Permission architecture implemented

backend/classes/core/AbstractController.php

@@ -7,6 +7,7 @@ abstract class AbstractController
     protected string $route;
     protected ApiResponse $response;
 
+    protected Session $session;
     protected string $requestUrl;
     protected ?string $requestBody = null;
     protected ?string $contentType = null;
@@ -16,6 +17,7 @@ abstract class AbstractController
     {
         $this->requestUrl = $url;
         $this->response = new ApiResponse();
+        $this->session = new Session();
     }
 
     public function setRequestBody(string $contentType, string $content): void
@@ -56,6 +58,35 @@ abstract class AbstractController
         return $param !== null ? (int)$param : null;
     }
 
+    public function isUserLoggedIn(): bool
+	{
+		if (!$this->session->IsLoggedIn()) {
+			$this->response = new ApiJsonResponse(ServerStatus::UNAUTHORIZED);
+
+			$this->response->setParameter('success', false);
+			$this->response->setMessage('You are not logged in!');
+
+			return false;
+		}
+
+		return true;
+	}
+
+    public function hasUserPermission(int $userId): bool
+	{
+		$this->response = new ApiJsonResponse();
+
+		$hasPermission = $this->session->isAdmin() || $this->session->getUserId() === $userId;
+
+		if (!$hasPermission) {
+			$this->response->setParameter('success', false);
+			$this->response->setMessage('You don\'t have the permission to do that!');
+			$this->response->setStatus(ServerStatus::UNAUTHORIZED);
+		}
+
+		return $hasPermission;
+	}
+
     protected function validateJsonBody(): bool
     {
         if (count($this->mandatoryAttributes) === 0) {

backend/classes/core/Session.php

@@ -11,7 +11,7 @@ final class Session
     private const IS_LOGGED_IN = 'is_logged_in';
     private const USER_ID = 'account_id';
     private const USERNAME = 'username';
-	private const PERMISSION = 'permission';
+	private const IS_ADMIN = 'admin';
     private const EMAIL = 'email';
     private const JABBER_ADDRESS = 'jabber';
 
@@ -46,6 +46,7 @@ final class Session
 		$this->SetString(self::USERNAME, $user->getUsername());
         $this->SetString(self::EMAIL, $user->getEmail());
         $this->SetString(self::JABBER_ADDRESS, $user->getJabberAddress());
+        $this->SetBool(self::IS_ADMIN, $user->isAdmin());
 
         return true;
     }
@@ -95,9 +96,9 @@ final class Session
 		return $this->GetInt(self::USER_ID);
 	}
 
-	public function GetPermission(): ?int
+	public function isAdmin(): bool
 	{
-		return $this->GetInt(self::PERMISSION);
+		return $this->GetBool(self::IS_ADMIN);
 	}
 
     public static function HasSession(): bool

backend/classes/database/User.php

@@ -9,8 +9,9 @@ final class User extends MySqlTable implements JsonSerializable
     public const FIELD_PASSWORD = 'Password';
     public const FIELD_EMAIL = 'Email';
     public const FIELD_JABBER_ADDRESS = 'JabberAddress';
+	public const FIELD_ADMIN = 'IsAdmin';
 
-    public function __construct($id = null, DatabaseInterface &$database = null)
+	public function __construct($id = null, DatabaseInterface &$database = null)
     {
         parent::__construct(self::class, $id, $database);
     }
@@ -44,6 +45,11 @@ final class User extends MySqlTable implements JsonSerializable
         return $this->getField(self::FIELD_JABBER_ADDRESS);
     }
 
+    public function isAdmin(): bool
+	{
+		return $this->getField(self::FIELD_ADMIN);
+	}
+
     public function setUsername(string $username): void
     {
         $this->setField(self::FIELD_USERNAME, $username);
@@ -64,6 +70,11 @@ final class User extends MySqlTable implements JsonSerializable
         $this->setField(self::FIELD_JABBER_ADDRESS, $jabberAddress);
     }
 
+    public function setAdmin(bool $isAdmin): void
+	{
+		$this->setField(self::FIELD_ADMIN, $isAdmin);
+	}
+
     public static function getFromUsername(string $username, DatabaseInterface &$database = null): self
     {
         $databaseGiven = true;