hamlab/mobilizon-frontend
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Introduce authorizations with Rajska

Browse Source 
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel
2023-03-17 18:10:59 +01:00
parent b6875f6a4b
commit 8984bd7636
95 changed files with 4560 additions and 1505 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
lib/graphql/schema/discussions/comment.ex
View File

@@ -11,6 +11,7 @@ defmodule Mobilizon.GraphQL.Schema.Discussions.CommentType do
@desc "A comment"
object :comment do
meta(:authorize, :all)
interfaces([:action_log_object, :activity_object])
field(:id, :id, description: "Internal ID for this comment")
field(:uuid, :uuid, description: "An UUID for this comment")
@@ -73,6 +74,7 @@ defmodule Mobilizon.GraphQL.Schema.Discussions.CommentType do
@desc "A paginated list of comments"
object :paginated_comment_list do
meta(:authorize, :all)
field(:elements, list_of(:comment), description: "A list of comments")
field(:total, :integer, description: "The total number of comments in the list")
end
@@ -81,6 +83,7 @@ defmodule Mobilizon.GraphQL.Schema.Discussions.CommentType do
@desc "Get replies for thread"
field :thread, type: list_of(:comment) do
arg(:id, non_null(:id), description: "The comment ID")
middleware(Rajska.QueryAuthorization, permit: :all)
resolve(&Comment.get_thread/3)
end
end
@@ -95,6 +98,13 @@ defmodule Mobilizon.GraphQL.Schema.Discussions.CommentType do
arg(:is_announcement, :boolean, description: "Should this comment be announced to everyone?")
middleware(Rajska.QueryAuthorization,
permit: :user,
scope: Mobilizon.Discussions.Comment,
rule: :"write:comment:create",
args: %{event_id: :event_id}
)
resolve(&Comment.create_comment/3)
end
@@ -106,6 +116,13 @@ defmodule Mobilizon.GraphQL.Schema.Discussions.CommentType do
arg(:is_announcement, :boolean, description: "Should this comment be announced to everyone?")
middleware(Rajska.QueryAuthorization,
permit: :user,
scope: Mobilizon.Discussions.Comment,
rule: :"write:comment:update",
args: %{id: :comment_id}
)
resolve(&Comment.update_comment/3)
end
@@ -113,6 +130,13 @@ defmodule Mobilizon.GraphQL.Schema.Discussions.CommentType do
field :delete_comment, type: :comment do
arg(:comment_id, non_null(:id), description: "The comment ID")
middleware(Rajska.QueryAuthorization,
permit: [:user, :moderator],
scope: Mobilizon.Discussions.Comment,
rule: :"write:comment:delete",
args: %{id: :comment_id}
)
resolve(&Comment.delete_comment/3)
end
end