accept all, add admin role

2015-10-06 22:56:57 +02:00 · 2015-10-06 22:56:57 +02:00 · 5aba62400b
commit 5aba62400b
parent 010d582eae
3 changed files with 10 additions and 2 deletions
--- a/Foundation.hs
+++ b/Foundation.hs
@ -63,7 +63,7 @@ isTrusted user =
    "romang@amu.edu.pl" -> True
    "junczys@amu.edu.pl" -> True
    "rafalj@amu.edu.pl" -> True
-    _ -> False
+    _ -> True



@ -172,6 +172,7 @@ instance YesodAuth App where
                    { userIdent = credsIdent creds
                    , userPassword = Nothing
                    , userName = Nothing
+                    , userIsAdmin = False
                    }

    -- You can add other plugins like BrowserID, email or OAuth here
--- a/Handler/CreateChallenge.hs
+++ b/Handler/CreateChallenge.hs
@ -33,7 +33,13 @@ postCreateChallengeR = do
            _ -> Nothing
        Just (name, publicUrl, publicBranch, privateUrl, privateBranch) = challengeData

-    runViewProgress $ doCreateChallenge name publicUrl publicBranch privateUrl privateBranch
+    userId <- requireAuthId
+    user <- runDB $ get404 userId
+    if userIsAdmin user
+      then
+        runViewProgress $ doCreateChallenge name publicUrl publicBranch privateUrl privateBranch
+      else
+        runViewProgress $ (flip err) "MUST BE AN ADMIN TO CREATE A CHALLENGE"

 doCreateChallenge :: Text -> Text -> Text -> Text -> Text -> Channel -> Handler ()
 doCreateChallenge name publicUrl publicBranch privateUrl privateBranch chan = do
--- a/config/models
+++ b/config/models
@ -3,6 +3,7 @@ User
    password Text Maybe
    UniqueUser ident
    name Text Maybe
+    isAdmin Bool default=True
    deriving Typeable
 Email
    email Text