From 2d603a1467eca50263a0ad2eea427e59da88d263 Mon Sep 17 00:00:00 2001
From: Philipp Dormann <philipp.dormann1@gmail.com>
Date: Wed, 9 Dec 2020 18:45:39 +0100
Subject: [PATCH 1/2] resolve groups + permissions

ref #12
---
 src/models/actions/CreateAuth.ts  | 2 +-
 src/models/actions/RefreshAuth.ts | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/models/actions/CreateAuth.ts b/src/models/actions/CreateAuth.ts
index 2832e19..d36c17f 100644
--- a/src/models/actions/CreateAuth.ts
+++ b/src/models/actions/CreateAuth.ts
@@ -28,7 +28,7 @@ export class CreateAuth {
         if (!this.password) {
             throw new PasswordNeededError()
         }
-        const found_users = await getConnectionManager().get().getRepository(User).find({ where: [{ username: this.username }, { email: this.email }] });
+        const found_users = await getConnectionManager().get().getRepository(User).find({ relations: ['groups', 'permissions'], where: [{ username: this.username }, { email: this.email }] });
         if (found_users.length === 0) {
             throw new UserNotFoundError()
         } else {
diff --git a/src/models/actions/RefreshAuth.ts b/src/models/actions/RefreshAuth.ts
index 55c124f..77a2728 100644
--- a/src/models/actions/RefreshAuth.ts
+++ b/src/models/actions/RefreshAuth.ts
@@ -21,7 +21,7 @@ export class RefreshAuth {
         } catch (error) {
             throw new IllegalJWTError()
         }
-        const found_user = await getConnectionManager().get().getRepository(User).findOne({ id: decoded["userid"] });
+        const found_user = await getConnectionManager().get().getRepository(User).findOne({ id: decoded["userid"] }, { relations: ['groups', 'permissions'] });
         if (!found_user) {
             throw new UserNotFoundError()
         }

From 02236caa413c3a374c62a30d9cfe0e77e1cb4c91 Mon Sep 17 00:00:00 2001
From: Philipp Dormann <philipp.dormann1@gmail.com>
Date: Wed, 9 Dec 2020 18:46:09 +0100
Subject: [PATCH 2/2] send empty array for user permissions if null

ref #12
---
 src/models/actions/CreateAuth.ts  | 1 +
 src/models/actions/RefreshAuth.ts | 1 +
 2 files changed, 2 insertions(+)

diff --git a/src/models/actions/CreateAuth.ts b/src/models/actions/CreateAuth.ts
index d36c17f..b31bee6 100644
--- a/src/models/actions/CreateAuth.ts
+++ b/src/models/actions/CreateAuth.ts
@@ -35,6 +35,7 @@ export class CreateAuth {
             const found_user = found_users[0]
             if (await argon2.verify(found_user.password, this.password + found_user.uuid)) {
                 const timestamp_accesstoken_expiry = Math.floor(Date.now() / 1000) + 5 * 60
+                found_user.permissions = found_user.permissions || []
                 delete found_user.password;
                 newAuth.access_token = jsonwebtoken.sign({
                     userdetails: found_user,
diff --git a/src/models/actions/RefreshAuth.ts b/src/models/actions/RefreshAuth.ts
index 77a2728..dacca59 100644
--- a/src/models/actions/RefreshAuth.ts
+++ b/src/models/actions/RefreshAuth.ts
@@ -28,6 +28,7 @@ export class RefreshAuth {
         if (found_user.refreshTokenCount !== decoded["refreshtokencount"]) {
             throw new RefreshTokenCountInvalidError()
         }
+        found_user.permissions = found_user.permissions || []
         delete found_user.password;
         const timestamp_accesstoken_expiry = Math.floor(Date.now() / 1000) + 5 * 60
         delete found_user.password;