feat: basic admin features and blog migration

lib/tr/accounts/user.ex

@@ -13,6 +13,7 @@ defmodule Tr.Accounts.User do
     field :accept_emails, :boolean
     field :display_name, :string
     field :avatar_url, :string
+    field :admin, :boolean, default: false
 
     timestamps()
 

lib/tr/post.ex

@@ -87,6 +87,24 @@ defmodule Tr.Post do
     Repo.preload(comments, :user)
   end
 
+  @doc """
+  Returns the list of unapproved comments.
+
+  ## Examples
+
+      iex> get_unapproved_comments()
+      [%Comment{}, ...]
+
+  """
+  def get_unapproved_comments do
+    query =
+      from p in Tr.Post.Comment,
+        where: not p.approved
+
+    comments = Repo.all(query)
+    Repo.preload(comments, :user)
+  end
+
   @doc """
   Gets a single comment.
 
@@ -173,6 +191,22 @@ defmodule Tr.Post do
     Repo.delete(comment)
   end
 
+  @doc """
+  Approve a comment.
+
+  ## Examples
+
+      iex> approve_comment(comment)
+      {:ok, %Comment{}}
+
+      iex> approve_comment(comment)
+      {:error, %Ecto.Changeset{}}
+
+  """
+  def approve_comment(%Comment{} = comment) do
+    update_comment(comment, %{approved: true})
+  end
+
   @doc """
   Returns an `%Ecto.Changeset{}` for tracking comment changes.
 

lib/tr/post/comment.ex

@@ -9,6 +9,7 @@ defmodule Tr.Post.Comment do
     field :slug, :string
     field :body, :string
     field :parent_comment_id, :integer, default: nil
+    field :approved, :boolean, default: false
 
     timestamps()
 
@@ -18,7 +19,7 @@ defmodule Tr.Post.Comment do
   @doc false
   def changeset(comment, attrs) do
     comment
-    |> cast(attrs, [:slug, :body, :user_id, :parent_comment_id])
+    |> cast(attrs, [:slug, :body, :user_id, :parent_comment_id, :approved])
     |> validate_required([:slug, :body, :user_id])
   end
 end

lib/tr_web/admin.ex

@@ -0,0 +1,19 @@
+defmodule TrWeb.Hooks.AllowAdmin do
+  @moduledoc """
+  Sandbox configuration for integration tests
+  """
+  import Phoenix.LiveView
+
+  def on_mount(:default, _params, _session, socket) do
+    {:cont, socket}
+  end
+
+  def on_mount(:require_admin_user, _params, session, socket) do
+    user = Tr.Accounts.get_user_by_session_token(session["user_token"])
+
+    case user.admin == true do
+      true -> {:cont, socket}
+      _ -> {:halt, redirect(socket, to: "/")}
+    end
+  end
+end

lib/tr_web/components/layouts/app.html.heex

@@ -20,6 +20,16 @@
               Log out
             </.link>
           </li>
+          <%= if @current_user.admin do %>
+            <li>
+              <.link
+                href={~p"/admin/dashboard"}
+                class="text-[1.25rem] leading-6 text-zinc-900 font-semibold hover:text-zinc-700"
+              >
+                Dashboard
+              </.link>
+            </li>
+          <% end %>
         <% else %>
           <li>
             <.link

lib/tr_web/controllers/page_controller.ex

@@ -4,6 +4,6 @@ defmodule TrWeb.PageController do
   alias Tr.Blog
 
   def index(conn, _params) do
-    render(conn, :home, posts: Blog.all_posts())
+    render(conn, :home, posts: Blog.recent_posts())
   end
 end

lib/tr_web/controllers/page_html/home.html.heex

@@ -57,10 +57,10 @@
     <h2>Resources</h2>
     <ul>
       <li>
-        <a href="https://techsquad.rocks">Main blog</a>
+        <a href="https://techsquad.rocks/blog">This blog</a>
       </li>
       <li>
-        <a href="https://tr.techsquad.rocks/blog">This blog</a>
+        <a href="https://legacy.techsquad.rocks">Legacy blog</a>
       </li>
       <li>
         <a href="https://github.com/kainlite/tr">Github repository</a>

lib/tr_web/live/dashboard_live.ex

@@ -0,0 +1,96 @@
+defmodule TrWeb.DashboardLive do
+  @moduledoc """
+  This module is responsible for managing the admin dashboard
+  """
+
+  use TrWeb, :live_view
+
+  @impl true
+  def mount(_params, _session, socket) do
+    if connected?(socket) do
+      Phoenix.PubSub.subscribe(Tr.PubSub, "#admin-dashboard")
+    end
+
+    {:ok, assign(socket, :comments, Tr.Post.get_unapproved_comments())}
+  end
+
+  @impl true
+  def render(assigns) do
+    ~H"""
+    <div class="mx-auto">
+      <h2>Admin Dashboard</h2>
+
+      <table>
+        <tr>
+          <th>Email</th>
+          <th>Post</th>
+          <th>Body</th>
+          <th>Actions</th>
+        </tr>
+        <%= for {record, index} <- Enum.with_index(@comments) do %>
+          <tr>
+            <td><%= index %></td>
+            <td><%= record.user.email %></td>
+            <td><%= record.slug %></td>
+            <td><%= record.body %></td>
+            <td>
+              <.link
+                class="text-[1.25rem] leading-6 text-zinc-900 font-semibold hover:text-zinc-700"
+                phx-click="approve_comment"
+                phx-value-slug={record.slug}
+                phx-value-comment-id={record.id}
+                data-confirm="Are you sure?"
+              >
+                ✔️
+              </.link>
+              <.link
+                class="text-[1.25rem] leading-6 text-zinc-900 font-semibold hover:text-zinc-700"
+                phx-click="delete_comment"
+                phx-value-slug={record.slug}
+                phx-value-comment-id={record.id}
+                data-confirm="Are you sure?"
+              >
+                ❌
+              </.link>
+            </td>
+          </tr>
+        <% end %>
+      </table>
+    </div>
+    """
+  end
+
+  @impl true
+  def handle_event("approve_comment", params, socket) do
+    comment_id = Map.get(params, "comment-id")
+    comment = Tr.Post.get_comment(comment_id)
+
+    broadcast(Tr.Post.approve_comment(comment))
+    {:noreply, socket}
+  end
+
+  @impl true
+  def handle_event("delete_comment", params, socket) do
+    comment_id = Map.get(params, "comment-id")
+    comment = Tr.Post.get_comment(comment_id)
+    broadcast(Tr.Post.delete_comment(comment))
+
+    {:noreply, socket}
+  end
+
+  @impl true
+  def handle_info(comment, socket) do
+    comments =
+      Enum.filter(socket.assigns.comments, fn item ->
+        item.id != comment.id
+      end)
+
+    {:noreply, assign(socket, :comments, comments)}
+  end
+
+  defp broadcast({:ok, message}) do
+    Phoenix.PubSub.broadcast(Tr.PubSub, "#admin-dashboard", message)
+
+    {:ok, message}
+  end
+end

lib/tr_web/live/post_live.ex

@@ -7,8 +7,6 @@ defmodule TrWeb.PostLive do
 
   @topic "users:connected"
 
-  on_mount {TrWeb.UserAuth, :mount_current_user}
-
   @impl true
   def mount(params, _session, socket) do
     changeset = Tr.Post.change_comment(%Tr.Post.Comment{})

lib/tr_web/router.ex

@@ -45,7 +45,8 @@ defmodule TrWeb.Router do
     end
   end
 
-  live_session :default, on_mount: TrWeb.Hooks.AllowEctoSandbox do
+  live_session :default,
+    on_mount: [{TrWeb.Hooks.AllowEctoSandbox, :default}, {TrWeb.UserAuth, :mount_current_user}] do
     scope "/blog", TrWeb do
       pipe_through :browser
 
@@ -54,14 +55,28 @@ defmodule TrWeb.Router do
     end
   end
 
+  scope "/admin", TrWeb do
+    pipe_through [:browser, :require_admin_user]
+
+    live_session :require_admin_user,
+      on_mount: [
+        {TrWeb.Hooks.AllowAdmin, :require_admin_user},
+        {TrWeb.Hooks.AllowEctoSandbox, :default},
+        {TrWeb.UserAuth, :mount_current_user}
+      ] do
+      live "/dashboard", DashboardLive, :index
+    end
+  end
+
   ## Authentication routes
   scope "/", TrWeb do
     pipe_through [:browser, :redirect_if_user_is_authenticated]
 
     live_session :redirect_if_user_is_authenticated,
       on_mount: [
         {TrWeb.UserAuth, :redirect_if_user_is_authenticated},
-        {TrWeb.Hooks.AllowEctoSandbox, :default}
+        {TrWeb.Hooks.AllowEctoSandbox, :default},
+        {TrWeb.UserAuth, :mount_current_user}
       ] do
       live "/users/register", UserRegistrationLive, :new
       live "/users/log_in", UserLoginLive, :new
@@ -78,7 +93,8 @@ defmodule TrWeb.Router do
     live_session :require_authenticated_user,
       on_mount: [
         {TrWeb.UserAuth, :ensure_authenticated},
-        {TrWeb.Hooks.AllowEctoSandbox, :default}
+        {TrWeb.Hooks.AllowEctoSandbox, :default},
+        {TrWeb.UserAuth, :mount_current_user}
       ] do
       live "/users/settings", UserSettingsLive, :edit
       live "/users/settings/confirm_email/:token", UserSettingsLive, :confirm_email
@@ -91,7 +107,11 @@ defmodule TrWeb.Router do
     delete "/users/log_out", UserSessionController, :delete
 
     live_session :current_user,
-      on_mount: [{TrWeb.UserAuth, :mount_current_user}, {TrWeb.Hooks.AllowEctoSandbox, :default}] do
+      on_mount: [
+        {TrWeb.UserAuth, :mount_current_user},
+        {TrWeb.Hooks.AllowEctoSandbox, :default},
+        {TrWeb.UserAuth, :mount_current_user}
+      ] do
       live "/users/confirm/:token", UserConfirmationLive, :edit
       live "/users/confirm", UserConfirmationInstructionsLive, :new
     end

lib/tr_web/user_auth.ex

@@ -215,6 +215,17 @@ defmodule TrWeb.UserAuth do
     end
   end
 
+  def require_admin_user(conn, _opts) do
+    if conn.assigns[:current_user] && conn.assigns[:current_user].admin do
+      conn
+    else
+      conn
+      |> put_flash(:error, "You must be an admin to access this page.")
+      |> redirect(to: ~p"/")
+      |> halt()
+    end
+  end
+
   defp put_token_in_session(conn, token) do
     conn
     |> put_session(:user_token, token)

manifests/app/04-ingress.yaml

@@ -15,6 +15,7 @@ metadata:
 spec:
   tls:
   - hosts:
+      - techsquad.rocks
       - tr.techsquad.rocks
       - blog.techsquad.rocks
     secretName: tr-prod-tls
@@ -39,3 +40,13 @@ spec:
             name: tr
             port:
               number: 4000
+  - host: techsquad.rocks
+    http:
+      paths:
+      - pathType: Prefix
+        path: "/"
+        backend:
+          service:
+            name: tr
+            port:
+              number: 4000