From 23397763a77951f4a3c19ec64b3907139584491f Mon Sep 17 00:00:00 2001
From: Griffin Smith <grfn@gws.fyi>
Date: Sun, 19 Dec 2021 00:04:15 -0500
Subject: feat(grfn/bbbg): Require auth for a bunch of stuff

Only authenticated users should be allowed to create events, etc.

Change-Id: I1f560365dbf583cf6cecf4a0798952f323bbd42e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4412
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
---
 users/grfn/bbbg/src/bbbg/handlers/core.clj        |  5 +++++
 users/grfn/bbbg/src/bbbg/handlers/events.clj      | 20 +++++++++++++-------
 users/grfn/bbbg/src/bbbg/handlers/home.clj        |  2 ++
 users/grfn/bbbg/src/bbbg/handlers/signup_form.clj | 16 +++++++++-------
 4 files changed, 29 insertions(+), 14 deletions(-)

(limited to 'users')

diff --git a/users/grfn/bbbg/src/bbbg/handlers/core.clj b/users/grfn/bbbg/src/bbbg/handlers/core.clj
index 3226a221ef81..f93904e4ff32 100644
--- a/users/grfn/bbbg/src/bbbg/handlers/core.clj
+++ b/users/grfn/bbbg/src/bbbg/handlers/core.clj
@@ -35,6 +35,11 @@
 (defn authenticated? [request]
   (some? (get-in request [:session ::user/id])))
 
+(defn wrap-auth-required [handler]
+  (fn [req]
+    (when (authenticated? req)
+      (handler req))))
+
 (comment
   (render-page
    [:h1 "hi"])
diff --git a/users/grfn/bbbg/src/bbbg/handlers/events.clj b/users/grfn/bbbg/src/bbbg/handlers/events.clj
index 653c8ab45d3d..478cc6b050c4 100644
--- a/users/grfn/bbbg/src/bbbg/handlers/events.clj
+++ b/users/grfn/bbbg/src/bbbg/handlers/events.clj
@@ -3,15 +3,19 @@
    [bbbg.db :as db]
    [bbbg.db.event :as db.event]
    [bbbg.event :as event]
-   [bbbg.handlers.core :refer [page-response]]
+   [bbbg.handlers.core :refer [page-response authenticated? wrap-auth-required]]
    [compojure.core :refer [context GET POST]]
    [ring.util.response :refer [redirect]]
    [bbbg.views.flash :as flash]))
 
-(defn events-index [events]
-  [:ul.events-list
-   (for [event events]
-     [:li (::event/date event)])])
+(defn events-index [{:keys [events authenticated?]}]
+  [:div
+   (when authenticated?
+     [:a {:href "/events/new"}
+      "Create New Event"])
+   [:ul.events-list
+    (for [event events]
+      [:li (::event/date event)])]])
 
 (defn event-form
   ([] (event-form {}))
@@ -29,9 +33,11 @@
 
 (defn events-routes [{:keys [db]}]
   (context "/events" []
-    (GET "/" []
+    (GET "/" request
       (let [events (db/list db :event)]
-        (events-index events)))
+        (page-response
+         (events-index {:events events
+                        :authenticated? (authenticated? request)}))))
 
     (GET "/new" [date]
       (page-response
diff --git a/users/grfn/bbbg/src/bbbg/handlers/home.clj b/users/grfn/bbbg/src/bbbg/handlers/home.clj
index 00a96f2d87f6..726f45d4905d 100644
--- a/users/grfn/bbbg/src/bbbg/handlers/home.clj
+++ b/users/grfn/bbbg/src/bbbg/handlers/home.clj
@@ -12,6 +12,8 @@
 (defn- home-page [{:keys [authenticated?]}]
   [:nav.home-nav
    [:ul
+    [:li [:a {:href "/events"}
+          "Events"]]
     [:li [:a {:href "/signup-forms"}
           "Event Signup Form"]]
     (if authenticated?
diff --git a/users/grfn/bbbg/src/bbbg/handlers/signup_form.clj b/users/grfn/bbbg/src/bbbg/handlers/signup_form.clj
index 8c4958f1035a..63218eb82a57 100644
--- a/users/grfn/bbbg/src/bbbg/handlers/signup_form.clj
+++ b/users/grfn/bbbg/src/bbbg/handlers/signup_form.clj
@@ -3,18 +3,19 @@
    [bbbg.db :as db]
    [bbbg.db.event :as db.event]
    [bbbg.event :as event]
-   [bbbg.handlers.core :refer [page-response]]
+   [bbbg.handlers.core :refer [page-response authenticated?]]
    [compojure.core :refer [GET context]]
    [java-time :refer [local-date]]
    [ring.util.response :refer [redirect]]))
 
-(defn no-events-page []
+(defn no-events-page [{:keys [authenticated?]}]
   [:div.no-events
    [:p
     "There are no events for today"]
-   [:p
-    [:a {:href (str "/events/new?date=" (str (local-date)))} "Create Event"]
-    [:a {:href "/events"} "All Events"]]])
+   (when authenticated?
+     [:p
+      [:a {:href (str "/events/new?date=" (str (local-date)))} "Create Event"]
+      [:a {:href "/events"} "All Events"]])])
 
 (defn signup-page [event]
   [:div.signup-page
@@ -46,10 +47,11 @@
 
 (defn signup-form-routes [{:keys [db]}]
   (context "/signup-forms" []
-   (GET "/" []
+   (GET "/" request
      (if-let [event (db/fetch db (db.event/today))]
        (redirect (str "/signup-forms/" (::event/id event)))
-       (page-response (no-events-page))))
+       (page-response (no-events-page
+                       {:authenticated? (authenticated? request)}))))
 
    (GET "/:event-id" [event-id]
      (if-let [event (db/get db :event event-id)]
-- 
cgit 1.4.1