parent user auth

rauversion · Feb 21, 2023 · 09b7882 · 09b7882
1 parent b8d8610
commit 09b7882
Show file tree

Hide file tree

Showing 6 changed files with 98 additions and 29 deletions.
diff --git a/lib/rauversion/accounts.ex b/lib/rauversion/accounts.ex
@@ -820,4 +820,12 @@ defmodule Rauversion.Accounts do
     |> Rauversion.Repo.all()
     |> Repo.preload(:user)
   end
+
+  def is_child_of?(user, child_user_id) do
+    from(p in Rauversion.ConnectedAccounts.ConnectedAccount)
+    |> where(parent_id: ^user.id)
+    |> where(state: "active")
+    |> where([c], ^child_user_id == c.user_id)
+    |> Rauversion.Repo.one()
+  end
 end
diff --git a/lib/rauversion_web/controllers/label_auth_controller.ex b/lib/rauversion_web/controllers/label_auth_controller.ex
@@ -0,0 +1,31 @@
+defmodule RauversionWeb.LabelAuthController do
+  use RauversionWeb, :controller
+  alias Rauversion.Accounts
+
+  def add(conn, %{"username" => username}) do
+    user = Accounts.get_user_by_username(username)
+
+    case RauversionWeb.UserAuth.fetch_current_user(conn, []) do
+      %{assigns: %{current_user: current_user}} ->
+        case Rauversion.Accounts.is_child_of?(current_user, user.id) do
+          %Rauversion.ConnectedAccounts.ConnectedAccount{} = connected_account ->
+            connected_account = connected_account |> Rauversion.Repo.preload(:user)
+
+            conn
+            |> RauversionWeb.UserAuth.log_in_user_conn(connected_account.user)
+            |> put_session(:parent_user, current_user.id)
+            |> redirect(to: "/#{user.username}")
+
+          _a ->
+            conn
+            |> put_flash(:error, gettext("not allowed"))
+            |> redirect(to: "/#{current_user.username}")
+        end
+
+      _ ->
+        conn
+        |> put_flash(:error, gettext("not allowed"))
+        |> RauversionWeb.UserAuth.log_in_user(user)
+    end
+  end
+end
diff --git a/lib/rauversion_web/controllers/user_auth.ex b/lib/rauversion_web/controllers/user_auth.ex
@@ -38,6 +38,19 @@ defmodule RauversionWeb.UserAuth do
     |> redirect(to: user_return_to || signed_in_path(conn))
   end
 
+  def log_in_user_conn(conn, user, params \\ %{}) do
+    token = Accounts.generate_user_session_token(user)
+    user_return_to = get_session(conn, :user_return_to)
+
+    conn
+    |> renew_session()
+    |> put_session(:user_token, token)
+    |> put_session(:live_socket_id, "users_sessions:#{Base.url_encode64(token)}")
+    |> maybe_write_remember_me_cookie(token, params)
+    |> fetch_flash()
+    |> put_flash(:info, "Logged in successfully.")
+  end
+
   defp maybe_write_remember_me_cookie(conn, token, %{"remember_me" => "true"}) do
     put_resp_cookie(conn, @remember_me_cookie, token, @remember_me_options)
   end

diff --git a/lib/rauversion_web/live/profile_live/components/menu_component.ex b/lib/rauversion_web/live/profile_live/components/menu_component.ex
@@ -30,36 +30,47 @@ defmodule RauversionWeb.ProfileLive.MenuComponent do
             </nav>
 
             <%= if @current_user && @current_user.id != @profile.id do %>
-              <div class="flex items-center md:ml-12">
-                <%= if @user_follow do %>
-                  <%= link to: "#", phx_click: "unfollow-user", class: "inline-flex items-center px-4 py-2 border border-brand-300 shadow-sm text-base font-medium rounded-md text-brand-700 bg-white hover:bg-brand-50 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-indigo-500" do %>
-                    <svg
-                      xmlns="http://www.w3.org/2000/svg"
-                      class="h-5 w-5"
-                      viewbox="0 0 20 20"
-                      fill="currentColor"
-                    >
-                      <path
-                        fillRule="evenodd"
-                        d="M16.707 5.293a1 1 0 010 1.414l-8 8a1 1 0 01-1.414 0l-4-4a1 1 0 011.414-1.414L8 12.586l7.293-7.293a1 1 0 011.414 0z"
-                        clipRule="evenodd"
-                      />
-                    </svg>
-                    <span class="mx-2"><%= gettext("Following") %></span>
-                  <% end %>
-                <% else %>
-                  <%= link to: "#", phx_click: "follow-user", class: "inline-flex items-center px-4 py-2 border border-transparent text-base font-medium rounded-md shadow-sm text-white bg-brand-600 hover:bg-brand-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-brand-500" do %>
-                    <svg
-                      xmlns="http://www.w3.org/2000/svg"
-                      class="h-5 w-5"
-                      view-box="0 0 20 20"
-                      fill="currentColor"
-                    >
-                      <path d="M8 9a3 3 0 100-6 3 3 0 000 6zM8 11a6 6 0 016 6H2a6 6 0 016-6zM16 7a1 1 0 10-2 0v1h-1a1 1 0 100 2h1v1a1 1 0 102 0v-1h1a1 1 0 100-2h-1V7z" />
-                    </svg>
-                    <span class="mx-2"><%= gettext("Follow") %></span>
-                  <% end %>
+              <div class="flex space-x-2 items-center">
+                <%= if Rauversion.Accounts.is_child_of?(@current_user, @profile.id) do %>
+                  <a
+                    href={"/onbehalf/#{@profile.username}"}
+                    class="inline-flex items-center px-4 py-2 border border-brand-300 shadow-sm text-base font-medium rounded-md text-brand-700 bg-white hover:bg-brand-50 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-indigo-500"
+                  >
+                    <%= gettext("act on behalf") %>
+                  </a>
                 <% end %>
+
+                <div class="flex items-center md:ml-12">
+                  <%= if @user_follow do %>
+                    <%= link to: "#", phx_click: "unfollow-user", class: "inline-flex items-center px-4 py-2 border border-brand-300 shadow-sm text-base font-medium rounded-md text-brand-700 bg-white hover:bg-brand-50 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-indigo-500" do %>
+                      <svg
+                        xmlns="http://www.w3.org/2000/svg"
+                        class="h-5 w-5"
+                        viewbox="0 0 20 20"
+                        fill="currentColor"
+                      >
+                        <path
+                          fillRule="evenodd"
+                          d="M16.707 5.293a1 1 0 010 1.414l-8 8a1 1 0 01-1.414 0l-4-4a1 1 0 011.414-1.414L8 12.586l7.293-7.293a1 1 0 011.414 0z"
+                          clipRule="evenodd"
+                        />
+                      </svg>
+                      <span class="mx-2"><%= gettext("Following") %></span>
+                    <% end %>
+                  <% else %>
+                    <%= link to: "#", phx_click: "follow-user", class: "inline-flex items-center px-4 py-2 border border-transparent text-base font-medium rounded-md shadow-sm text-white bg-brand-600 hover:bg-brand-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-brand-500" do %>
+                      <svg
+                        xmlns="http://www.w3.org/2000/svg"
+                        class="h-5 w-5"
+                        view-box="0 0 20 20"
+                        fill="currentColor"
+                      >
+                        <path d="M8 9a3 3 0 100-6 3 3 0 000 6zM8 11a6 6 0 016 6H2a6 6 0 016-6zM16 7a1 1 0 10-2 0v1h-1a1 1 0 100 2h1v1a1 1 0 102 0v-1h1a1 1 0 100-2h-1V7z" />
+                      </svg>
+                      <span class="mx-2"><%= gettext("Follow") %></span>
+                    <% end %>
+                  <% end %>
+                </div>
               </div>
             <% end %>
 

diff --git a/lib/rauversion_web/router.ex b/lib/rauversion_web/router.ex
@@ -156,6 +156,8 @@ defmodule RauversionWeb.Router do
     get "/users/invite", UserInvitationController, :new
     post "/users/invite", UserInvitationController, :create
 
+    get "/onbehalf/:username", LabelAuthController, :add
+
     get "/webpayplus/mall/create", TbkController, :mall_create
     post "/webpayplus/mall/create", TbkController, :send_mall_create
     post "/webpayplus/mall/return_url", TbkController, :mall_commit

diff --git a/lib/rauversion_web/templates/layout/_user_menu.html.heex b/lib/rauversion_web/templates/layout/_user_menu.html.heex
@@ -2,6 +2,10 @@
   <div class="max-w-7xl mx-auto px-2 sm:px-4 lg:px-8">
     <div class="flex justify-between h-16">
       <div class="flex items-center px-2 lg:px-0">
+
+        aaa
+        <%= Jason.encode!(Plug.Conn.get_session(@conn, "parent_user")) %>
+        bbb
         <div class="flex-shrink-0 flex items-center">
           <%= live_redirect to: "/", class: "flex items-center space-x-3 text-white sm:text-2xl text-sm font-extrabold" do %>
             <img class="h-12 w-auto" src={Routes.static_path(@conn, "/images/logo.png")} alt="" />