From 3dc2795f6668a94a06e25aa20ddf54e28693e139 Mon Sep 17 00:00:00 2001 From: Manuel Martin Date: Fri, 23 Jun 2023 16:49:17 +0200 Subject: [PATCH] Auth permission updates --- lib/ret_web/channels/hub_channel.ex | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/lib/ret_web/channels/hub_channel.ex b/lib/ret_web/channels/hub_channel.ex index 1f5c2156c..6367c566d 100644 --- a/lib/ret_web/channels/hub_channel.ex +++ b/lib/ret_web/channels/hub_channel.ex @@ -297,17 +297,23 @@ defmodule RetWeb.HubChannel do account = Guardian.Phoenix.Socket.current_resource(socket) hub = socket |> hub_for_socket - if (type != "photo" and type != "video") or account |> can?(spawn_camera(hub)) do - broadcast!( - socket, - event, - payload - |> Map.delete("session_id") - |> Map.put(:session_id, socket.assigns.session_id) - |> payload_with_from(socket) - ) + if (type == "photo" and type == "video" and + account + |> can?(spawn_camera(hub)) + |> Kernel.not()) or + (type == "permission" and hub |> Ret.Hub.is_owner?(account.account_id) |> Kernel.not()) do + {:noreply, socket} end + broadcast!( + socket, + event, + payload + |> Map.delete("session_id") + |> Map.put(:session_id, socket.assigns.session_id) + |> payload_with_from(socket) + ) + {:noreply, socket} end