From 77d572796ca940e3eb5edd1192f8cd127286284e Mon Sep 17 00:00:00 2001
From: Logan Hunt <loganhunt@simponic.xyz>
Date: Wed, 13 Apr 2022 13:13:41 -0600
Subject: [PATCH] Update roles and list posts from room

---
 lib/aggiedit/roles.ex                    |  3 +++
 lib/aggiedit/rooms.ex                    | 13 ++++------
 lib/aggiedit_web/live/post_live/index.ex | 30 ++++++++++++++++--------
 lib/aggiedit_web/live/post_live/show.ex  |  2 +-
 lib/aggiedit_web/router.ex               |  2 +-
 5 files changed, 29 insertions(+), 21 deletions(-)

diff --git a/lib/aggiedit/roles.ex b/lib/aggiedit/roles.ex
index e50b53b..3ec6bfd 100644
--- a/lib/aggiedit/roles.ex
+++ b/lib/aggiedit/roles.ex
@@ -1,10 +1,13 @@
 defmodule Aggiedit.Roles do
   alias Aggiedit.Accounts.User
   alias Aggiedit.Rooms.Post
+  alias Aggiedit.Rooms.Room
 
   def guard?(user, action, object)
   def guard?(%User{role: :admin}, _, _), do: true
+  def guard?(%User{room_id: rid}, :index, %Room{id: rid}), do: true
   def guard?(%User{room_id: rid}, :show, %Post{room_id: rid}), do: true
   def guard?(%User{id: id, room_id: rid}, action, %Post{user_id: id, room_id: rid}) when action in [:delete, :edit], do: true
   def guard?(_, _, _), do: false
+
 end
\ No newline at end of file
diff --git a/lib/aggiedit/rooms.ex b/lib/aggiedit/rooms.ex
index 8f2e39f..1eb09f9 100644
--- a/lib/aggiedit/rooms.ex
+++ b/lib/aggiedit/rooms.ex
@@ -112,19 +112,14 @@ defmodule Aggiedit.Rooms do
 
   alias Aggiedit.Rooms.Post
 
-  @doc """
-  Returns the list of posts.
-
-  ## Examples
-
-      iex> list_posts()
-      [%Post{}, ...]
-
-  """
   def list_posts do
     Repo.all(Post)
   end
 
+  def posts_in_room(room_id) do
+    Repo.all((from p in Post, where: p.room_id == ^room_id, select: p))
+  end
+
   @doc """
   Gets a single post.
 
diff --git a/lib/aggiedit_web/live/post_live/index.ex b/lib/aggiedit_web/live/post_live/index.ex
index d48ce67..e78342d 100644
--- a/lib/aggiedit_web/live/post_live/index.ex
+++ b/lib/aggiedit_web/live/post_live/index.ex
@@ -1,27 +1,38 @@
 defmodule AggieditWeb.PostLive.Index do
   use AggieditWeb, :live_view
 
+  alias Aggiedit.Accounts.User
   alias Aggiedit.Roles
   alias Aggiedit.Rooms
-  alias Aggiedit.Rooms.Post
+  alias Aggiedit.Rooms.{Post, Room}
   alias Aggiedit.Repo
 
   @impl true
-  def mount(_params, session, socket) do
+  def mount(%{"id" => room_id} = params, session, socket) do
     socket = assign_socket_user(session, socket)
     case socket.assigns do
-      %{:current_user => user} -> {:ok, assign(socket, :posts, list_posts())}
+      %{:current_user => user} -> 
+        room = Rooms.get_room!(room_id)
+        case Roles.guard?(socket.assigns.current_user, socket.assigns.live_action, room) do
+          true -> {:ok, assign(socket, :posts, list_posts(room))}
+          _ -> {:ok, socket |> put_flash(:error, "You cannot view that room") |> redirect(to: Routes.page_path(socket, :index))}
+        end
       _ -> {:ok, socket |> put_flash(:error, "You must log in to access this page.") |> redirect(to: Routes.user_session_path(socket, :new))}
     end
+
   end
 
   @impl true
   def handle_params(%{"id" => id}=params, _url, socket) do
-    post = Rooms.get_post!(id)
-    if Roles.guard?(socket.assigns.current_user, socket.assigns.live_action, post) do
-      {:noreply, apply_action(socket, socket.assigns.live_action, params)}
+    if socket.assigns.live_action != :index do
+      post = Rooms.get_post!(id)
+      if Roles.guard?(socket.assigns.current_user, socket.assigns.live_action, post) do
+        {:noreply, apply_action(socket, socket.assigns.live_action, params)}
+      else
+        {:noreply, socket |> put_flash(:error, "You do not have permission to edit this post.") |> redirect(to: Routes.post_index_path(socket, :index))}
+      end
     else
-      {:noreply, socket |> put_flash(:error, "You do not have permission to edit this post.") |> redirect(to: Routes.post_index_path(socket, :index))}
+      {:noreply, socket}
     end
   end
 
@@ -31,7 +42,6 @@ defmodule AggieditWeb.PostLive.Index do
     {:noreply, apply_action(socket, socket.assigns.live_action, params)}
   end
 
-
   defp apply_action(socket, :edit, %{"id" => id}=params) do
     socket
     |> assign(:page_title, "Edit Post")
@@ -61,7 +71,7 @@ defmodule AggieditWeb.PostLive.Index do
     end
   end
 
-  defp list_posts do
-    Rooms.list_posts()
+  defp list_posts(%Room{id: room_id}) do
+    Rooms.posts_in_room(room_id)
   end
 end
diff --git a/lib/aggiedit_web/live/post_live/show.ex b/lib/aggiedit_web/live/post_live/show.ex
index 748c6ea..ea9c134 100644
--- a/lib/aggiedit_web/live/post_live/show.ex
+++ b/lib/aggiedit_web/live/post_live/show.ex
@@ -24,7 +24,7 @@ defmodule AggieditWeb.PostLive.Show do
       |> assign(:page_title, page_title(socket.assigns.live_action))
       |> assign(:post, post)}
     else
-      {:noreply, socket |> put_flash(:error, "You don't have permission to do that.") |> redirect(to: Routes.post_show_path(socket, :index))}
+      {:noreply, socket |> put_flash(:error, "You don't have permission to do that.") |> redirect(to: Routes.post_show_path(socket, post))}
     end
   end
 
diff --git a/lib/aggiedit_web/router.ex b/lib/aggiedit_web/router.ex
index 99aee90..1ac0a0f 100644
--- a/lib/aggiedit_web/router.ex
+++ b/lib/aggiedit_web/router.ex
@@ -25,7 +25,7 @@ defmodule AggieditWeb.Router do
 
   scope "/", AggieditWeb do
     pipe_through [:browser, :require_authenticated_user]
-    live "/posts", PostLive.Index, :index
+    live "/posts/room/:id", PostLive.Index, :index
     live "/posts/new", PostLive.Index, :new
     live "/posts/:id/edit", PostLive.Index, :edit