Improved loadDefaultACL

Core/API/Request.class.php

@@ -3,6 +3,7 @@
 namespace Core\API;
 
 use Core\Driver\Logger\Logger;
+use Core\Driver\SQL\Query\Insert;
 use Core\Objects\Context;
 use Core\Objects\DatabaseEntity\TwoFactorToken;
 use Core\Objects\RateLimiting;
@@ -134,6 +135,7 @@ abstract class Request {
   protected abstract function _execute(): bool;
 
   public static abstract function getDescription(): string;
+
   public static function getDefaultPermittedGroups(): array {
     return [];
   }
@@ -629,4 +631,14 @@ abstract class Request {
       return "the next $count {$string}s";
     }
   }
+
+  public static function loadDefaultACL(Insert $query): void {
+    if (static::hasConfigurablePermissions()) {
+      $method = static::getEndpoint();
+      $groups = static::getDefaultPermittedGroups();
+      $description = static::getDescription();
+      $isCore = startsWith(get_class(), "Core\\API\\");
+      $query->addRow($method, $groups, $description, $isCore);
+    }
+  }
 }

Core/Configuration/CreateDatabase.class.php

@@ -161,18 +161,23 @@ class CreateDatabase {
     self::createEntityQueries($sql, $classes, $queries);
   }
 
-  public static function loadDefaultACL(SQL $sql, array &$queries): void {
+  public static function loadDefaultACL(SQL $sql, array &$queries, ?array $classes = NULL): void {
     $query = $sql->insert("ApiPermission", ["method", "groups", "description", "is_core"]);
 
-    foreach (Request::getApiEndpoints() as $reflectionClass) {
-      $className = $reflectionClass->getName();
-      if (("$className::hasConfigurablePermissions")()) {
-        $method = ("$className::getEndpoint")();
-        $groups = ("$className::getDefaultPermittedGroups")();
-        $description = ("$className::getDescription")();
-        $isCore = startsWith($className, "Core\\API\\");
-        $query->addRow($method, $groups, $description, $isCore);
+    if ($classes === NULL) {
+      $classes = Request::getApiEndpoints();
+    }
+
+    foreach ($classes as $class) {
+      if ($class instanceof \ReflectionClass) {
+        $className = $class->getName();
+      } else if (!is_string($class)) {
+        throw new \Exception("Cannot call loadDefaultACL() for type: " . get_class($class));
+      } else {
+        $className = $class;
       }
+
+      ("$className::loadDefaultACL")($query);
     }
 
     if ($query->hasRows()) {

Core/Configuration/Patch/2024-12-27_Session-last-online.php

@@ -1,5 +1,6 @@
 <?php
 
+use Core\Configuration\CreateDatabase;
 use Core\Driver\SQL\Column\DateTimeColumn;
 use Core\Driver\SQL\Expression\CurrentTimeStamp;
 use Core\Objects\DatabaseEntity\Session;
@@ -7,3 +8,8 @@ use Core\Objects\DatabaseEntity\Session;
 $handler = Session::getHandler($sql);
 $queries[] = $sql->alterTable($handler->getTableName())
 ->add(new DateTimeColumn($handler->getColumnName("lastOnline"), false, new CurrentTimeStamp()));
+
+CreateDatabase::loadDefaultACL($sql, $queries, [
+  \Core\API\User\GetSessions::class,
+  \Core\API\User\DestroySession::class
+]);