From f5229654e7d77e7c4565b39d7733e3f0d31e9cb9 Mon Sep 17 00:00:00 2001 From: Luna D Date: Thu, 17 Sep 2020 20:35:47 +0200 Subject: [PATCH] make ban deletions admin-only --- .../controllers/admin/fingerprint_ban_controller.ex | 8 ++++++++ .../controllers/admin/subnet_ban_controller.ex | 8 ++++++++ .../controllers/admin/user_ban_controller.ex | 8 ++++++++ .../templates/admin/fingerprint_ban/index.html.slime | 5 +++-- .../templates/admin/subnet_ban/index.html.slime | 5 +++-- .../templates/admin/user_ban/index.html.slime | 5 +++-- 6 files changed, 33 insertions(+), 6 deletions(-) diff --git a/lib/philomena_web/controllers/admin/fingerprint_ban_controller.ex b/lib/philomena_web/controllers/admin/fingerprint_ban_controller.ex index f251af46..ba14ff93 100644 --- a/lib/philomena_web/controllers/admin/fingerprint_ban_controller.ex +++ b/lib/philomena_web/controllers/admin/fingerprint_ban_controller.ex @@ -8,6 +8,7 @@ defmodule PhilomenaWeb.Admin.FingerprintBanController do plug :verify_authorized plug :load_resource, model: FingerprintBan, only: [:edit, :update, :delete] + plug :check_can_delete when action in [:delete] def index(conn, %{"q" => q}) when is_binary(q) do FingerprintBan @@ -98,4 +99,11 @@ defmodule PhilomenaWeb.Admin.FingerprintBanController do false -> PhilomenaWeb.NotAuthorizedPlug.call(conn) end end + + defp check_can_delete(conn, _opts) do + case conn.assigns.current_user.role == "admin" do + true -> conn + false -> PhilomenaWeb.NotAuthorizedPlug.call(conn) + end + end end diff --git a/lib/philomena_web/controllers/admin/subnet_ban_controller.ex b/lib/philomena_web/controllers/admin/subnet_ban_controller.ex index cd92a5b7..11f8bacf 100644 --- a/lib/philomena_web/controllers/admin/subnet_ban_controller.ex +++ b/lib/philomena_web/controllers/admin/subnet_ban_controller.ex @@ -8,6 +8,7 @@ defmodule PhilomenaWeb.Admin.SubnetBanController do plug :verify_authorized plug :load_resource, model: SubnetBan, only: [:edit, :update, :delete] + plug :check_can_delete when action in [:delete] def index(conn, %{"q" => q}) when is_binary(q) do SubnetBan @@ -100,4 +101,11 @@ defmodule PhilomenaWeb.Admin.SubnetBanController do false -> PhilomenaWeb.NotAuthorizedPlug.call(conn) end end + + defp check_can_delete(conn, _opts) do + case conn.assigns.current_user.role == "admin" do + true -> conn + false -> PhilomenaWeb.NotAuthorizedPlug.call(conn) + end + end end diff --git a/lib/philomena_web/controllers/admin/user_ban_controller.ex b/lib/philomena_web/controllers/admin/user_ban_controller.ex index dfbdd713..cb5e8398 100644 --- a/lib/philomena_web/controllers/admin/user_ban_controller.ex +++ b/lib/philomena_web/controllers/admin/user_ban_controller.ex @@ -8,6 +8,7 @@ defmodule PhilomenaWeb.Admin.UserBanController do plug :verify_authorized plug :load_resource, model: UserBan, only: [:edit, :update, :delete] + plug :check_can_delete when action in [:delete] def index(conn, %{"q" => q}) when is_binary(q) do like_q = "%#{q}%" @@ -101,4 +102,11 @@ defmodule PhilomenaWeb.Admin.UserBanController do false -> PhilomenaWeb.NotAuthorizedPlug.call(conn) end end + + defp check_can_delete(conn, _opts) do + case conn.assigns.current_user.role == "admin" do + true -> conn + false -> PhilomenaWeb.NotAuthorizedPlug.call(conn) + end + end end diff --git a/lib/philomena_web/templates/admin/fingerprint_ban/index.html.slime b/lib/philomena_web/templates/admin/fingerprint_ban/index.html.slime index 3f00e9ce..10628069 100644 --- a/lib/philomena_web/templates/admin/fingerprint_ban/index.html.slime +++ b/lib/philomena_web/templates/admin/fingerprint_ban/index.html.slime @@ -54,8 +54,9 @@ h1 Fingerprint Bans td => link "Edit", to: Routes.admin_fingerprint_ban_path(@conn, :edit, ban) - ' • - => link "Destroy", to: Routes.admin_fingerprint_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"] + = if @current_user.role == "admin" do + ' • + => link "Destroy", to: Routes.admin_fingerprint_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"] .block__header.block__header--light = pagination diff --git a/lib/philomena_web/templates/admin/subnet_ban/index.html.slime b/lib/philomena_web/templates/admin/subnet_ban/index.html.slime index 6efea8de..4f44d4fc 100644 --- a/lib/philomena_web/templates/admin/subnet_ban/index.html.slime +++ b/lib/philomena_web/templates/admin/subnet_ban/index.html.slime @@ -54,8 +54,9 @@ h1 Subnet Bans td => link "Edit", to: Routes.admin_subnet_ban_path(@conn, :edit, ban) - ' • - => link "Destroy", to: Routes.admin_subnet_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"] + = if @current_user.role == "admin" do + ' • + => link "Destroy", to: Routes.admin_subnet_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"] .block__header.block__header--light = pagination diff --git a/lib/philomena_web/templates/admin/user_ban/index.html.slime b/lib/philomena_web/templates/admin/user_ban/index.html.slime index 8f4bb00c..9eeaa6e9 100644 --- a/lib/philomena_web/templates/admin/user_ban/index.html.slime +++ b/lib/philomena_web/templates/admin/user_ban/index.html.slime @@ -54,8 +54,9 @@ h1 User Bans td => link "Edit", to: Routes.admin_user_ban_path(@conn, :edit, ban) - ' • - => link "Destroy", to: Routes.admin_user_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"] + = if @current_user.role == "admin" do + ' • + => link "Destroy", to: Routes.admin_user_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"] .block__header.block__header--light = pagination