diff --git a/config/test.exs b/config/test.exs index 949dce3..2aa4601 100644 --- a/config/test.exs +++ b/config/test.exs @@ -24,7 +24,7 @@ config :zout, ZoutWeb.Endpoint, config :zout, Zout.Mailer, adapter: Swoosh.Adapters.Test # Print only warnings and errors during test -config :logger, level: :warn +config :logger, level: :warning # Initialize plugs at runtime for faster test compilation config :phoenix, :plug_init_mode, :runtime diff --git a/lib/zout/accounts/accounts.ex b/lib/zout/accounts/accounts.ex index ee69b6a..f0cb279 100644 --- a/lib/zout/accounts/accounts.ex +++ b/lib/zout/accounts/accounts.ex @@ -9,15 +9,22 @@ defmodule Zout.Accounts do def update_or_create!(%Ueberauth.Auth{ uid: id, info: info, - extra: %Ueberauth.Auth.Extra{raw_info: %{admin: admin}} + extra: %Ueberauth.Auth.Extra{raw_info: %{admin: zauth_admin, roles: roles}} }) do + user_roles = MapSet.new(roles) + + has_admin_role = + MapSet.intersection(admin_roles(), user_roles) |> Enum.empty?() |> Kernel.not() + + is_zout_admin = zauth_admin || has_admin_role + case Repo.get(User, id) do nil -> %User{id: id} user -> user end |> User.changeset(%{ nickname: info.nickname, - admin: admin + admin: is_zout_admin }) |> Repo.insert_or_update!() end @@ -26,4 +33,6 @@ defmodule Zout.Accounts do Get the user with the given ID. """ def get_user(id), do: Repo.get(User, id) + + defp admin_roles(), do: MapSet.new(["bestuur", "zout_admin"]) end diff --git a/lib/zout_web/auth/oauth_strategy.ex b/lib/zout_web/auth/oauth_strategy.ex index 4640df8..da1efc5 100644 --- a/lib/zout_web/auth/oauth_strategy.ex +++ b/lib/zout_web/auth/oauth_strategy.ex @@ -52,7 +52,10 @@ defmodule ZoutWeb.Auth.OAuthStrategy do end def authorize_url!() do - OAuth2.Client.authorize_url!(client()) + OAuth2.Client.authorize_url!( + client(), + scope: "roles" + ) end def get_token!(params \\ []) do diff --git a/lib/zout_web/auth/ueberauth_strategy.ex b/lib/zout_web/auth/ueberauth_strategy.ex index ee6a836..46bdc34 100644 --- a/lib/zout_web/auth/ueberauth_strategy.ex +++ b/lib/zout_web/auth/ueberauth_strategy.ex @@ -78,7 +78,8 @@ defmodule ZoutWeb.Auth.UeberauthStrategy do raw_info: %{ token: conn.private.zeus_token, user: conn.private.zeus_user, - admin: conn.private.zeus_user["admin"] + admin: conn.private.zeus_user["admin"], + roles: conn.private.zeus_user["roles"] } } end @@ -99,7 +100,7 @@ defmodule ZoutWeb.Auth.UeberauthStrategy do set_errors!(conn, [error("OAuth2", reason)]) {:error, _} -> - set_errors!(conn, [error("OAuth2", "uknown error")]) + set_errors!(conn, [error("OAuth2", "unknown error")]) end end end diff --git a/test/zout/users_test.exs b/test/zout/users_test.exs index c455957..9842be5 100644 --- a/test/zout/users_test.exs +++ b/test/zout/users_test.exs @@ -26,7 +26,7 @@ defmodule Zout.AccountsTest do info: %Ueberauth.Auth.Info{ nickname: "new-user" }, - extra: %Ueberauth.Auth.Extra{raw_info: %{admin: true}} + extra: %Ueberauth.Auth.Extra{raw_info: %{admin: true, roles: []}} } user_count_before = Repo.aggregate(User, :count, :id) @@ -39,6 +39,23 @@ defmodule Zout.AccountsTest do assert_in_delta user_count_after, user_count_before, 1 end + test "creates admin for zout admin role" do + new_user = %Ueberauth.Auth{ + uid: 694, + info: %Ueberauth.Auth.Info{ + nickname: "new-user-2" + }, + extra: %Ueberauth.Auth.Extra{raw_info: %{admin: false, roles: ["zout_admin"]}} + } + + user_count_before = Repo.aggregate(User, :count, :id) + inserted_user = Accounts.update_or_create!(new_user) + user_count_after = Repo.aggregate(User, :count, :id) + + assert inserted_user.admin + assert_in_delta user_count_after, user_count_before, 1 + end + test "updates existing user" do existing_user = insert(:user, nickname: "before", admin: false) @@ -47,7 +64,7 @@ defmodule Zout.AccountsTest do info: %Ueberauth.Auth.Info{ nickname: "after" }, - extra: %Ueberauth.Auth.Extra{raw_info: %{admin: true}} + extra: %Ueberauth.Auth.Extra{raw_info: %{admin: true, roles: []}} } user_count_before = Repo.aggregate(User, :count, :id)