1 files changed, 46 insertions, 0 deletions

diff --git a/include/odhtdb/Permission.hpp b/include/odhtdb/Permission.hpp
new file mode 100644
index 0000000..1ae2642
--- /dev/null
+++ b/include/odhtdb/Permission.hpp
@@ -0,0 +1,46 @@
+#pragma once
+
+#include "types.hpp"
+#include <initializer_list>
+#include <stdexcept>
+
+namespace odhtdb
+{
+    class PermissionDeniedException : public std::runtime_error
+    {
+    public:
+        PermissionDeniedException(const std::string &errMsg) : std::runtime_error(errMsg) {}
+    };
+    
+    enum class PermissionType : u32
+    {
+        ADD_DATA = (1 << 0),
+        ADD_USER_SAME_LEVEL = (1 << 1),
+        ADD_USER_LOWER_LEVEL = (1 << 2),
+        ADD_GROUP = (1 << 3),
+        REMOVE_GROUP = (1 << 4)
+    };
+    
+    const PermissionType ALL_PERMISSION_TYPES = (PermissionType)0xFFFFFFFF;
+    
+    const u8 PERMISSION_LEVEL_ADMIN = 0;
+    const u8 PERMISSION_LEVEL_MODERATOR = 1;
+    const u8 PERMISSION_LEVEL_REGULAR_USER = 2;
+    
+    class Permission
+    {
+    public:
+        // @permissionLevel is hierarchical access right. A group can only modify a group that has higher @permissionLevel value
+        Permission(u8 permissionLevel, std::initializer_list<PermissionType> permissions);
+        
+        u8 getPermissionLevel() const { return permissionLevel; }
+        u32 getPermissionFlags() const { return permissionFlags; }
+        bool getFlag(PermissionType permissionType) const;
+    private:
+        u8 permissionLevel;
+        u32 permissionFlags;
+    };
+    
+    static const Permission ADMIN_PERMISSION(PERMISSION_LEVEL_ADMIN, { ALL_PERMISSION_TYPES });
+    static const Permission REGULAR_USER_PERMISSION(PERMISSION_LEVEL_REGULAR_USER, { PermissionType::ADD_DATA });
+}