plausible/analytics
1
1
Fork 0
mirror of https://github.com/plausible/analytics.git synced 2024-11-24 12:42:30 +03:00
Code Issues Packages Projects Releases Wiki Activity
ecc233443e
analytics/lib/plausible_web/plugs/authorize_site_access.ex
Uku Taht a7fd23a804 Revert "Reduce database roundtrips on critical path for authorization" 
This reverts commit 71d1988ee8.
2021-09-30 09:45:58 +02:00

51 lines
1.3 KiB
Elixir
Raw Blame History

defmodule PlausibleWeb.AuthorizeSiteAccess do
import Plug.Conn
use Plausible.Repo
def init([]), do: [:public, :viewer, :admin, :owner]
def init(allowed_roles), do: allowed_roles
def call(conn, allowed_roles) do
site = Repo.get_by(Plausible.Site, domain: conn.params["domain"] || conn.params["website"])
shared_link_auth = conn.params["auth"]
shared_link_record =
shared_link_auth && Repo.get_by(Plausible.Site.SharedLink, slug: shared_link_auth)
if !site do
PlausibleWeb.ControllerHelpers.render_error(conn, 404) |> halt
else
user_id = get_session(conn, :current_user_id)
membership_role = user_id && Plausible.Sites.role(user_id, site)
role =
cond do
user_id && membership_role ->
membership_role
site.public ->
:public
shared_link_record && shared_link_record.site_id == site.id ->
:public
user_id in admin_user_ids() ->
:admin
true ->
nil
end
if role in allowed_roles do
merge_assigns(conn, site: site, current_user_role: role)
else
PlausibleWeb.ControllerHelpers.render_error(conn, 404) |> halt
end
end
end
defp admin_user_ids() do
Application.get_env(:plausible, :admin_user_ids)
end
end
Reference in New Issue View Git Blame Copy Permalink