PonyMirrors/philomena
1
0
Fork 0
mirror of https://github.com/philomena-dev/philomena.git synced 2025-03-29 23:07:45 +01:00
Code Issues Projects Releases Packages Wiki Activity

make ban deletions admin-only

Browse source
This commit is contained in:
Luna D 2020-09-17 20:35:47 +02:00 committed by byte[]
parent 388487db81
commit f5229654e7
6 changed files with 33 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
lib/philomena_web/controllers/admin/fingerprint_ban_controller.ex
View file

@ -8,6 +8,7 @@ defmodule PhilomenaWeb.Admin.FingerprintBanController do
plug :verify_authorized plug :verify_authorized
plug :load_resource, model: FingerprintBan, only: [:edit, :update, :delete] plug :load_resource, model: FingerprintBan, only: [:edit, :update, :delete]
plug :check_can_delete when action in [:delete]
def index(conn, %{"q" => q}) when is_binary(q) do def index(conn, %{"q" => q}) when is_binary(q) do
FingerprintBan FingerprintBan
@ -98,4 +99,11 @@ defmodule PhilomenaWeb.Admin.FingerprintBanController do
false -> PhilomenaWeb.NotAuthorizedPlug.call(conn) false -> PhilomenaWeb.NotAuthorizedPlug.call(conn)
end end
end end
defp check_can_delete(conn, _opts) do
case conn.assigns.current_user.role == "admin" do
true -> conn
false -> PhilomenaWeb.NotAuthorizedPlug.call(conn)
end
end
end end

8
lib/philomena_web/controllers/admin/subnet_ban_controller.ex
View file

@ -8,6 +8,7 @@ defmodule PhilomenaWeb.Admin.SubnetBanController do
plug :verify_authorized plug :verify_authorized
plug :load_resource, model: SubnetBan, only: [:edit, :update, :delete] plug :load_resource, model: SubnetBan, only: [:edit, :update, :delete]
plug :check_can_delete when action in [:delete]
def index(conn, %{"q" => q}) when is_binary(q) do def index(conn, %{"q" => q}) when is_binary(q) do
SubnetBan SubnetBan
@ -100,4 +101,11 @@ defmodule PhilomenaWeb.Admin.SubnetBanController do
false -> PhilomenaWeb.NotAuthorizedPlug.call(conn) false -> PhilomenaWeb.NotAuthorizedPlug.call(conn)
end end
end end
defp check_can_delete(conn, _opts) do
case conn.assigns.current_user.role == "admin" do
true -> conn
false -> PhilomenaWeb.NotAuthorizedPlug.call(conn)
end
end
end end

8
lib/philomena_web/controllers/admin/user_ban_controller.ex
View file

@ -8,6 +8,7 @@ defmodule PhilomenaWeb.Admin.UserBanController do
plug :verify_authorized plug :verify_authorized
plug :load_resource, model: UserBan, only: [:edit, :update, :delete] plug :load_resource, model: UserBan, only: [:edit, :update, :delete]
plug :check_can_delete when action in [:delete]
def index(conn, %{"q" => q}) when is_binary(q) do def index(conn, %{"q" => q}) when is_binary(q) do
like_q = "%#{q}%" like_q = "%#{q}%"
@ -101,4 +102,11 @@ defmodule PhilomenaWeb.Admin.UserBanController do
false -> PhilomenaWeb.NotAuthorizedPlug.call(conn) false -> PhilomenaWeb.NotAuthorizedPlug.call(conn)
end end
end end
defp check_can_delete(conn, _opts) do
case conn.assigns.current_user.role == "admin" do
true -> conn
false -> PhilomenaWeb.NotAuthorizedPlug.call(conn)
end
end
end end

5
lib/philomena_web/templates/admin/fingerprint_ban/index.html.slime
View file

@ -54,8 +54,9 @@ h1 Fingerprint Bans
td td
=> link "Edit", to: Routes.admin_fingerprint_ban_path(@conn, :edit, ban) => link "Edit", to: Routes.admin_fingerprint_ban_path(@conn, :edit, ban)
' • = if @current_user.role == "admin" do
=> link "Destroy", to: Routes.admin_fingerprint_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"] ' •
=> link "Destroy", to: Routes.admin_fingerprint_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"]
.block__header.block__header--light .block__header.block__header--light
= pagination = pagination

5
lib/philomena_web/templates/admin/subnet_ban/index.html.slime
View file

@ -54,8 +54,9 @@ h1 Subnet Bans
td td
=> link "Edit", to: Routes.admin_subnet_ban_path(@conn, :edit, ban) => link "Edit", to: Routes.admin_subnet_ban_path(@conn, :edit, ban)
' • = if @current_user.role == "admin" do
=> link "Destroy", to: Routes.admin_subnet_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"] ' •
=> link "Destroy", to: Routes.admin_subnet_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"]
.block__header.block__header--light .block__header.block__header--light
= pagination = pagination

5
lib/philomena_web/templates/admin/user_ban/index.html.slime
View file

@ -54,8 +54,9 @@ h1 User Bans
td td
=> link "Edit", to: Routes.admin_user_ban_path(@conn, :edit, ban) => link "Edit", to: Routes.admin_user_ban_path(@conn, :edit, ban)
' • = if @current_user.role == "admin" do
=> link "Destroy", to: Routes.admin_user_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"] ' •
=> link "Destroy", to: Routes.admin_user_ban_path(@conn, :delete, ban), data: [confirm: "Are you really, really sure?", method: "delete"]
.block__header.block__header--light .block__header.block__header--light
= pagination = pagination