Merge pull request #100 from nodes-vapor/feature/require-role-leaf-tag

rasmusebbesen · web-flow · commit 9600af1284d1 · 2018-08-24T13:01:29.000+02:00
Added requireRole leaf tag. Removed default .unknown role type
diff --git a/Sources/AdminPanel/Models/AdminPanelUser+AdminPanelUserType.swift b/Sources/AdminPanel/Models/AdminPanelUser+AdminPanelUserType.swift
@@ -35,7 +35,7 @@ extension AdminPanelUser: AdminPanelUserType {
         public let name: String
         public let title: String?
         public let avatarUrl: String?
-        public let role: AdminPanelUserRole
+        public let role: AdminPanelUserRole?
         public let password: String
         public let passwordRepeat: String
         public let shouldResetPassword: Bool?
@@ -92,27 +92,23 @@ public enum AdminPanelUserRole: String {
     case superAdmin
     case admin
     case user
-    case unknown
 
-    public var weight: Int {
+    public var weight: UInt {
         switch self {
         case .superAdmin: return 3
         case .admin: return 2
         case .user: return 1
-        case .unknown: return 0
         }
     }
 
     public typealias RawValue = String
 
-    public init(rawValue: String?) {
-        guard let rawValue = rawValue else { self = .unknown; return }
-
+    public init?(rawValue: String?) {
         switch rawValue {
             case AdminPanelUserRole.superAdmin.rawValue: self = .superAdmin
             case AdminPanelUserRole.admin.rawValue: self = .admin
             case AdminPanelUserRole.user.rawValue: self = .user
-            default: self = .unknown
+            default: return nil
         }
     }
 }
@@ -132,11 +128,17 @@ extension AdminPanelUserRole: AdminPanelUserRoleType {
             return "AdminPanel/Layout/Partials/Sidebars/admin"
         case .user:
             return "AdminPanel/Layout/Partials/Sidebars/user"
-        case .unknown:
-            return ""
         }
     }
 
+    public init?(_ description: String) {
+        guard let role = AdminPanelUserRole.init(rawValue: description) else {
+            return nil
+        }
+
+        self = role
+    }
+
     public var description: String {
         return self.rawValue
     }
diff --git a/Sources/AdminPanel/Models/AdminPanelUser+Submittable.swift b/Sources/AdminPanel/Models/AdminPanelUser+Submittable.swift
@@ -20,7 +20,7 @@ extension AdminPanelUser: Submittable {
             email = user?.email
             name = user?.name
             title = user?.title
-            role = user?.role.rawValue
+            role = user?.role?.rawValue
             password = nil
             passwordAgain = nil
             shouldResetPassword = user?.shouldResetPassword
@@ -56,7 +56,7 @@ extension AdminPanelUser: Submittable {
                     keyPath: \.role,
                     label: "Role",
                     validators: [.count(...191)],
-                    isRequired: false
+                    isRequired: true
                 ),
                 makeFieldEntry(
                     keyPath: \.password,
@@ -88,7 +88,7 @@ extension AdminPanelUser: Submittable {
         let email: String
         let name: String
         let title: String?
-        let role: String
+        let role: String?
         let password: String
         let shouldResetPassword: Bool?
         let shouldSpecifyPassword: Bool?
diff --git a/Sources/AdminPanel/Models/AdminPanelUser.swift b/Sources/AdminPanel/Models/AdminPanelUser.swift
@@ -8,7 +8,7 @@ public final class AdminPanelUser: Codable {
     public var name: String
     public var title: String?
     public var avatarUrl: String?
-    public var role: AdminPanelUserRole
+    public var role: AdminPanelUserRole?
     public var password: String
     public var passwordChangeCount: Int
     public var shouldResetPassword: Bool
@@ -27,7 +27,7 @@ public final class AdminPanelUser: Codable {
         name: String,
         title: String? = nil,
         avatarUrl: String? = nil,
-        role: AdminPanelUserRole,
+        role: AdminPanelUserRole?,
         password: String,
         passwordChangeCount: Int = 0,
         shouldResetPassword: Bool = false
@@ -57,8 +57,7 @@ extension AdminPanelUser: Migration {
                 type: .enum([
                     AdminPanelUserRole.superAdmin.rawValue,
                     AdminPanelUserRole.admin.rawValue,
-                    AdminPanelUserRole.user.rawValue,
-                    AdminPanelUserRole.unknown.rawValue
+                    AdminPanelUserRole.user.rawValue
                 ]))
         }
     }
diff --git a/Sources/AdminPanel/Models/AdminPanelUserType.swift b/Sources/AdminPanel/Models/AdminPanelUserType.swift
@@ -3,7 +3,7 @@ import Reset
 import Submissions
 import Sugar
 
-public typealias SidebarMenuPathGenerator<U: AdminPanelUserRoleType> = ((U) -> String)
+public typealias SidebarMenuPathGenerator<U: AdminPanelUserRoleType> = ((U?) -> String)
 
 public protocol AdminPanelUserType:
     Parameter,
@@ -19,7 +19,7 @@ where
     associatedtype Role: AdminPanelUserRoleType
 
     var shouldResetPassword: Bool { get }
-    var role: Role { get }
+    var role: Role? { get }
     func didCreate(with: Submission, on req: Request) throws -> Future<Void>
 }
 
@@ -29,13 +29,17 @@ extension AdminPanelUserType {
     }
 }
 
-public protocol AdminPanelUserRoleType: CustomStringConvertible, Comparable, Codable {
+public protocol AdminPanelUserRoleType: LosslessStringConvertible, Comparable, Codable {
     var menuPath: String { get }
 }
 
 public extension AdminPanelUserType {
-    public func requireRole(_ role: Self.Role) throws {
-        guard self.role >= role else {
+    public func requireRole(_ role: Self.Role?) throws {
+        guard
+            let myRole = self.role,
+            let requiredRole = role,
+            myRole >= requiredRole
+        else {
             throw Abort(.unauthorized)
         }
     }
@@ -44,7 +48,7 @@ public extension AdminPanelUserType {
 public extension AdminPanelUserRoleType {
     public static var sidebarMenuPathGenerator: SidebarMenuPathGenerator<Self> {
         return { role in
-            role.menuPath
+            role?.menuPath ?? ""
         }
     }
 }
diff --git a/Sources/AdminPanel/Providers/AdminPanelProvider.swift b/Sources/AdminPanel/Providers/AdminPanelProvider.swift
@@ -135,7 +135,8 @@ public final class AdminPanelProvider<U: AdminPanelUserType>: Provider {
             "adminpanel:config": AdminPanelConfigTag<U>(),
             "adminpanel:sidebar:heading": SidebarHeadingTag(),
             "adminpanel:sidebar:menuitem": SidebarMenuItemTag(),
-            "adminpanel:user": UserTag()
+            "adminpanel:user": UserTag(),
+            "adminpanel:user:requireRole": RequireRoleTag<U>()
         ])
 
         return .done(on: container)
diff --git a/Sources/AdminPanel/Tags/RequireRoleTag.swift b/Sources/AdminPanel/Tags/RequireRoleTag.swift
@@ -0,0 +1,35 @@
+import Leaf
+import Authentication
+import Sugar
+
+public final class RequireRoleTag<U: AdminPanelUserType>: TagRenderer {
+    public func render(tag: TagContext) throws -> Future<TemplateData> {
+        try tag.requireParameterCount(1)
+
+        let container = try tag.container.make(
+            CurrentUserContainer<U>.self
+        )
+
+        let body = try tag.requireBody()
+
+        return tag.serializer.serialize(ast: body).map(to: TemplateData.self) { body in
+            guard
+                let roleString: String = tag.parameters[0].string,
+                let requiredRole = U.Role.init(roleString)
+            else {
+                throw tag.error(reason: "Invalid role requirement")
+            }
+
+            // User is either not logged in or not allowed to see content
+            guard
+                let userRole = container.user?.role,
+                userRole >= requiredRole
+            else {
+                return TemplateData.string("")
+            }
+
+            let parsedBody = String(data: body.data, encoding: .utf8) ?? ""
+            return .string(parsedBody)
+        }
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -3,7 +3,7 @@ import Reset`
`3`	`3`	`import Submissions`
`4`	`4`	`import Sugar`
`5`	`5`
`6`		`-public typealias SidebarMenuPathGenerator<U: AdminPanelUserRoleType> = ((U) -> String)`
	`6`	`+public typealias SidebarMenuPathGenerator<U: AdminPanelUserRoleType> = ((U?) -> String)`
`7`	`7`
`8`	`8`	`public protocol AdminPanelUserType:`
`9`	`9`	`Parameter,`
`@@ -19,7 +19,7 @@ where`
`19`	`19`	`associatedtype Role: AdminPanelUserRoleType`
`20`	`20`
`21`	`21`	`var shouldResetPassword: Bool { get }`
`22`		`- var role: Role { get }`
	`22`	`+ var role: Role? { get }`
`23`	`23`	`func didCreate(with: Submission, on req: Request) throws -> Future<Void>`
`24`	`24`	`}`
`25`	`25`
`@@ -29,13 +29,17 @@ extension AdminPanelUserType {`
`29`	`29`	`}`
`30`	`30`	`}`
`31`	`31`
`32`		`-public protocol AdminPanelUserRoleType: CustomStringConvertible, Comparable, Codable {`
	`32`	`+public protocol AdminPanelUserRoleType: LosslessStringConvertible, Comparable, Codable {`
`33`	`33`	`var menuPath: String { get }`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`public extension AdminPanelUserType {`
`37`		`- public func requireRole(_ role: Self.Role) throws {`
`38`		`- guard self.role >= role else {`
	`37`	`+ public func requireRole(_ role: Self.Role?) throws {`
	`38`	`+ guard`
	`39`	`+ let myRole = self.role,`
	`40`	`+ let requiredRole = role,`
	`41`	`+ myRole >= requiredRole`
	`42`	`+ else {`
`39`	`43`	`throw Abort(.unauthorized)`
`40`	`44`	`}`
`41`	`45`	`}`
`@@ -44,7 +48,7 @@ public extension AdminPanelUserType {`
`44`	`48`	`public extension AdminPanelUserRoleType {`
`45`	`49`	`public static var sidebarMenuPathGenerator: SidebarMenuPathGenerator<Self> {`
`46`	`50`	`return { role in`
`47`		`- role.menuPath`
	`51`	`+ role?.menuPath ?? ""`
`48`	`52`	`}`
`49`	`53`	`}`
`50`	`54`	`}`