permission checks

lib/philomena/dnp_entries.ex

@@ -102,9 +102,13 @@ defmodule Philomena.DnpEntries do
     DnpEntry.changeset(dnp_entry, %{})
   end
 
-  def count_dnp_entries() do
+  def count_dnp_entries(user) do
+    if Canada.Can.can?(user, :manage, DnpEntry) do
       DnpEntry
       |> where([dnp], dnp.aasm_state in ["requested", "claimed", "acknowledged"])
       |> Repo.aggregate(:count, :id)
+    else
+      nil
+    end
   end
 end

lib/philomena/duplicate_reports.ex

@@ -115,9 +115,13 @@ defmodule Philomena.DuplicateReports do
     DuplicateReport.changeset(duplicate_report, %{})
   end
 
-  def count_duplicate_reports() do
+  def count_duplicate_reports(user) do
+    if Canada.Can.can?(user, :manage, DuplicateReport) do
       DuplicateReport
       |> where(state: "open")
       |> Repo.aggregate(:count, :id)
+    else
+      nil
+    end
   end
 end

lib/philomena/reports.ex

@@ -117,9 +117,13 @@ defmodule Philomena.Reports do
     report
   end
 
-  def count_reports() do
+  def count_reports(user) do
+    if Canada.Can.can?(user, :manage, Report) do
       Report
       |> where(open: true)
       |> Repo.aggregate(:count, :id)
+    else
+      nil
+    end
   end
 end

lib/philomena/user_links.ex

@@ -105,9 +105,13 @@ defmodule Philomena.UserLinks do
     UserLink.changeset(user_link, %{})
   end
 
-  def count_user_links() do
+  def count_user_links(user) do
+    if Canada.Can.can?(user, :edit, UserLink) do
       UserLink
       |> where(aasm_state: "unverified")
       |> Repo.aggregate(:count, :id)
+    else
+      nil
+    end
   end
 end

lib/philomena_web/plugs/admin_counters_plug.ex

@@ -26,15 +26,15 @@ defmodule PhilomenaWeb.AdminCountersPlug do
   def call(conn, _opts) do
     user = conn.assigns.current_user
 
-    maybe_assign_admin_metrics(conn, staff?(user))
+    maybe_assign_admin_metrics(conn, user, staff?(user))
   end
 
-  defp maybe_assign_admin_metrics(conn, false), do: conn
+  defp maybe_assign_admin_metrics(conn, _user, false), do: conn
-  defp maybe_assign_admin_metrics(conn, true) do
+  defp maybe_assign_admin_metrics(conn, user, true) do
-    duplicate_reports = DuplicateReports.count_duplicate_reports()
+    duplicate_reports = DuplicateReports.count_duplicate_reports(user)
-    reports = Reports.count_reports()
+    reports = Reports.count_reports(user)
-    user_links = UserLinks.count_user_links()
+    user_links = UserLinks.count_user_links(user)
-    dnps = DnpEntries.count_dnp_entries()
+    dnps = DnpEntries.count_dnp_entries(user)
 
     conn
     |> assign(:duplicate_report_count, duplicate_reports)

lib/philomena_web/templates/layout/_header_staff_links.html.slime

@@ -35,18 +35,22 @@
       = link to: "#", class: "header__link" do
         i.fa.fa-fw.fa-sticky-note
         | Mod Notes
+  = if @duplicate_report_count do
     = link to: "#", class: "header__link", title: "Duplicates" do
       =<> "D"
       span.header__counter__admin
         = @duplicate_report_count
+  = if @report_count do
     = link to: "#", class: "header__link", title: "Reports" do
       =<> "R"
       span.header__counter__admin
         = @report_count
+  = if @user_link_count do
     = link to: "#", class: "header__link", title: "User Links" do
       =<> "L"
       span.header__counter__admin
         = @user_link_count
+  = if @dnp_entry_count do
     = link to: "#", class: "header__link", title: "DNP Requests" do
       =<> "S"
       span.header__counter__admin