From 903b20b32fad47f1a5d87014e8e8e7bc1fbeb531 Mon Sep 17 00:00:00 2001
From: rubikscraft <contact@rubikscraft.nl>
Date: Sat, 12 Mar 2022 15:24:08 +0100
Subject: [PATCH] modify demo mode

---
 .../src/managers/auth/guards/main.guard.ts    | 13 +++++++------
 .../src/managers/demo/demomanager.module.ts   | 19 ++++++++++++-------
 .../src/managers/demo/demomanager.service.ts  | 19 +++++++++++++++----
 3 files changed, 34 insertions(+), 17 deletions(-)

diff --git a/backend/src/managers/auth/guards/main.guard.ts b/backend/src/managers/auth/guards/main.guard.ts
index 1db211f..6b07107 100644
--- a/backend/src/managers/auth/guards/main.guard.ts
+++ b/backend/src/managers/auth/guards/main.guard.ts
@@ -1,5 +1,6 @@
 import {
   ExecutionContext,
+  ForbiddenException,
   Injectable,
   InternalServerErrorException,
   Logger
@@ -32,7 +33,7 @@ export class MainAuthGuard extends AuthGuard(['jwt', 'guest']) {
     const result = await super.canActivate(context);
     if (result !== true) {
       this.logger.error('Main Auth has denied access, this should not happen');
-      return false;
+      throw new InternalServerErrorException();
     }
 
     const user = await this.validateUser(
@@ -42,18 +43,18 @@ export class MainAuthGuard extends AuthGuard(['jwt', 'guest']) {
     const permissions = this.extractPermissions(context);
     if (HasFailed(permissions)) {
       this.logger.warn(permissions.getReason());
-      return false;
+      throw new InternalServerErrorException();
     }
 
     const userPermissions = await this.usersService.getPermissions(user);
     if (HasFailed(userPermissions)) {
       this.logger.warn(userPermissions.getReason());
-      return false;
+      throw new InternalServerErrorException();
     }
 
-    return permissions.every((permission) =>
-      userPermissions.includes(permission),
-    );
+    if (permissions.every((permission) => userPermissions.includes(permission)))
+      return true;
+    else throw new ForbiddenException('Permission denied');
   }
 
   private extractPermissions(context: ExecutionContext): Failable<Permissions> {
diff --git a/backend/src/managers/demo/demomanager.module.ts b/backend/src/managers/demo/demomanager.module.ts
index 2737880..cdb3a18 100644
--- a/backend/src/managers/demo/demomanager.module.ts
+++ b/backend/src/managers/demo/demomanager.module.ts
@@ -1,11 +1,12 @@
 import { Logger, Module, OnModuleDestroy, OnModuleInit } from '@nestjs/common';
 import { ImageDBModule } from '../../collections/imagedb/imagedb.module';
+import { RolesModule } from '../../collections/roledb/roledb.module';
 import { PicsurConfigModule } from '../../config/config.module';
 import { HostConfigService } from '../../config/host.config.service';
 import { DemoManagerService } from './demomanager.service';
 
 @Module({
-  imports: [ImageDBModule, PicsurConfigModule],
+  imports: [ImageDBModule, PicsurConfigModule, RolesModule],
   providers: [DemoManagerService],
 })
 export class DemoManagerModule implements OnModuleInit, OnModuleDestroy {
@@ -18,14 +19,18 @@ export class DemoManagerModule implements OnModuleInit, OnModuleDestroy {
 
   private interval: NodeJS.Timeout;
 
-  onModuleInit() {
+  private async setupDemoMode() {
+    this.demoManagerService.setupRoles();
+    this.interval = setInterval(
+      this.demoManagerService.execute.bind(this.demoManagerService),
+      this.hostConfigService.getDemoInterval(),
+    );
+  }
+
+  async onModuleInit() {
     if (this.hostConfigService.isDemo()) {
       this.logger.log('Demo mode enabled');
-
-      this.interval = setInterval(
-        this.demoManagerService.execute.bind(this.demoManagerService),
-        this.hostConfigService.getDemoInterval(),
-      );
+      await this.setupDemoMode();
     }
   }
 
diff --git a/backend/src/managers/demo/demomanager.service.ts b/backend/src/managers/demo/demomanager.service.ts
index d589cab..afa5647 100644
--- a/backend/src/managers/demo/demomanager.service.ts
+++ b/backend/src/managers/demo/demomanager.service.ts
@@ -1,18 +1,29 @@
 import { Injectable, Logger } from '@nestjs/common';
 import { ImageDBService } from '../../collections/imagedb/imagedb.service';
+import { RolesService } from '../../collections/roledb/roledb.service';
 
 @Injectable()
 export class DemoManagerService {
   private readonly logger = new Logger('DemoManagerService');
 
-  constructor(private readonly imagesService: ImageDBService) {}
+  constructor(
+    private readonly imagesService: ImageDBService,
+    private rolesService: RolesService,
+  ) {}
 
-  private async executeAsync() {
-    this.logger.log('Executing demo cleanup');
-    await this.imagesService.deleteAll();
+  public async setupRoles() {
+    this.logger.warn(
+      'Modifying roles for demo mode, this will not be reverted automatically',
+    );
+    this.rolesService.addPermissions('guest', ['image-upload']);
   }
 
   public execute() {
     this.executeAsync().catch(this.logger.error);
   }
+
+  private async executeAsync() {
+    this.logger.log('Executing demo cleanup');
+    await this.imagesService.deleteAll();
+  }
 }