mirror of
https://github.com/philomena-dev/philomena.git
synced 2024-12-17 22:47:59 +01:00
do more permissions
This commit is contained in:
parent
3bf4372f0f
commit
85f70f88af
4 changed files with 100 additions and 58 deletions
|
@ -1,6 +1,8 @@
|
||||||
defimpl Canada.Can, for: [Atom, Philomena.Users.User] do
|
defimpl Canada.Can, for: [Atom, Philomena.Users.User] do
|
||||||
alias Philomena.Users.User
|
alias Philomena.Users.User
|
||||||
|
alias Philomena.Roles.Role
|
||||||
alias Philomena.Badges.Award
|
alias Philomena.Badges.Award
|
||||||
|
alias Philomena.Badges.Badge
|
||||||
alias Philomena.Channels.Channel
|
alias Philomena.Channels.Channel
|
||||||
alias Philomena.Comments.Comment
|
alias Philomena.Comments.Comment
|
||||||
alias Philomena.Commissions.Commission
|
alias Philomena.Commissions.Commission
|
||||||
|
@ -19,6 +21,8 @@ defimpl Canada.Can, for: [Atom, Philomena.Users.User] do
|
||||||
alias Philomena.Tags.Tag
|
alias Philomena.Tags.Tag
|
||||||
alias Philomena.Reports.Report
|
alias Philomena.Reports.Report
|
||||||
alias Philomena.StaticPages.StaticPage
|
alias Philomena.StaticPages.StaticPage
|
||||||
|
alias Philomena.Adverts.Advert
|
||||||
|
alias Philomena.SiteNotices.SiteNotice
|
||||||
|
|
||||||
alias Philomena.Bans.User, as: UserBan
|
alias Philomena.Bans.User, as: UserBan
|
||||||
alias Philomena.Bans.Subnet, as: SubnetBan
|
alias Philomena.Bans.Subnet, as: SubnetBan
|
||||||
|
@ -31,8 +35,9 @@ defimpl Canada.Can, for: [Atom, Philomena.Users.User] do
|
||||||
# Moderators can...
|
# Moderators can...
|
||||||
#
|
#
|
||||||
|
|
||||||
# Show details of profiles
|
# Show details of profiles and view user list
|
||||||
def can?(%User{role: "moderator"}, :show_details, %User{}), do: true
|
def can?(%User{role: "moderator"}, :show_details, %User{}), do: true
|
||||||
|
def can?(%User{role: "moderator"}, :index, User), do: true
|
||||||
|
|
||||||
# View filters
|
# View filters
|
||||||
def can?(%User{role: "moderator"}, :show, %Filter{}), do: true
|
def can?(%User{role: "moderator"}, :show, %Filter{}), do: true
|
||||||
|
@ -69,6 +74,7 @@ defimpl Canada.Can, for: [Atom, Philomena.Users.User] do
|
||||||
def can?(%User{role: "moderator"}, :edit_links, %User{}), do: true
|
def can?(%User{role: "moderator"}, :edit_links, %User{}), do: true
|
||||||
def can?(%User{role: "moderator"}, :edit, %UserLink{}), do: true
|
def can?(%User{role: "moderator"}, :edit, %UserLink{}), do: true
|
||||||
def can?(%User{role: "moderator"}, :index, UserLink), do: true
|
def can?(%User{role: "moderator"}, :index, UserLink), do: true
|
||||||
|
def can?(%User{role: "moderator"}, :show, %UserLink{}), do: true
|
||||||
|
|
||||||
# Reveal anon users
|
# Reveal anon users
|
||||||
def can?(%User{role: "moderator"}, :reveal_anon, _object), do: true
|
def can?(%User{role: "moderator"}, :reveal_anon, _object), do: true
|
||||||
|
@ -95,9 +101,8 @@ defimpl Canada.Can, for: [Atom, Philomena.Users.User] do
|
||||||
def can?(%User{role: "moderator"}, :show, %Topic{}), do: true
|
def can?(%User{role: "moderator"}, :show, %Topic{}), do: true
|
||||||
def can?(%User{role: "moderator"}, :hide, %Topic{}), do: true
|
def can?(%User{role: "moderator"}, :hide, %Topic{}), do: true
|
||||||
|
|
||||||
# Edit and alias tags
|
# Edit tags
|
||||||
def can?(%User{role: "moderator"}, :edit, %Tag{}), do: true
|
def can?(%User{role: "moderator"}, :edit, %Tag{}), do: true
|
||||||
def can?(%User{role: "moderator"}, :alias, %Tag{}), do: true
|
|
||||||
|
|
||||||
# Award badges
|
# Award badges
|
||||||
def can?(%User{role: "moderator"}, :create, %Award{}), do: true
|
def can?(%User{role: "moderator"}, :create, %Award{}), do: true
|
||||||
|
@ -105,6 +110,37 @@ defimpl Canada.Can, for: [Atom, Philomena.Users.User] do
|
||||||
# Create mod notes
|
# Create mod notes
|
||||||
def can?(%User{role: "moderator"}, :index, ModNote), do: true
|
def can?(%User{role: "moderator"}, :index, ModNote), do: true
|
||||||
|
|
||||||
|
# And some privileged moderators can...
|
||||||
|
|
||||||
|
# Manage site notices
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"SiteNotice" => "admin"}}, _action, SiteNotice), do: true
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"SiteNotice" => "admin"}}, _action, %SiteNotice{}), do: true
|
||||||
|
|
||||||
|
# Manage badges
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"Badge" => "admin"}}, _action, Award), do: true
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"Badge" => "admin"}}, _action, %Award{}), do: true
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"Badge" => "admin"}}, _action, Badge), do: true
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"Badge" => "admin"}}, _action, %Badge{}), do: true
|
||||||
|
|
||||||
|
# Manage tags
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"Tag" => "admin"}}, _action, Tag), do: true
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"Tag" => "admin"}}, _action, %Tag{}), do: true
|
||||||
|
|
||||||
|
# Manage user roles
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"Role" => "admin"}}, _action, %Role{}), do: true
|
||||||
|
|
||||||
|
# Manage users
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"User" => "moderator"}}, _action, User), do: true
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"User" => "moderator"}}, _action, %User{}), do: true
|
||||||
|
|
||||||
|
# Manage advertisements
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"Advert" => "admin"}}, _action, Advert), do: true
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"Advert" => "admin"}}, _action, %Advert{}), do: true
|
||||||
|
|
||||||
|
# Manage static pages
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"StaticPage" => "admin"}}, _action, StaticPage), do: true
|
||||||
|
def can?(%User{role: "moderator", role_map: %{"StaticPage" => "admin"}}, _action, %StaticPage{}), do: true
|
||||||
|
|
||||||
#
|
#
|
||||||
# Assistants can...
|
# Assistants can...
|
||||||
#
|
#
|
||||||
|
|
|
@ -72,53 +72,59 @@ a.label.label--primary.label--block href="#" data-click-toggle=".js-admin__optio
|
||||||
span.admin__button Potential Aliases
|
span.admin__button Potential Aliases
|
||||||
|
|
||||||
ul.profile-admin__options__column
|
ul.profile-admin__options__column
|
||||||
|
= if can?(@conn, :edit, @user) do
|
||||||
li
|
|
||||||
= link to: Routes.admin_user_path(@conn, :edit, @user) do
|
|
||||||
i.fas.fa-fw.fa-edit
|
|
||||||
span.admin__button Edit User
|
|
||||||
|
|
||||||
= if @user.deleted_at do
|
|
||||||
li
|
li
|
||||||
= link to: Routes.admin_user_activation_path(@conn, :create, @user), data: [confirm: "Are you really, really sure?", method: "post"] do
|
= link to: Routes.admin_user_path(@conn, :edit, @user) do
|
||||||
i.fa.fa-fw.fa-check
|
i.fas.fa-fw.fa-edit
|
||||||
span.admin__button Reactivate Account
|
span.admin__button Edit User
|
||||||
- else
|
|
||||||
|
= if @user.deleted_at do
|
||||||
|
li
|
||||||
|
= link to: Routes.admin_user_activation_path(@conn, :create, @user), data: [confirm: "Are you really, really sure?", method: "post"] do
|
||||||
|
i.fa.fa-fw.fa-check
|
||||||
|
span.admin__button Reactivate Account
|
||||||
|
- else
|
||||||
|
li
|
||||||
|
= link to: Routes.admin_user_activation_path(@conn, :delete, @user), data: [confirm: "Are you really, really sure?", method: "delete"] do
|
||||||
|
i.fa.fa-fw.fa-times
|
||||||
|
span.admin__button Deactivate Account
|
||||||
|
|
||||||
li
|
li
|
||||||
= link to: Routes.admin_user_activation_path(@conn, :delete, @user), data: [confirm: "Are you really, really sure?", method: "delete"] do
|
= link to: Routes.admin_user_wipe_path(@conn, :create, @user), data: [confirm: "This is irreversible, destroying all identifying information including email. Are you sure?", method: "post"] do
|
||||||
i.fa.fa-fw.fa-times
|
i.fas.fa-fw.fa-eraser
|
||||||
span.admin__button Deactivate Account
|
span.admin__button Wipe PII
|
||||||
li
|
|
||||||
= link to: Routes.admin_donation_user_path(@conn, :show, @user) do
|
|
||||||
i.fas.fa-fw.fa-dollar-sign
|
|
||||||
span.admin__button Donations
|
|
||||||
|
|
||||||
li
|
= if can?(@conn, :index, Philomena.Users.User) do
|
||||||
= link to: Routes.profile_user_link_path(@conn, :new, @user) do
|
li
|
||||||
i.fa.fa-fw.fa-link
|
= link to: Routes.admin_user_vote_path(@conn, :delete, @user), data: [confirm: "Are you really, really sure?", method: "delete"] do
|
||||||
span.admin__button Add User Link
|
i.far.fa-fw.fa-file-excel
|
||||||
|
span.admin__button Remove All Votes/Faves
|
||||||
|
|
||||||
li
|
li
|
||||||
= link to: Routes.admin_user_vote_path(@conn, :delete, @user), data: [confirm: "Are you really, really sure?", method: "delete"] do
|
= link to: Routes.admin_user_downvote_path(@conn, :delete, @user), data: [confirm: "Are you really, really sure?", method: "delete"] do
|
||||||
i.far.fa-fw.fa-file-excel
|
i.fa.fa-fw.fa-arrow-down
|
||||||
span.admin__button Remove All Votes/Faves
|
span.admin__button Remove All Downvotes
|
||||||
|
|
||||||
li
|
= if can?(@conn, :index, %Philomena.Donations.Donation{}) do
|
||||||
= link to: Routes.admin_user_downvote_path(@conn, :delete, @user), data: [confirm: "Are you really, really sure?", method: "delete"] do
|
li
|
||||||
i.fa.fa-fw.fa-arrow-down
|
= link to: Routes.admin_donation_user_path(@conn, :show, @user) do
|
||||||
span.admin__button Remove All Downvotes
|
i.fas.fa-fw.fa-dollar-sign
|
||||||
|
span.admin__button Donations
|
||||||
|
|
||||||
li
|
= if can?(@conn, :edit, %Philomena.UserLinks.UserLink{}) do
|
||||||
= link to: Routes.admin_user_ban_path(@conn, :new, username: @user.name) do
|
li
|
||||||
i.fa.fa-fw.fa-ban
|
= link to: Routes.profile_user_link_path(@conn, :new, @user) do
|
||||||
span.admin__button Ban this sucker
|
i.fa.fa-fw.fa-link
|
||||||
|
span.admin__button Add User Link
|
||||||
|
|
||||||
li
|
= if can?(@conn, :create, Philomena.Bans.User) do
|
||||||
= link to: Routes.admin_user_wipe_path(@conn, :create, @user), data: [confirm: "This is irreversible, destroying all identifying information including email. Are you sure?", method: "post"] do
|
li
|
||||||
i.fas.fa-fw.fa-eraser
|
= link to: Routes.admin_user_ban_path(@conn, :new, username: @user.name) do
|
||||||
span.admin__button Wipe PII
|
i.fa.fa-fw.fa-ban
|
||||||
|
span.admin__button Ban this sucker
|
||||||
|
|
||||||
li
|
= if can?(@conn, :index, Philomena.Users.User) do
|
||||||
= link to: Routes.admin_user_api_key_path(@conn, :delete, @user), data: [confirm: "Are you really, really sure?", method: "delete"] do
|
li
|
||||||
i.fas.fa-fw.fa-key
|
= link to: Routes.admin_user_api_key_path(@conn, :delete, @user), data: [confirm: "Are you really, really sure?", method: "delete"] do
|
||||||
span.admin__button Reset API key
|
i.fas.fa-fw.fa-key
|
||||||
|
span.admin__button Reset API key
|
||||||
|
|
|
@ -38,9 +38,9 @@
|
||||||
= if can_index_user?(@conn) do
|
= if can_index_user?(@conn) do
|
||||||
= render PhilomenaWeb.ProfileView, "_admin_block.html", assigns
|
= render PhilomenaWeb.ProfileView, "_admin_block.html", assigns
|
||||||
|
|
||||||
= if (current?(@user, @conn.assigns.current_user) or can?(@conn, :index, UserBan)) and Enum.any?(@bans) do
|
= if (current?(@user, @conn.assigns.current_user) or can?(@conn, :index, Philomena.Bans.User)) and Enum.any?(@bans) do
|
||||||
.block
|
.block
|
||||||
.block__header
|
.block__header--single-item
|
||||||
' Ban History
|
' Ban History
|
||||||
.block__content
|
.block__content
|
||||||
= render PhilomenaWeb.BanView, "_bans.html", bans: @bans, conn: @conn
|
= render PhilomenaWeb.BanView, "_bans.html", bans: @bans, conn: @conn
|
||||||
|
|
|
@ -90,26 +90,26 @@ defmodule PhilomenaWeb.LayoutView do
|
||||||
do: can?(conn, :index, Philomena.SiteNotices.SiteNotice)
|
do: can?(conn, :index, Philomena.SiteNotices.SiteNotice)
|
||||||
|
|
||||||
def manages_tags?(conn),
|
def manages_tags?(conn),
|
||||||
do: can?(conn, :index, Philomena.Tags.Tag)
|
do: can?(conn, :edit, %Philomena.Tags.Tag{})
|
||||||
|
|
||||||
def manages_users?(conn),
|
def manages_users?(conn),
|
||||||
do: can?(conn, :index, Philomena.Users.User)
|
do: can?(conn, :index, Philomena.Users.User)
|
||||||
|
|
||||||
def manages_forums?(conn),
|
def manages_forums?(conn),
|
||||||
do: conn.assigns.current_user.role == "admin"
|
do: can?(conn, :edit, Philomena.Forums.Forum)
|
||||||
|
|
||||||
def manages_ads?(conn),
|
def manages_ads?(conn),
|
||||||
do: conn.assigns.current_user.role == "admin"
|
do: can?(conn, :index, Philomena.Adverts.Advert)
|
||||||
|
|
||||||
def manages_badges?(conn),
|
def manages_badges?(conn),
|
||||||
do: can?(conn, :index, Philomena.Badges.Badge)
|
do: can?(conn, :index, Philomena.Badges.Badge)
|
||||||
|
|
||||||
def manages_static_pages?(conn),
|
def manages_static_pages?(conn),
|
||||||
do: conn.assigns.current_user.role == "admin"
|
do: can?(conn, :edit, %Philomena.StaticPages.StaticPage{})
|
||||||
|
|
||||||
def manages_mod_notes?(conn),
|
def manages_mod_notes?(conn),
|
||||||
do: conn.assigns.current_user.role in ["admin", "moderator"]
|
do: can?(conn, :index, Philomena.ModNotes.ModNote)
|
||||||
|
|
||||||
def manages_bans?(conn),
|
def manages_bans?(conn),
|
||||||
do: conn.assigns.current_user.role in ["admin", "moderator"]
|
do: can?(conn, :create, Philomena.Bans.User)
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue