Moritz
9a86e0ec01
Add complete CRUD interface for role management under /admin/roles. - Index page with table showing name, description, permission_set_name, is_system_role - Show page for role details - Form component for create/edit with permission_set_name dropdown - System role badge and disabled delete button - Flash messages for success/error - Authorization checks using MvWeb.Authorization helpers - Comprehensive test coverage (22 tests) Routes added under /admin scope. All LiveViews load user role for authorization checks. Form uses custom dropdown for permission sets.
94 lines
3.1 KiB
Elixir
94 lines
3.1 KiB
Elixir
defmodule MvWeb.RoleLive.Show do
|
|
@moduledoc """
|
|
LiveView for displaying a single role's details.
|
|
|
|
## Features
|
|
- Display role information (name, description, permission_set_name, is_system_role)
|
|
- Navigate to edit form
|
|
- Return to role list
|
|
|
|
## Security
|
|
Only admins can access this page (enforced by authorization).
|
|
"""
|
|
use MvWeb, :live_view
|
|
|
|
@impl true
|
|
def mount(%{"id" => id}, _session, socket) do
|
|
# Ensure current_user has role loaded for authorization checks
|
|
socket =
|
|
if socket.assigns[:current_user] do
|
|
user = socket.assigns.current_user
|
|
|
|
user_with_role =
|
|
case Map.get(user, :role) do
|
|
%Ash.NotLoaded{} -> Ash.load!(user, :role, domain: Mv.Accounts)
|
|
nil -> Ash.load!(user, :role, domain: Mv.Accounts)
|
|
role when not is_nil(role) -> user
|
|
end
|
|
|
|
assign(socket, :current_user, user_with_role)
|
|
else
|
|
socket
|
|
end
|
|
|
|
role = Ash.get!(Mv.Authorization.Role, id, domain: Mv.Authorization)
|
|
|
|
{:ok,
|
|
socket
|
|
|> assign(:page_title, gettext("Show Role"))
|
|
|> assign(:role, role)}
|
|
end
|
|
|
|
@impl true
|
|
def render(assigns) do
|
|
~H"""
|
|
<Layouts.app flash={@flash} current_user={@current_user}>
|
|
<.header>
|
|
{gettext("Role")} {@role.name}
|
|
<:subtitle>{gettext("Role details and permissions.")}</:subtitle>
|
|
|
|
<:actions>
|
|
<.button navigate={~p"/admin/roles"} aria-label={gettext("Back to roles list")}>
|
|
<.icon name="hero-arrow-left" />
|
|
<span class="sr-only">{gettext("Back to roles list")}</span>
|
|
</.button>
|
|
<%= if can?(@current_user, :update, Mv.Authorization.Role) do %>
|
|
<.button variant="primary" navigate={~p"/admin/roles/#{@role}/edit"}>
|
|
<.icon name="hero-pencil-square" /> {gettext("Edit Role")}
|
|
</.button>
|
|
<% end %>
|
|
</:actions>
|
|
</.header>
|
|
|
|
<.list>
|
|
<:item title={gettext("Name")}>{@role.name}</:item>
|
|
<:item title={gettext("Description")}>
|
|
<%= if @role.description do %>
|
|
{@role.description}
|
|
<% else %>
|
|
<span class="text-base-content/50 italic">{gettext("No description")}</span>
|
|
<% end %>
|
|
</:item>
|
|
<:item title={gettext("Permission Set")}>
|
|
<span class={permission_set_badge_class(@role.permission_set_name)}>
|
|
{@role.permission_set_name}
|
|
</span>
|
|
</:item>
|
|
<:item title={gettext("System Role")}>
|
|
<%= if @role.is_system_role do %>
|
|
<span class="badge badge-warning">{gettext("Yes")}</span>
|
|
<% else %>
|
|
<span class="badge badge-ghost">{gettext("No")}</span>
|
|
<% end %>
|
|
</:item>
|
|
</.list>
|
|
</Layouts.app>
|
|
"""
|
|
end
|
|
|
|
defp permission_set_badge_class("own_data"), do: "badge badge-neutral badge-sm"
|
|
defp permission_set_badge_class("read_only"), do: "badge badge-info badge-sm"
|
|
defp permission_set_badge_class("normal_user"), do: "badge badge-success badge-sm"
|
|
defp permission_set_badge_class("admin"), do: "badge badge-error badge-sm"
|
|
defp permission_set_badge_class(_), do: "badge badge-ghost badge-sm"
|
|
end
|