glimesh.tv/lib/glimesh/api/scopes.ex at a20341df2dede9051e228361edc5faca50ff0533 · aMytho/glimesh.tv · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
defmodule Glimesh.Api.Scopes do
  @moduledoc """
  Glimesh Scopes Policy
  """

  @behaviour Bodyguard.Policy

  alias Glimesh.Accounts.User
  alias Glimesh.Api.Access

  def authorize(:public, %Access{} = ua, _params), do: scope_check(ua, :public)

  def authorize(:email, %Access{} = ua, %User{} = accessing_user) do
    scope_check(ua, :email) && ua.user.id == accessing_user.id
  end

  def authorize(:chat, %Access{} = ua, _params), do: scope_check(ua, :chat)
  def authorize(:streamkey, %Access{} = ua, _params), do: scope_check(ua, :streamkey)
  def authorize(:follow, %Access{} = ua, _params), do: scope_check(ua, :follow)
  def authorize(:stream_info, %Access{} = ua, _params), do: scope_check(ua, :stream_info)
  def authorize(:interactive, %Access{} = ua, _params), do: scope_check(ua, :interactive)

  def authorize(:stream_mutations, %Access{is_admin: true}, _params) do
    true
  end

  def authorize(_, _, _), do: false

  defp scope_check(%Access{} = ua, scope) do
    # Verifies the key exists AND is true
    Map.get(ua.scopes, scope, false) == true
  end
end