenies, resultDenies.begin()));
+  }
+  return labelPermissions_;
+}
+
 const std::string &User::username() const { return username_; }
 
 const Permissions &User::permissions() const { return permissions_; }
 Permissions &User::permissions() { return permissions_; }
 
+const LabelPermissions &User::labelPermissions() const { return labelPermissions_; }
+LabelPermissions &User::labelPermissions() { return labelPermissions_; }
+
 const Role *User::role() const {
   if (role_.has_value()) {
     return &role_.value();
@@ -386,6 +410,7 @@ User User::Deserialize(const nlohmann::json &data) {
 
 bool operator==(const User &first, const User &second) {
   return first.username_ == second.username_ && first.password_hash_ == second.password_hash_ &&
-         first.permissions_ == second.permissions_ && first.role_ == second.role_;
+         first.permissions_ == second.permissions_ && first.labelPermissions_ == second.labelPermissions_ &&
+         first.role_ == second.role_;
 }
 }  // namespace memgraph::auth
diff --git a/src/auth/models.hpp b/src/auth/models.hpp
index b3faee63e..ec71e8666 100644
--- a/src/auth/models.hpp
+++ b/src/auth/models.hpp
@@ -169,6 +169,7 @@ class User final {
   void ClearRole();
 
   Permissions GetPermissions() const;
+  LabelPermissions GetLabelPermissions() const;
 
   const std::string &username() const;
 
@@ -176,7 +177,7 @@ class User final {
   Permissions &permissions();
 
   const LabelPermissions &labelPermissions() const;
-  Permissions &labelPermissions();
+  LabelPermissions &labelPermissions();
 
   const Role *role() const;