Merge branch 'deploy-runtime' into 'master'

Deploy runtime

See merge request !3

lib/diskuy/account/user.ex

@@ -6,14 +6,15 @@ defmodule Diskuy.Account.User do
     field :username, :string
     field :email, :string
     field :picture, :string
+    field :role, :string, default: "reguler"
     timestamps()
   end
 
   @doc false
   def changeset(user, attrs) do
     user
-    |> cast(attrs, [:username, :email, :picture])
-    |> validate_required([:username, :email])
+    |> cast(attrs, [:username, :email, :picture, :role])
+    |> validate_required([:username, :email, :role])
     |> validate_format(:email, ~r/^[A-Za-z0-9._-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/)
     |> unique_constraint(:username)
     |> unique_constraint(:email)

lib/diskuy_web/auth/google_auth.ex

@@ -27,10 +27,14 @@ defmodule DiskuyWeb.Auth.GoogleAuth do
     case Account.get_by_username(username) do
       {:ok, _user} ->
         new_username = create_username(username)
-        {:ok, user} = Account.create_user(%{username: new_username, email: email, picture: picture})
+        {:ok, user} = Account.create_user(%{username: new_username,
+                                            email: email,
+                                            picture: picture, role: "reguler"})
         Guardian.create_token(user)
       {:error, :not_found} ->
-        {:ok, user} = Account.create_user(%{username: username, email: email, picture: picture})
+        {:ok, user} = Account.create_user(%{username: username,
+                                            email: email,
+                                            picture: picture, role: "reguler"})
         Guardian.create_token(user)
     end
   end

lib/diskuy_web/auth/guardian.ex

@@ -45,4 +45,13 @@ defmodule DiskuyWeb.Auth.Guardian do
     end
   end
 
+  def check_admin(user) do
+    case user.role == "admin" do
+      true ->
+        {:ok, :authorized}
+      false ->
+        {:error, :unauthorized}
+    end
+  end
+
 end

lib/diskuy_web/controllers/post_controller.ex

@@ -32,8 +32,9 @@ defmodule DiskuyWeb.PostController do
   def update(conn, %{"id" => id, "post" => post_params}) do
     current_user = Guardian.Plug.current_resource(conn)
     post = Forum.get_post!(id)
+    new_post_params = post_params |> Map.drop(["id", "points", "user_id", "thread_id"])
     with {:ok, :authorized} <- Guardian.check_authorized(current_user, post.user_id),
-         {:ok, %Post{} = post} <- Forum.update_post(post, post_params) do
+         {:ok, %Post{} = post} <- Forum.update_post(post, new_post_params) do
       render(conn, "show.json", post: post)
     end
   end

lib/diskuy_web/controllers/thread_controller.ex

@@ -32,8 +32,9 @@ defmodule DiskuyWeb.ThreadController do
   def update(conn, %{"id" => id, "thread" => thread_params}) do
     current_user = Guardian.Plug.current_resource(conn)
     thread = Forum.get_thread!(id)
+    new_thread_params = thread_params |> Map.drop(["id", "points", "user_id", "topic_id"])
     with {:ok, :authorized} <- Guardian.check_authorized(current_user, thread.user_id),
-         {:ok, %Thread{} = thread} <- Forum.update_thread(thread, thread_params) do
+         {:ok, %Thread{} = thread} <- Forum.update_thread(thread, new_thread_params) do
       render(conn, "show.json", thread: thread)
     end
   end

lib/diskuy_web/controllers/topic_controller.ex

@@ -4,6 +4,7 @@ defmodule DiskuyWeb.TopicController do
   alias Diskuy.Forum
   alias Diskuy.Forum.Topic
   alias Diskuy.Utility.Utility
+  alias DiskuyWeb.Auth.Guardian
 
   action_fallback DiskuyWeb.FallbackController
 
@@ -13,7 +14,9 @@ defmodule DiskuyWeb.TopicController do
   end
 
   def create(conn, %{"topic" => topic_params}) do
-    with {:ok, %Topic{} = topic} <- Forum.create_topic(topic_params) do
+    current_user = Guardian.Plug.current_resource(conn)
+    with {:ok, :authorized} <- Guardian.check_admin(current_user),
+         {:ok, %Topic{} = topic} <- Forum.create_topic(topic_params) do
       conn
       |> put_status(:created)
       |> put_resp_header("location", Routes.topic_path(conn, :show, topic))
@@ -22,24 +25,21 @@ defmodule DiskuyWeb.TopicController do
   end
 
   def show(conn, %{"id" => id}) do
-    new_id = Utility.capitalize_string(id)
-    topic = Forum.get_topic_by_name!(new_id)
-
+    topic = Forum.get_topic_by_name!(id)
     render(conn, "show.json", topic: topic)
   end
 
   def update(conn, %{"id" => id, "topic" => topic_params}) do
-    new_id = Utility.capitalize_string(id)
-    topic = Forum.get_topic_by_name!(new_id)
-
-    with {:ok, %Topic{} = topic} <- Forum.update_topic(topic, topic_params) do
+    topic = Forum.get_topic_by_name!(id)
+    current_user = Guardian.Plug.current_resource(conn)
+    with {:ok, :authorized} <- Guardian.check_admin(current_user),
+         {:ok, %Topic{} = topic} <- Forum.update_topic(topic, topic_params) do
       render(conn, "show.json", topic: topic)
     end
   end
 
   def delete(conn, %{"id" => id}) do
-    new_id = Utility.capitalize_string(id)
-    topic = Forum.get_topic_by_name!(new_id)
+    topic = Forum.get_topic_by_name!(id)
 
     with {:ok, %Topic{}} <- Forum.delete_topic(topic) do
       send_resp(conn, :no_content, "")

lib/diskuy_web/controllers/user_controller.ex

@@ -36,7 +36,7 @@ defmodule DiskuyWeb.UserController do
 
   def update(conn, %{"user" => user_params}) do
     user = Guardian.Plug.current_resource(conn)
-    new_user_params = user_params |> Map.drop(["email", "id"])
+    new_user_params = user_params |> Map.drop(["email", "id", "role"])
     with {:ok, %User{} = user} <- Account.update_user(user, new_user_params) do
       render(conn, "show.json", user: user)
     end

lib/diskuy_web/views/user_view.ex

@@ -18,7 +18,8 @@ defmodule DiskuyWeb.UserView do
     %{id: user.id,
       username: user.username,
       name: user.email,
-      picture: user.picture
+      picture: user.picture,
+      role: user.role
       }
   end
 
@@ -28,6 +29,7 @@ defmodule DiskuyWeb.UserView do
       email: user.email,
       username: user.username,
       picture: user.picture,
+      role: user.role,
       token: token
     }
   end

priv/repo/migrations/20201211030926_create_users.exs

@@ -6,6 +6,7 @@ defmodule Diskuy.Repo.Migrations.CreateUsers do
       add :username, :string
       add :email, :string
       add :picture, :string
+      add :role, :string
       timestamps()
     end
     create unique_index(:users, [:username])