diff --git a/lib/philomena/users/ability.ex b/lib/philomena/users/ability.ex index cbe81b1a..810984e0 100644 --- a/lib/philomena/users/ability.ex +++ b/lib/philomena/users/ability.ex @@ -1,20 +1,51 @@ defimpl Canada.Can, for: [Atom, Philomena.Users.User] do alias Philomena.Users.User alias Philomena.Images.Image + alias Philomena.Forums.Forum + alias Philomena.Topics.Topic # Admins can do anything def can?(%User{role: "admin"}, _action, _model), do: true - # Users can... + # + # Moderators can... + # + + # View images + def can?(%User{role: "moderator"}, :show, %Image{}), do: true + + # View forums + def can?(%User{role: "moderator"}, :show, %Forum{access_level: level}) + when level in ["normal", "assistant", "staff"], do: true + def can?(%User{role: "moderator"}, :show, %Topic{hidden_from_users: true}), do: true + + # + # Assistants can... + # + + # View images + def can?(%User{role: "assistant"}, :show, %Image{}), do: true + + # View forums + def can?(%User{role: "assistant"}, :show, %Forum{access_level: level}) + when level in ["normal", "assistant"], do: true + def can?(%User{role: "assistant"}, :show, %Topic{hidden_from_users: true}), do: true + + # + # Users and anonymous users can... + # # View non-deleted images def can?(_user, action, Image) when action in [:new, :create, :index], do: true - def can?(_user, :show, %Image{hidden_from_users: true}), do: false def can?(_user, :show, %Image{hidden_from_users: false}), do: true + # View forums + def can?(_user, :show, %Forum{access_level: "normal"}), do: true + def can?(_user, :show, %Topic{hidden_from_users: false}), do: true + # Otherwise... def can?(_user, _action, _model), do: false end diff --git a/lib/philomena_web.ex b/lib/philomena_web.ex index bcc00039..24c39e3b 100644 --- a/lib/philomena_web.ex +++ b/lib/philomena_web.ex @@ -25,7 +25,6 @@ defmodule PhilomenaWeb do import PhilomenaWeb.Gettext import Canary.Plugs alias PhilomenaWeb.Router.Helpers, as: Routes - alias PhilomenaWeb.Plugs.ImageFilter end end diff --git a/lib/philomena_web/controllers/activity_controller.ex b/lib/philomena_web/controllers/activity_controller.ex index 8981f4b5..9186b845 100644 --- a/lib/philomena_web/controllers/activity_controller.ex +++ b/lib/philomena_web/controllers/activity_controller.ex @@ -5,8 +5,6 @@ defmodule PhilomenaWeb.ActivityController do alias Philomena.Repo import Ecto.Query - plug ImageFilter - def index(conn, _params) do user = conn.assigns.current_user filter = conn.assigns.compiled_filter diff --git a/lib/philomena_web/controllers/image_controller.ex b/lib/philomena_web/controllers/image_controller.ex index f27a06e2..e6f0db08 100644 --- a/lib/philomena_web/controllers/image_controller.ex +++ b/lib/philomena_web/controllers/image_controller.ex @@ -5,7 +5,6 @@ defmodule PhilomenaWeb.ImageController do alias Philomena.Repo import Ecto.Query - plug ImageFilter plug :load_and_authorize_resource, model: Image, only: :show, preload: [:tags, :user] def index(conn, _params) do diff --git a/lib/philomena_web/controllers/search_controller.ex b/lib/philomena_web/controllers/search_controller.ex index 79686303..cc6aac41 100644 --- a/lib/philomena_web/controllers/search_controller.ex +++ b/lib/philomena_web/controllers/search_controller.ex @@ -6,8 +6,6 @@ defmodule PhilomenaWeb.SearchController do import Ecto.Query - plug ImageFilter - def index(conn, params) do filter = conn.assigns[:compiled_filter] user = conn |> Plug.current_user() diff --git a/lib/philomena_web/controllers/tag_controller.ex b/lib/philomena_web/controllers/tag_controller.ex index f5297db4..355d9873 100644 --- a/lib/philomena_web/controllers/tag_controller.ex +++ b/lib/philomena_web/controllers/tag_controller.ex @@ -4,8 +4,6 @@ defmodule PhilomenaWeb.TagController do alias Philomena.{Images.Image, Tags, Tags.Tag} import Ecto.Query - plug ImageFilter - def index(conn, params) do {:ok, query} = Tags.Query.compile(params["tq"] || "*") diff --git a/lib/philomena_web/router.ex b/lib/philomena_web/router.ex index 1b8304bf..3b5a1cf2 100644 --- a/lib/philomena_web/router.ex +++ b/lib/philomena_web/router.ex @@ -8,6 +8,7 @@ defmodule PhilomenaWeb.Router do plug :fetch_flash plug :protect_from_forgery plug :put_secure_browser_headers + plug PhilomenaWeb.Plugs.ImageFilter end pipeline :api do