Update the Oban Dashboard to show only for admin users.

2 months ago · f4c2207a80
parent 14b0b78e15
commit f4c2207a80
2 changed files with 31 additions and 6 deletions
--- a/lib/decentralised_book_index_web/plugs/require_admin.ex
+++ b/lib/decentralised_book_index_web/plugs/require_admin.ex
@ -0,0 +1,21 @@
+defmodule DecentralisedBookIndexWeb.Plugs.RequireAdmin do
+  import Plug.Conn
+  import Phoenix.Controller
+
+  alias DecentralisedBookIndex.Accounts.Role
+
+  def init(default), do: default
+
+  def call(conn, _opts) do
+    current_user = conn.assigns[:current_user]
+
+    if current_user && Role.can_administrate?(current_user.role) do
+      conn
+    else
+      conn
+      |> put_flash(:error, "Unauthorized")
+      |> redirect(to: "/")
+      |> halt()
+    end
+  end
+end
--- a/lib/decentralised_book_index_web/router.ex
+++ b/lib/decentralised_book_index_web/router.ex
@ -23,6 +23,10 @@ defmodule DecentralisedBookIndexWeb.Router do
    plug :set_actor, :user
  end

+  pipeline :admin_authenticated_routes do
+    plug DecentralisedBookIndexWeb.Plugs.RequireAdmin
+  end
+
  scope "/api/v1/json" do
    pipe_through [:api]

@ -90,6 +94,12 @@ defmodule DecentralisedBookIndexWeb.Router do
    end
  end

+  scope "/" do
+    pipe_through [:browser, :admin_authenticated_routes]
+
+    oban_dashboard("/oban")
+   end
+
  scope "/", DecentralisedBookIndexWeb do
    pipe_through :browser

@ -135,11 +145,5 @@ defmodule DecentralisedBookIndexWeb.Router do
      live_dashboard "/dashboard", metrics: DecentralisedBookIndexWeb.Telemetry
      forward "/mailbox", Plug.Swoosh.MailboxPreview
    end
-
-    scope "/" do
-      pipe_through :browser
-
-      oban_dashboard("/oban")
-    end
  end
 end