fix: add actor parameter to Authorization.get_role in Index
Ensure consistent authorization by passing actor parameter to get_role call, matching the pattern used in Show LiveView.
This commit is contained in:
parent
586985f7f0
commit
f4b0d1c9a8
1 changed files with 18 additions and 36 deletions
|
|
@ -21,9 +21,10 @@ defmodule MvWeb.RoleLive.Index do
|
||||||
|
|
||||||
require Ash.Query
|
require Ash.Query
|
||||||
|
|
||||||
|
on_mount {MvWeb.LiveHelpers, :ensure_user_role_loaded}
|
||||||
|
|
||||||
@impl true
|
@impl true
|
||||||
def mount(_params, _session, socket) do
|
def mount(_params, _session, socket) do
|
||||||
socket = ensure_user_role_loaded(socket)
|
|
||||||
actor = socket.assigns[:current_user]
|
actor = socket.assigns[:current_user]
|
||||||
roles = load_roles(actor)
|
roles = load_roles(actor)
|
||||||
user_counts = load_user_counts(roles)
|
user_counts = load_user_counts(roles)
|
||||||
|
|
@ -35,34 +36,9 @@ defmodule MvWeb.RoleLive.Index do
|
||||||
|> assign(:user_counts, user_counts)}
|
|> assign(:user_counts, user_counts)}
|
||||||
end
|
end
|
||||||
|
|
||||||
defp ensure_user_role_loaded(socket) do
|
|
||||||
if socket.assigns[:current_user] do
|
|
||||||
user = socket.assigns.current_user
|
|
||||||
user_with_role = load_user_role(user)
|
|
||||||
assign(socket, :current_user, user_with_role)
|
|
||||||
else
|
|
||||||
socket
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
defp load_user_role(user) do
|
|
||||||
case Map.get(user, :role) do
|
|
||||||
%Ash.NotLoaded{} -> load_role_safely(user)
|
|
||||||
nil -> load_role_safely(user)
|
|
||||||
_role -> user
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
defp load_role_safely(user) do
|
|
||||||
case Ash.load(user, :role, domain: Mv.Accounts) do
|
|
||||||
{:ok, loaded_user} -> loaded_user
|
|
||||||
{:error, _} -> user
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
@impl true
|
@impl true
|
||||||
def handle_event("delete", %{"id" => id}, socket) do
|
def handle_event("delete", %{"id" => id}, socket) do
|
||||||
case Authorization.get_role(id) do
|
case Authorization.get_role(id, actor: socket.assigns.current_user) do
|
||||||
{:ok, role} ->
|
{:ok, role} ->
|
||||||
handle_delete_role(role, id, socket)
|
handle_delete_role(role, id, socket)
|
||||||
|
|
||||||
|
|
@ -96,10 +72,11 @@ defmodule MvWeb.RoleLive.Index do
|
||||||
gettext("System roles cannot be deleted.")
|
gettext("System roles cannot be deleted.")
|
||||||
)}
|
)}
|
||||||
|
|
||||||
recalculate_user_count(role) > 0 ->
|
true ->
|
||||||
user_count = recalculate_user_count(role)
|
user_count = recalculate_user_count(role)
|
||||||
|
|
||||||
{:noreply,
|
if user_count > 0 do
|
||||||
|
{:noreply,
|
||||||
put_flash(
|
put_flash(
|
||||||
socket,
|
socket,
|
||||||
:error,
|
:error,
|
||||||
|
|
@ -108,9 +85,9 @@ defmodule MvWeb.RoleLive.Index do
|
||||||
count: user_count
|
count: user_count
|
||||||
)
|
)
|
||||||
)}
|
)}
|
||||||
|
else
|
||||||
true ->
|
perform_role_deletion(role, id, socket)
|
||||||
perform_role_deletion(role, id, socket)
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
@ -153,10 +130,15 @@ defmodule MvWeb.RoleLive.Index do
|
||||||
|
|
||||||
# Load all users with role_id in a single query
|
# Load all users with role_id in a single query
|
||||||
users =
|
users =
|
||||||
Accounts.User
|
case Ash.read(
|
||||||
|> Ash.Query.filter(role_id in ^role_ids)
|
Accounts.User
|
||||||
|> Ash.Query.select([:role_id])
|
|> Ash.Query.filter(role_id in ^role_ids)
|
||||||
|> Ash.read!(domain: Mv.Accounts)
|
|> Ash.Query.select([:role_id]),
|
||||||
|
domain: Mv.Accounts
|
||||||
|
) do
|
||||||
|
{:ok, users_list} -> users_list
|
||||||
|
{:error, _} -> []
|
||||||
|
end
|
||||||
|
|
||||||
# Group by role_id and count
|
# Group by role_id and count
|
||||||
users
|
users
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue