PonyMirrors/philomena
1
0
Fork 0
mirror of https://github.com/philomena-dev/philomena.git synced 2025-02-25 14:34:33 +01:00
Code Issues Projects Releases Packages Wiki Activity

more constraint validation, allow anonymous users to edit settings

Browse source
This commit is contained in:
byte[] 2019-12-21 14:56:54 -05:00
parent 0dab6a76e5
commit 4332ca76c5
3 changed files with 20 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
lib/philomena/users/user.ex
View file

@ -152,7 +152,7 @@ defmodule Philomena.Users.User do
|> pow_extension_changeset(attrs) |> pow_extension_changeset(attrs)
|> cast(attrs, []) |> cast(attrs, [])
|> validate_required([]) |> validate_required([])
|> unique_constraint(:email, name: :index_users_on_email) |> unique_constraints()
end end
def update_changeset(user, attrs, roles) do def update_changeset(user, attrs, roles) do
@ -162,6 +162,7 @@ defmodule Philomena.Users.User do
|> validate_inclusion(:role, ["user", "assistant", "moderator", "admin"]) |> validate_inclusion(:role, ["user", "assistant", "moderator", "admin"])
|> put_assoc(:roles, roles) |> put_assoc(:roles, roles)
|> put_slug() |> put_slug()
|> unique_constraints()
end end
def creation_changeset(user, attrs) do def creation_changeset(user, attrs) do
@ -172,11 +173,7 @@ defmodule Philomena.Users.User do
|> validate_required([:name]) |> validate_required([:name])
|> put_api_key() |> put_api_key()
|> put_slug() |> put_slug()
|> unique_constraint(:name, name: :index_users_on_name) |> unique_constraints()
|> unique_constraint(:slug, name: :index_users_on_slug)
|> unique_constraint(:email, name: :index_users_on_email)
|> unique_constraint(:authentication_token, name: :index_users_on_authentication_token)
|> unique_constraint(:name, name: :temp_unique_index_users_on_name)
end end
def filter_changeset(user, filter) do def filter_changeset(user, filter) do
@ -375,6 +372,15 @@ defmodule Philomena.Users.User do
}) })
end end
defp unique_constraints(changeset) do
changeset
|> unique_constraint(:name, name: :index_users_on_name)
|> unique_constraint(:slug, name: :index_users_on_slug)
|> unique_constraint(:email, name: :index_users_on_email)
|> unique_constraint(:authentication_token, name: :index_users_on_authentication_token)
|> unique_constraint(:name, name: :temp_unique_index_users_on_name)
end
defp extract_token(%{"user" => %{"twofactor_token" => t}}), defp extract_token(%{"user" => %{"twofactor_token" => t}}),
do: to_string(t) do: to_string(t)

10
lib/philomena_web/templates/setting/edit.html.slime
View file

@ -122,11 +122,11 @@ h1 Content Settings
=> label f, :chan_nsfw, "Show NSFW channels" => label f, :chan_nsfw, "Show NSFW channels"
=> checkbox f, :chan_nsfw => checkbox f, :chan_nsfw
.fieldlabel: i Show streams marked as NSFW on the channels page. .fieldlabel: i Show streams marked as NSFW on the channels page.
= if @conn.assigns.current_user.role != "user" do = if staff?(@conn.assigns.current_user) do
.field .field
=> label f, :hide_staff_tools => label f, :hide_staff_tools
=> checkbox f, :hide_staff_tools, class: "checkbox" => checkbox f, :hide_staff_tools, class: "checkbox"
.fieldlabel: i Hide most of the staff tools (e.g. IPs, anon names) making your site appear as if you weren't staff, this is useful when browsing in public. .fieldlabel: i Hide most of the staff tools (e.g. IPs, anon names) making your site appear as if you weren't staff, this is useful when browsing in public.
= if !@conn.assigns.current_user do = if !@conn.assigns.current_user do
.block__tab.hidden data-tab="join-the-herd" .block__tab.hidden data-tab="join-the-herd"

3
lib/philomena_web/views/setting_view.ex
View file

@ -15,4 +15,7 @@ defmodule PhilomenaWeb.SettingView do
_user -> "hidden" _user -> "hidden"
end end
end end
def staff?(%{role: role}), do: role != "user"
def staff?(_), do: false
end end