Example #1
0
void RBACData::CalculateNewPermissions()
{
    TC_LOG_TRACE(LOG_FILTER_RBAC, "RBACData::LoadFromDB [Id: %u Name: %s]: Calculating global permissions", GetId(), GetName().c_str());
    // Get the list of directly granted roles
    RBACRoleContainer tempGrantedRoles = GetGrantedRoles();

    // Add those roles inherited from groups
    for (RBACGroupContainer::const_iterator itGroup = _groups.begin(); itGroup != _groups.end(); ++itGroup)
    {
        RBACGroup const* group = sAccountMgr->GetRBACGroup(*itGroup);
        if (!group) // Should never happen due to foreign keys in DB
            continue;

        RBACRoleContainer const& roles = group->GetRoles();
        for (RBACRoleContainer::const_iterator it = roles.begin(); it != roles.end(); ++it)
            tempGrantedRoles.insert(*it);
    }

    // Get the list of granted permissions
    _globalPerms = GetGrantedPermissions();

    // Add those permissions inherited from roles granted
    for (RBACRoleContainer::const_iterator it = tempGrantedRoles.begin(); it != tempGrantedRoles.end(); ++it)
        if (RBACRole const* role = sAccountMgr->GetRBACRole(*it))
            _globalPerms |= role->GetPermissions();

    // Remove denied permissions from the list
    _globalPerms &= ~GetDeniedPermissions();

    // Remove those permissions inherited from denied roles
    for (RBACRoleContainer::const_iterator it = _deniedRoles.begin(); it != _deniedRoles.end(); ++it)
        if (RBACRole const* role = sAccountMgr->GetRBACRole(*it))
            _globalPerms &= ~role->GetPermissions();
}
Example #2
0
File: RBAC.cpp Project: GetPlay/TC
void RBACData::CalculateNewPermissions()
{
    TC_LOG_TRACE("rbac", "RBACData::CalculateNewPermissions [Id: %u Name: %s]", GetId(), GetName().c_str());

    // Get the list of granted permissions
    _globalPerms = GetGrantedPermissions();
    ExpandPermissions(_globalPerms);
    RBACPermissionContainer revoked = GetDeniedPermissions();
    ExpandPermissions(revoked);
    RemovePermissions(_globalPerms, revoked);
}