fixes #81 implementation of legacy permission system

src/main/java/com/faforever/api/data/domain/LegacyAccessLevel.java

@@ -0,0 +1,31 @@
+package com.faforever.api.data.domain;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import org.springframework.security.core.GrantedAuthority;
+
+@Getter
+@AllArgsConstructor
+@Deprecated
+public enum LegacyAccessLevel implements GrantedAuthority {
+  ROLE_USER(0),
+  ROLE_MODERATOR(1),
+  ROLE_ADMINISTRATOR(2);
+
+  @Override
+  public String getAuthority() {
+    return this.name();
+  }
+
+  private int code;
+
+  public static LegacyAccessLevel fromCode(int code) {
+    for (LegacyAccessLevel level : LegacyAccessLevel.values()) {
+      if (level.code == code) {
+        return level;
+      }
+    }
+
+    throw new IllegalArgumentException(String.format("Code '%s' is unknown", code));
+  }
+}

src/main/java/com/faforever/api/data/domain/LobbyGroup.java

@@ -0,0 +1,32 @@
+package com.faforever.api.data.domain;
+
+import lombok.AllArgsConstructor;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.Id;
+import javax.persistence.Table;
+
+@Entity
+@Table(name = "lobby_group")
+@Setter
+@Deprecated
+@NoArgsConstructor
+@AllArgsConstructor
+public class LobbyGroup {
+  private int userId;
+  private int accessLevel;
+
+  @Column(name = "\"group\"")
+  public int getAccessLevel() {
+    return accessLevel;
+  }
+
+  @Id
+  @Column(name = "user_id")
+  public int getUserId() {
+    return userId;
+  }
+}

src/main/java/com/faforever/api/data/domain/User.java

@@ -4,6 +4,8 @@
 
 import javax.persistence.Column;
 import javax.persistence.Entity;
+import javax.persistence.JoinColumn;
+import javax.persistence.OneToOne;
 import javax.persistence.Table;
 
 @Entity
@@ -12,9 +14,16 @@
 public class User extends Login {
 
   private String password;
-
+  private LobbyGroup lobbyGroup;
+
   @Column(name = "password")
   public String getPassword() {
     return password;
   }
+
+  @OneToOne
+  @JoinColumn(name = "user_id")
+  public LobbyGroup getLobbyGroup() {
+    return lobbyGroup;
+  }
 }

src/main/java/com/faforever/api/security/FafUserDetails.java

@@ -1,32 +1,43 @@
 package com.faforever.api.security;
 
+import com.faforever.api.data.domain.LegacyAccessLevel;
 import com.faforever.api.data.domain.User;
 import lombok.Getter;
 import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import java.util.Collection;
 
-import static java.util.Collections.singletonList;
-
 @Getter
 public class FafUserDetails extends org.springframework.security.core.userdetails.User {
 
   private final int id;
 
-  public FafUserDetails(User user) {
-    // TODO implement lobby_admin #81
-    this(user.getId(), user.getLogin(), user.getPassword(), !user.isGlobalBanned(), singletonList(new SimpleGrantedAuthority("ROLE_USER")));
+  public FafUserDetails(User user, Collection<? extends GrantedAuthority> authorities) {
+    this(user.getId(), user.getLogin(), user.getPassword(), !user.isGlobalBanned(), authorities);
   }
 
   public FafUserDetails(int id, String username, String password, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
     super(username, password, true, true, true, accountNonLocked, authorities);
     this.id = id;
   }
 
-
   public boolean hasPermission(String permission) {
-    // TODO: implement permission system #81
+    Collection<GrantedAuthority> authorities = this.getAuthorities();
+
+    if (authorities.contains(LegacyAccessLevel.ROLE_ADMINISTRATOR)) {
+      return true;
+    }
+
+    if (authorities.contains(LegacyAccessLevel.ROLE_MODERATOR)) {
+      switch (permission) {
+        // add non-moderator permissions here
+        case "ANY-ADMIN-ONLY-PERMISSION":
+          return false;
+        default:
+          return true;
+      }
+    }
+
     return false;
   }
 }

src/main/java/com/faforever/api/security/FafUserDetailsService.java

@@ -1,13 +1,16 @@
 package com.faforever.api.security;
 
+import com.faforever.api.data.domain.LegacyAccessLevel;
 import com.faforever.api.data.domain.User;
 import com.faforever.api.user.UserRepository;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
 
 import javax.inject.Inject;
+import java.util.ArrayList;
 
 /**
  * Adapter between Spring's {@link UserDetailsService} and FAF's {@code login} table.
@@ -24,10 +27,18 @@ public FafUserDetailsService(UserRepository userRepository) {
 
   @Override
   public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
-    User user = userRepository.findOneByLoginIgnoreCase(username); 
+    User user = userRepository.findOneByLoginIgnoreCase(username);
     if (user == null) {
       throw new UsernameNotFoundException("User could not be found: " + username);
     }
-    return new FafUserDetails(user);
+
+    ArrayList<GrantedAuthority> authorities = new ArrayList<>();
+    authorities.add(LegacyAccessLevel.ROLE_USER);
+
+    if (user.getLobbyGroup() != null) {
+      authorities.add(LegacyAccessLevel.fromCode(user.getLobbyGroup().getAccessLevel()));
+    }
+
+    return new FafUserDetails(user, authorities);
   }
-} 
+}