chg: [auth] wip

flowintel · May 11, 2023 · 340e6ab · 340e6ab
1 parent 65c9ab0
commit 340e6ab
Show file tree

Hide file tree

Showing 8 changed files with 64 additions and 20 deletions.
diff --git a/config/config.exs b/config/config.exs
@@ -62,9 +62,13 @@ config :phoenix, :json_library, Jason
 # Fun With Flags configuration
 config :fun_with_flags, :cache,
   enabled: true,
-  ttl: 900 # in seconds
+  # in seconds
+  ttl: 900
+
 config :fun_with_flags, :persistence,
-  [adapter: FunWithFlags.Store.Persistent.Ecto, repo: Cocktailparty.Repo]
+  adapter: FunWithFlags.Store.Persistent.Ecto,
+  repo: Cocktailparty.Repo
+
 config :fun_with_flags, :cache_bust_notifications,
   enabled: true,
   adapter: FunWithFlags.Notifications.PhoenixPubSub,

diff --git a/lib/cocktailparty/accounts.ex b/lib/cocktailparty/accounts.ex
@@ -372,4 +372,8 @@ defmodule Cocktailparty.Accounts do
       false -> false
     end
   end
+
+  def get_users_by_role(role) do
+    Repo.all(from u in User, where: u.role == ^role)
+  end
 end
diff --git a/lib/cocktailparty/accounts/user.ex b/lib/cocktailparty/accounts/user.ex
@@ -3,12 +3,17 @@ defmodule Cocktailparty.Accounts.User do
 
   import Ecto.Changeset
 
+  @uuser "uuser"
+  @user_role "user"
+  @poweruser_role "poweruser"
+
   schema "users" do
     field :email, :string
     field :password, :string, virtual: true, redact: true
     field :hashed_password, :string, redact: true
     field :confirmed_at, :naive_datetime
     field :is_admin, :boolean, default: false
+    field :role, :string, default: "user"
 
     many_to_many :sources, Cocktailparty.Catalog.Source,
       join_through: "sources_subscriptions",
@@ -160,6 +165,18 @@ defmodule Cocktailparty.Accounts.User do
     end
   end
 
+  @doc """
+  A user changeset for promoting the user to a new role
+
+  """
+  def promote_changeset(user, attrs, _opts \\ []) do
+    user
+    |> cast(attrs, [:role])
+    |> validate_inclusion(:role, roles())
+  end
+
+  def roles, do: [@uuser, @user_role, @poweruser_role]
+
   defimpl FunWithFlags.Actor, for: Cocktailparty.Accounts.User do
     def id(%Cocktailparty.Accounts.User{id: id}), do: "user:#{id}"
   end

diff --git a/lib/cocktailparty/catalog.ex b/lib/cocktailparty/catalog.ex
@@ -96,7 +96,6 @@ defmodule Cocktailparty.Catalog do
         # We ask the broker to delete the source with the old channel
         GenServer.cast(Cocktailparty.Broker, {:delete_source, source})
 
-
         # We update the source
         {:ok, source} = Repo.update(changeset)
 

diff --git a/lib/cocktailparty_web/components/layouts/root.html.heex b/lib/cocktailparty_web/components/layouts/root.html.heex
@@ -55,24 +55,31 @@
           <%= if @current_user do %>
             <li>
               <.link
+                :if={@is_admin}
                 href={~p"/admin/sources"}
                 class="text-[0.8125rem] leading-6 text-zinc-900 font-semibold hover:text-zinc-700"
-                :if={@is_admin}
-                >
-
+              >
                 Admin Sources
               </.link>
             </li>
             <li>
               <.link
+                :if={@is_admin}
                 href={~p"/admin/sources"}
                 class="text-[0.8125rem] leading-6 text-zinc-900 font-semibold hover:text-zinc-700"
-                :if={@is_admin}
-                >
-
+              >
                 Admin Users
               </.link>
             </li>
+            <li>
+              <.link
+                :if={@is_admin}
+                href={~p"/feature-flags"}
+                class="text-[0.8125rem] leading-6 text-zinc-900 font-semibold hover:text-zinc-700"
+              >
+                FeatureFlags
+              </.link>
+            </li>
             <li>
               <.link
                 href={~p"/sources"}

diff --git a/lib/cocktailparty_web/router.ex b/lib/cocktailparty_web/router.ex
@@ -14,6 +14,15 @@ defmodule CocktailpartyWeb.Router do
     plug :default_admin_rights
   end
 
+  pipeline :mounted_apps do
+    plug :accepts, ["html"]
+    plug :fetch_session
+    plug :fetch_live_flash
+    plug :put_secure_browser_headers
+    plug :fetch_current_user
+    plug :default_admin_rights
+  end
+
   pipeline :api do
     plug :accepts, ["json"]
   end
@@ -29,11 +38,6 @@ defmodule CocktailpartyWeb.Router do
     plug :require_admin_user
   end
 
-  pipeline :mounted_apps do
-    plug :accepts, ["html"]
-    plug :put_secure_browser_headers
-  end
-
   scope "/", CocktailpartyWeb do
     pipe_through [:browser, :auth]
     get "/", PageController, :home
@@ -50,7 +54,7 @@ defmodule CocktailpartyWeb.Router do
   end
 
   scope path: "/feature-flags" do
-    pipe_through :mounted_apps
+    pipe_through [:mounted_apps, :auth, :require_admin]
     forward "/", FunWithFlags.UI.Router, namespace: "feature-flags"
   end
 

diff --git a/priv/repo/migrations/20230511100454_add_fun_with_flags.exs b/priv/repo/migrations/20230511100454_add_fun_with_flags.exs
@@ -13,14 +13,14 @@ defmodule Cocktailparty.Repo.Migrations.AddFunWithFlags do
     end
 
     create index(
-      :fun_with_flags_toggles,
-      [:flag_name, :gate_type, :target],
-      [unique: true, name: "fwf_flag_name_gate_target_idx"]
-    )
+             :fun_with_flags_toggles,
+             [:flag_name, :gate_type, :target],
+             unique: true,
+             name: "fwf_flag_name_gate_target_idx"
+           )
   end
 
   def down do
     drop table(:fun_with_flags_toggles)
   end
-
 end
diff --git a/priv/repo/migrations/20230511135234_add_role_to_users.exs b/priv/repo/migrations/20230511135234_add_role_to_users.exs
@@ -0,0 +1,9 @@
+defmodule Cocktailparty.Repo.Migrations.AddRoleToUsers do
+  use Ecto.Migration
+
+  def change do
+    alter table(:users) do
+      add :role, :string, default: "user"
+    end
+  end
+end