more constraint validation, allow anonymous users to edit settings

2024-11-27 13:47:58 +01:00 · 2019-12-21 14:56:54 -05:00 · 2019-12-21 14:56:54 -05:00 · 4332ca76c5
commit 4332ca76c5
parent 0dab6a76e5
3 changed files with 20 additions and 11 deletions
--- a/lib/philomena/users/user.ex
+++ b/lib/philomena/users/user.ex
@ -152,7 +152,7 @@ defmodule Philomena.Users.User do
    |> pow_extension_changeset(attrs)
    |> cast(attrs, [])
    |> validate_required([])
-    |> unique_constraint(:email, name: :index_users_on_email)
+    |> unique_constraints()
  end

  def update_changeset(user, attrs, roles) do
@ -162,6 +162,7 @@ defmodule Philomena.Users.User do
    |> validate_inclusion(:role, ["user", "assistant", "moderator", "admin"])
    |> put_assoc(:roles, roles)
    |> put_slug()
+    |> unique_constraints()
  end

  def creation_changeset(user, attrs) do
@ -172,11 +173,7 @@ defmodule Philomena.Users.User do
    |> validate_required([:name])
    |> put_api_key()
    |> put_slug()
-    |> unique_constraint(:name, name: :index_users_on_name)
-    |> unique_constraint(:slug, name: :index_users_on_slug)
-    |> unique_constraint(:email, name: :index_users_on_email)
-    |> unique_constraint(:authentication_token, name: :index_users_on_authentication_token)
-    |> unique_constraint(:name, name: :temp_unique_index_users_on_name)
+    |> unique_constraints()
  end

  def filter_changeset(user, filter) do
@ -375,6 +372,15 @@ defmodule Philomena.Users.User do
    })
  end

+  defp unique_constraints(changeset) do
+    changeset
+    |> unique_constraint(:name, name: :index_users_on_name)
+    |> unique_constraint(:slug, name: :index_users_on_slug)
+    |> unique_constraint(:email, name: :index_users_on_email)
+    |> unique_constraint(:authentication_token, name: :index_users_on_authentication_token)
+    |> unique_constraint(:name, name: :temp_unique_index_users_on_name)
+  end
+
  defp extract_token(%{"user" => %{"twofactor_token" => t}}),
    do: to_string(t)

--- a/lib/philomena_web/templates/setting/edit.html.slime
+++ b/lib/philomena_web/templates/setting/edit.html.slime
@ -122,11 +122,11 @@ h1 Content Settings
        => label f, :chan_nsfw, "Show NSFW channels"
        => checkbox f, :chan_nsfw
        .fieldlabel: i Show streams marked as NSFW on the channels page.
-      = if @conn.assigns.current_user.role != "user" do
-      .field
-        => label f, :hide_staff_tools
-        => checkbox f, :hide_staff_tools, class: "checkbox"
-        .fieldlabel: i Hide most of the staff tools (e.g. IPs, anon names) making your site appear as if you weren't staff, this is useful when browsing in public.
+      = if staff?(@conn.assigns.current_user) do
+        .field
+          => label f, :hide_staff_tools
+          => checkbox f, :hide_staff_tools, class: "checkbox"
+          .fieldlabel: i Hide most of the staff tools (e.g. IPs, anon names) making your site appear as if you weren't staff, this is useful when browsing in public.

    = if !@conn.assigns.current_user do
      .block__tab.hidden data-tab="join-the-herd"
--- a/lib/philomena_web/views/setting_view.ex
+++ b/lib/philomena_web/views/setting_view.ex
@ -15,4 +15,7 @@ defmodule PhilomenaWeb.SettingView do
      _user -> "hidden"
    end
  end
+
+  def staff?(%{role: role}), do: role != "user"
+  def staff?(_), do: false
 end