mitchell/classic-wow-forums
1
0
Fork 0
mirror of https://github.com/mgerb/classic-wow-forums synced 2026-01-11 01:22:49 +00:00
Code Issues Releases Wiki Activity

thread update/insert changeset fixed - auth permissions done

Browse Source
This commit is contained in:
Mitchell Gerber
2018-01-03 23:04:29 -06:00
parent 11eaa3565b
commit 148bde8f99
9 changed files with 120 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
lib/myapp/auth/auth.ex
View File

@@ -1,5 +1,6 @@
defmodule MyApp.Guardian do
use Guardian, otp_app: :myapp
use Guardian.Permissions.Bitwise
def subject_for_token(resource, _claims) do
# You can use any value for the subject of your token but
@@ -11,10 +12,6 @@ defmodule MyApp.Guardian do
{:ok, sub}
end
# def subject_for_token(_, _) do
# {:error, :reason_for_error}
# end
def resource_from_claims(claims) do
# Here we'll look up our resource from the claims, the subject can be
# found in the `"sub"` key. In `above subject_for_token/2` we returned
@@ -25,8 +22,10 @@ defmodule MyApp.Guardian do
{:ok, resource}
end
# def resource_from_claims(_claims) do
# {:error, :reason_for_error}
# end
@spec add_permissions(map, map) :: map
def add_permissions(claims, permissions) do
claims
|> encode_permissions_into_claims!(permissions)
end
end

32
lib/myapp/auth/pipeline.ex
View File

@@ -1,9 +1,39 @@
defmodule MyApp.Guardian.AuthPipeline.JSON do
defmodule MyApp.Guardian.Auth.Pipeline.User do
use Guardian.Plug.Pipeline, otp_app: :MyApp,
module: MyApp.Guardian,
error_handler: MyApp.Auth.ErrorHandler
plug Guardian.Plug.VerifyHeader, realm: "Bearer"
plug Guardian.Permissions.Bitwise, one_of: [
%{user: [:read, :write]},
%{mod: [:read, :write]},
%{admin: [:read, :write]},
]
plug Guardian.Plug.EnsureAuthenticated
plug Guardian.Plug.LoadResource, allow_blank: true
end
defmodule MyApp.Guardian.Auth.Pipeline.Mod do
use Guardian.Plug.Pipeline, otp_app: :MyApp,
module: MyApp.Guardian,
error_handler: MyApp.Auth.ErrorHandler
plug Guardian.Plug.VerifyHeader, realm: "Bearer"
plug Guardian.Permissions.Bitwise, one_of: [
%{mod: [:read, :write]},
%{admin: [:read, :write]},
]
plug Guardian.Plug.EnsureAuthenticated
plug Guardian.Plug.LoadResource, allow_blank: true
end
defmodule MyApp.Guardian.Auth.Pipeline.Admin do
use Guardian.Plug.Pipeline, otp_app: :MyApp,
module: MyApp.Guardian,
error_handler: MyApp.Auth.ErrorHandler
plug Guardian.Plug.VerifyHeader, realm: "Bearer"
plug Guardian.Permissions.Bitwise, one_of: [%{admin: [:read, :write]}]
plug Guardian.Plug.EnsureAuthenticated
plug Guardian.Plug.LoadResource, allow_blank: true
end

33
lib/myapp/auth/token.ex Normal file
View File

@@ -0,0 +1,33 @@
defmodule MyApp.Guardian.Auth.Token do
alias MyApp.Guardian
# ~1 year
defp tokenTTL(), do: {52, :weeks}
@spec add_token_and_map_claims(map | {atom, any}) :: {:ok, map} | {:error, String.t}
def add_token_and_map_claims(user) when is_map(user) do
claims = user
|> Map.take([:id, :battletag, :battle_net_id, :access_token]) # take values from user object to map to claims
|> Guardian.add_permissions(get_permissions(user))
case Guardian.encode_and_sign(user, claims, ttl: tokenTTL()) do
{:ok, token, _claims} -> {:ok, Map.merge(user, %{token: token})}
{:error, error} -> {:error, error}
end
end
def add_token_and_map_claims({:ok, user}), do: add_token_and_map_claims(user)
def add_token_and_map_claims({:error, error}), do: {:error, error}
# return permissions base on field in database
defp get_permissions(user) do
case Map.get(user, :permissions) do
"user" -> %{user: [:read, :write]}
"mod" -> %{mod: [:read, :write]}
"admin" -> %{admin: [:read, :write]}
nil -> %{user: [:read, :write]}
end
end
end

32
lib/myapp/data/thread.ex
View File

@@ -1,6 +1,5 @@
defmodule MyApp.Data.Thread do
use Ecto.Schema
import Ecto.Query
import Ecto.Changeset
alias MyApp.Repo
alias MyApp.Data
@@ -16,33 +15,48 @@ defmodule MyApp.Data.Thread do
field :sticky, :boolean, default: false
field :locked, :boolean, default: false
field :edited, :boolean, default: false
timestamps()
end
def changeset(thread, params \\ %{}) do
def insert_changeset(thread, params \\ %{}) do
thread
|> cast(params, [:id, :title, :category_id, :content, :user_id, :view_count, :last_reply_id, :sticky, :locked, :edited])
|> cast(params, [:title, :category_id, :content, :user_id])
|> validate_required([:title, :category_id, :content, :user_id])
|> foreign_key_constraint(:category_id)
|> foreign_key_constraint(:user_id)
end
def update_changeset(thread, params \\ %{}) do
thread
|> cast(params, [:content, :user_id, :sticky, :locked])
|> force_change(:edited, true) # set edited flag on update
|> validate_required([:content, :user_id])
|> foreign_key_constraint(:category_id)
|> foreign_key_constraint(:user_id)
end
def insert_thread(params) do
changeset(%Data.Thread{}, params)
insert_changeset(%Data.Thread{}, params)
|> Repo.insert
|> Data.Util.process_insert_or_update
end
def update_thread(params) do
Repo.get(Data.Thread, Map.get(params, "id"))
|> process_update(params)
id = Map.get(params, "id")
if id == nil do
{:error, "Invalid thread"}
else
Repo.get(Data.Thread, id)
|> process_update(params)
end
end
# TODO: delete thread
# TODO: check user permissions for sticky/locked
defp process_update(thread, _params) when is_nil(thread), do: {:error, "Invalid thread"}
defp process_update(thread, params) when not is_nil(thread) do
changeset(thread, Map.take(params, ["content", "edited", "sticky", "locked"]))
|> IO.inspect
update_changeset(thread, params)
|> Repo.update
|> Data.Util.process_insert_or_update
end

18
lib/myapp/jwt.ex
View File

@@ -1,18 +0,0 @@
defmodule MyApp.JWT do
alias MyApp.Guardian
# ~1 year
defp tokenTTL(), do: {52, :weeks}
@spec add_jwt(map | {atom, any}) :: {:ok, map} | {:error, String.t}
def add_jwt(user) when is_map(user) do
case Guardian.encode_and_sign(user, user, ttl: tokenTTL()) do
{:ok, token, _claims} -> {:ok, Map.merge(user, %{token: token})}
{:error, error} -> {:error, error}
end
end
def add_jwt({:ok, user}), do: add_jwt(user)
def add_jwt({:error, error}), do: {:error, error}
end