From d843c3560bfa9ffb686423af339b6482f3320a7d Mon Sep 17 00:00:00 2001
From: JoaoBastos023 <joaop.bastos@ua.pt>
Date: Tue, 17 Dec 2024 10:29:06 +0000
Subject: [PATCH] ACL

---
 delivery2/client/bin/rep_acl_doc | 47 ++++++++++++++++++++++++++++----
 1 file changed, 41 insertions(+), 6 deletions(-)

diff --git a/delivery2/client/bin/rep_acl_doc b/delivery2/client/bin/rep_acl_doc
index 5e28a31..b602ca3 100644
--- a/delivery2/client/bin/rep_acl_doc
+++ b/delivery2/client/bin/rep_acl_doc
@@ -8,6 +8,8 @@ import argparse
 
 from subject import main
 
+from lib import digest
+
 logging.basicConfig(format='%(levelname)s\t- %(message)s')
 logger = logging.getLogger()
 logger.setLevel(logging.INFO)
@@ -16,7 +18,7 @@ state = main(sys.argv)
 
 BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/')
 
-#session file - role - permission
+#session file - document name - +/- -  role - permission
 def aclDoc(args):
     parser = argparse.ArgumentParser()
 
@@ -37,9 +39,6 @@ def aclDoc(args):
         logger.error("Need session file, document name, +/- , role and permission.")
         sys.exit(1)
 
-    #Validate role name
-    #TODO
-    
     # Check for session file
     if (not os.path.isfile(BASE_DIR + args.session)):
         logger.error("File '" + args.session + "' not found.")
@@ -49,13 +48,49 @@ def aclDoc(args):
     with open(BASE_DIR + args.session, 'r') as f:
         args.session = json.load(f)
 
-    # TODO:
+    # Get roles in session
     try:
-        req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']})
+        req = requests.get(f'http://{state['REP_ADDRESS']}/role/session/list', headers={'Authorization': args.session['token']})
         req.raise_for_status()
     except requests.exceptions.RequestException as errex:
         logger.error("Failed to obtain response from server.")
         sys.exit(-1)
 
+    # Validate role name
+    roles = req.json()
+    if args.role not in roles.items():
+        logger.error("Role does not exist.")
+        sys.exit(1)
+
+    # Check permission
+    if args.permission not in ['ROLE_ACL', 'SUBJECT_NEW', 'SUBJECT_DOWN', 'SUBJECT_UP', 'DOC_NEW']:
+        logger.error("Permission is not valid.")
+        sys.exit(1)
+
+    # Check change operation
+    if args.change == '+':
+        change = 'add'
+    elif args.change == '-':
+        change = 'remove'
+    else:
+        logger.error("Invalid change operation (+ or -).")
+        sys.exit(1)
+
+    document_handle = digest.get_hash(bytes(args.name, encoding='utf-8'))
+
+    payload = {'document_handle' : document_handle, 'role' : args.role, 'perm' : args.permission, 'operation' : change}
+
+    try:
+        req = requests.post(f'http://{state['REP_ADDRESS']}/file/acl', 
+                            json=json.dumps(payload),
+                            headers={'Authorization': args.session['token']})
+        req.raise_for_status()
+    except requests.exceptions.RequestException as errex:
+        logger.error("Failed to obtain response from server.")
+        sys.exit(-1)
+
+    # Operation success
+    logger.info("ACL changed succesfully.")
+
 if __name__ == '__main__':
     aclDoc(sys.argv[1:])
\ No newline at end of file