From 6237e62a03a6d35beed78c4283b82c26d0753ce9 Mon Sep 17 00:00:00 2001
From: Nicolai Ort <info@nicolai-ort.com>
Date: Fri, 18 Dec 2020 17:15:44 +0100
Subject: [PATCH] Reimplmented the old permission checking system

ref #6
---
 src/authchecker.ts | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/authchecker.ts b/src/authchecker.ts
index 2075076..344e0c1 100644
--- a/src/authchecker.ts
+++ b/src/authchecker.ts
@@ -26,7 +26,16 @@ const authchecker = async (action: Action, permissions: string[] | string) => {
 
     action.response.local = {}
     action.response.local.jwtPayload = jwtPayload.permissions
-    //TODO: Check Permissions
+    required_permissions.forEach(r => {
+        const permission_key = r.split(":")[0]
+        const actual_accesslevel_for_permission = jwtPayload.permissions[permission_key]
+        const permission_access_level = r.split(":")[1]
+        if (actual_accesslevel_for_permission.includes(permission_access_level)) {
+            return true;
+        } else {
+            throw new NoPermissionError()
+        }
+    });
     try {
         jwt.verify(provided_token, config.jwt_secret);
         return true