permission checks

lib/philomena/dnp_entries.ex

@@ -102,9 +102,13 @@ defmodule Philomena.DnpEntries do
     DnpEntry.changeset(dnp_entry, %{})
   end
 
-  def count_dnp_entries() do
+  def count_dnp_entries(user) do
-    DnpEntry
+    if Canada.Can.can?(user, :manage, DnpEntry) do
-    |> where([dnp], dnp.aasm_state in ["requested", "claimed", "acknowledged"])
+      DnpEntry
-    |> Repo.aggregate(:count, :id)
+      |> where([dnp], dnp.aasm_state in ["requested", "claimed", "acknowledged"])
+      |> Repo.aggregate(:count, :id)
+    else
+      nil
+    end
   end
 end

lib/philomena/duplicate_reports.ex

@@ -115,9 +115,13 @@ defmodule Philomena.DuplicateReports do
     DuplicateReport.changeset(duplicate_report, %{})
   end
 
-  def count_duplicate_reports() do
+  def count_duplicate_reports(user) do
-    DuplicateReport
+    if Canada.Can.can?(user, :manage, DuplicateReport) do
-    |> where(state: "open")
+      DuplicateReport
-    |> Repo.aggregate(:count, :id)
+      |> where(state: "open")
+      |> Repo.aggregate(:count, :id)
+    else
+      nil
+    end
   end
 end

lib/philomena/reports.ex

@@ -117,9 +117,13 @@ defmodule Philomena.Reports do
     report
   end
 
-  def count_reports() do
+  def count_reports(user) do
-    Report
+    if Canada.Can.can?(user, :manage, Report) do
-    |> where(open: true)
+      Report
-    |> Repo.aggregate(:count, :id)
+      |> where(open: true)
+      |> Repo.aggregate(:count, :id)
+    else
+      nil
+    end
   end
 end

lib/philomena/user_links.ex

@@ -105,9 +105,13 @@ defmodule Philomena.UserLinks do
     UserLink.changeset(user_link, %{})
   end
 
-  def count_user_links() do
+  def count_user_links(user) do
-    UserLink
+    if Canada.Can.can?(user, :edit, UserLink) do
-    |> where(aasm_state: "unverified")
+      UserLink
-    |> Repo.aggregate(:count, :id)
+      |> where(aasm_state: "unverified")
+      |> Repo.aggregate(:count, :id)
+    else
+      nil
+    end
   end
 end

lib/philomena_web/plugs/admin_counters_plug.ex

@@ -26,15 +26,15 @@ defmodule PhilomenaWeb.AdminCountersPlug do
   def call(conn, _opts) do
     user = conn.assigns.current_user
 
-    maybe_assign_admin_metrics(conn, staff?(user))
+    maybe_assign_admin_metrics(conn, user, staff?(user))
   end
 
-  defp maybe_assign_admin_metrics(conn, false), do: conn
+  defp maybe_assign_admin_metrics(conn, _user, false), do: conn
-  defp maybe_assign_admin_metrics(conn, true) do
+  defp maybe_assign_admin_metrics(conn, user, true) do
-    duplicate_reports = DuplicateReports.count_duplicate_reports()
+    duplicate_reports = DuplicateReports.count_duplicate_reports(user)
-    reports = Reports.count_reports()
+    reports = Reports.count_reports(user)
-    user_links = UserLinks.count_user_links()
+    user_links = UserLinks.count_user_links(user)
-    dnps = DnpEntries.count_dnp_entries()
+    dnps = DnpEntries.count_dnp_entries(user)
 
     conn
     |> assign(:duplicate_report_count, duplicate_reports)

lib/philomena_web/templates/layout/_header_staff_links.html.slime

@@ -35,22 +35,26 @@
       = link to: "#", class: "header__link" do
         i.fa.fa-fw.fa-sticky-note
         | Mod Notes
-  = link to: "#", class: "header__link", title: "Duplicates" do
+  = if @duplicate_report_count do
-    =<> "D"
+    = link to: "#", class: "header__link", title: "Duplicates" do
-    span.header__counter__admin
+      =<> "D"
-      = @duplicate_report_count
+      span.header__counter__admin
-  = link to: "#", class: "header__link", title: "Reports" do
+        = @duplicate_report_count
-    =<> "R"
+  = if @report_count do
-    span.header__counter__admin
+    = link to: "#", class: "header__link", title: "Reports" do
-      = @report_count
+      =<> "R"
-  = link to: "#", class: "header__link", title: "User Links" do
+      span.header__counter__admin
-    =<> "L"
+        = @report_count
-    span.header__counter__admin
+  = if @user_link_count do
-      = @user_link_count
+    = link to: "#", class: "header__link", title: "User Links" do
-  = link to: "#", class: "header__link", title: "DNP Requests" do
+      =<> "L"
-    =<> "S"
+      span.header__counter__admin
-    span.header__counter__admin
+        = @user_link_count
-      = @dnp_entry_count
+  = if @dnp_entry_count do
+    = link to: "#", class: "header__link", title: "DNP Requests" do
+      =<> "S"
+      span.header__counter__admin
+        = @dnp_entry_count
   .dropdown.hide-mobile
     a.header__link title="Bans"
       =<> "B"