From 73a5f6155ccc5ff47cde3d106032514d0e253df7 Mon Sep 17 00:00:00 2001 From: Rui Oliveira Date: Fri, 14 Feb 2025 15:17:49 +0000 Subject: [PATCH 1/2] fix: disallow attendees to have multiple credentials --- lib/safira/accounts.ex | 10 +++++----- lib/safira/accounts/credential.ex | 1 + lib/safira_web/plugs/user_roles.ex | 2 +- .../migrations/20240919141626_create_credentials.exs | 2 +- 4 files changed, 8 insertions(+), 7 deletions(-) diff --git a/lib/safira/accounts.ex b/lib/safira/accounts.ex index 51ca03e7b..45de12d25 100644 --- a/lib/safira/accounts.ex +++ b/lib/safira/accounts.ex @@ -1031,21 +1031,21 @@ defmodule Safira.Accounts do end @doc """ - Gets a single credential associated to the given attendee. + Checks if an attendee has a credential linked to their account. ## Examples - iex> get_credential_of_attendee(%Attendee{}) + iex> attendee_has_credential?(%Attendee{}) %Credential{} - iex> get_credential_of_attendee!(%Attendee{}) + iex> attendee_has_credential?(%Attendee{}) nil """ - def get_credential_of_attendee(%Attendee{} = attendee) do + def attendee_has_credential?(%Attendee{} = attendee) do Credential |> where([c], c.attendee_id == ^attendee.id) - |> Repo.one() + |> Repo.exists?() end def generate_credentials(count) do diff --git a/lib/safira/accounts/credential.ex b/lib/safira/accounts/credential.ex index ea429768e..40a36dcc1 100644 --- a/lib/safira/accounts/credential.ex +++ b/lib/safira/accounts/credential.ex @@ -14,6 +14,7 @@ defmodule Safira.Accounts.Credential do def changeset(credential, attrs) do credential |> cast(attrs, [:attendee_id]) + |> unique_constraint(:attendee_id) |> cast_assoc(:attendee) end end diff --git a/lib/safira_web/plugs/user_roles.ex b/lib/safira_web/plugs/user_roles.ex index c12f395f3..2cf07fa54 100644 --- a/lib/safira_web/plugs/user_roles.ex +++ b/lib/safira_web/plugs/user_roles.ex @@ -53,7 +53,7 @@ defmodule SafiraWeb.UserRoles do defp has_credential?(conn) do is_nil(conn.assigns.current_user.attendee) or - not is_nil(Accounts.get_credential_of_attendee(conn.assigns.current_user.attendee)) + Accounts.attendee_has_credential?(conn.assigns.current_user.attendee) end @doc """ diff --git a/priv/repo/migrations/20240919141626_create_credentials.exs b/priv/repo/migrations/20240919141626_create_credentials.exs index 8b5aeacf0..09b8361cb 100644 --- a/priv/repo/migrations/20240919141626_create_credentials.exs +++ b/priv/repo/migrations/20240919141626_create_credentials.exs @@ -9,6 +9,6 @@ defmodule Safira.Repo.Migrations.CreateCredentials do timestamps(type: :utc_datetime) end - create index(:credentials, [:attendee_id]) + create unique_index(:credentials, [:attendee_id]) end end From 702852571abe7bb9a45d10e9f4f4aca6c0ef16e6 Mon Sep 17 00:00:00 2001 From: Rui Oliveira Date: Fri, 14 Feb 2025 15:22:40 +0000 Subject: [PATCH 2/2] fix: ci --- lib/safira/accounts.ex | 18 ------------------ lib/safira_web/plugs/user_roles.ex | 2 +- 2 files changed, 1 insertion(+), 19 deletions(-) diff --git a/lib/safira/accounts.ex b/lib/safira/accounts.ex index 45de12d25..c4f3783e3 100644 --- a/lib/safira/accounts.ex +++ b/lib/safira/accounts.ex @@ -1030,24 +1030,6 @@ defmodule Safira.Accounts do Course.changeset(course, attrs) end - @doc """ - Checks if an attendee has a credential linked to their account. - - ## Examples - - iex> attendee_has_credential?(%Attendee{}) - %Credential{} - - iex> attendee_has_credential?(%Attendee{}) - nil - - """ - def attendee_has_credential?(%Attendee{} = attendee) do - Credential - |> where([c], c.attendee_id == ^attendee.id) - |> Repo.exists?() - end - def generate_credentials(count) do for _ <- 1..count do {:ok, credential} = create_credential(%{}) diff --git a/lib/safira_web/plugs/user_roles.ex b/lib/safira_web/plugs/user_roles.ex index 2cf07fa54..4530832c6 100644 --- a/lib/safira_web/plugs/user_roles.ex +++ b/lib/safira_web/plugs/user_roles.ex @@ -53,7 +53,7 @@ defmodule SafiraWeb.UserRoles do defp has_credential?(conn) do is_nil(conn.assigns.current_user.attendee) or - Accounts.attendee_has_credential?(conn.assigns.current_user.attendee) + Accounts.attendee_has_credential?(conn.assigns.current_user.attendee.id) end @doc """