atomic/lib/atomic_web/router.ex at d65cf800616678b0275d70cd666800ee29890e83 · cesium/atomic · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
defmodule AtomicWeb.Router do
  use AtomicWeb, :router

  import AtomicWeb.UserAuth
  import PhoenixStorybook.Router

  pipeline :browser do
    plug :accepts, ["html"]
    plug :fetch_session
    plug :fetch_live_flash
    plug :put_root_layout, {AtomicWeb.LayoutView, :root}
    plug :protect_from_forgery
    plug :put_secure_browser_headers
    plug :fetch_current_user
  end

  # Authorization pipelines

  pipeline :admin do
    plug AtomicWeb.Plugs.Authorize, :admin
  end

  pipeline :master do
    plug AtomicWeb.Plugs.Authorize, :master
  end

  # Association verification pipelines

  pipeline :confirm_activity_association do
    plug AtomicWeb.Plugs.VerifyAssociation, &Atomic.Activities.get_activity!/1
  end

  pipeline :confirm_announcement_association do
    plug AtomicWeb.Plugs.VerifyAssociation, &Atomic.Organizations.get_announcement!/1
  end

  pipeline :confirm_department_association do
    plug AtomicWeb.Plugs.VerifyAssociation, &Atomic.Departments.get_department!/1
  end

  pipeline :confirm_partner_association do
    plug AtomicWeb.Plugs.VerifyAssociation, &Atomic.Partners.get_partner!/1
  end

  ## Admin routes

  scope "/", AtomicWeb do
    pipe_through [
      :browser,
      :require_authenticated_user,
      :require_confirmed_user,
      :require_finished_user_setup,
      :admin
    ]

    live_session :admin, on_mount: [{AtomicWeb.Hooks, :current_user_state}] do
      live "/organizations/new", OrganizationLive.New, :new

      scope "/organizations/:organization_id" do
        live "/edit", OrganizationLive.Edit, :edit
        live "/certificate", OrganizationLive.CertificateLive.Index, :index

        scope "/activities" do
          pipe_through :confirm_activity_association
          live "/new", ActivityLive.New, :new
          live "/:id/edit", ActivityLive.Edit, :edit
        end

        scope "/announcements" do
          pipe_through :confirm_announcement_association
          live "/new", AnnouncementLive.New, :new
          live "/:id/edit", AnnouncementLive.Edit, :edit
        end

        scope "/departments" do
          pipe_through :confirm_department_association
          live "/new", DepartmentLive.Edit, :new
          live "/:id/edit", DepartmentLive.Edit, :edit
          live "/:id/collaborators/:collaborator_id/edit", DepartmentLive.Show, :edit_collaborator
        end

        scope "/partners" do
          pipe_through :confirm_partner_association
          live "/new", PartnerLive.Edit, :new
          live "/:id/edit", PartnerLive.Edit, :edit
        end
      end
    end
  end

  ## Normal user routes

  scope "/", AtomicWeb do
    pipe_through :browser

    live_session :user, on_mount: [{AtomicWeb.Hooks, :current_user_state}] do
      live "/", HomeLive.Index, :index
      live "/calendar", CalendarLive.Show, :show
      live "/activities", ActivityLive.Index, :index
      live "/organizations", OrganizationLive.Index, :index
      live "/announcements", AnnouncementLive.Index, :index
      live "/tos", TermsLive.Show, :show
      live "/privacy", PrivacyLive.Show, :show
      live "/cookies", CookiesLive.Show, :show

      live "/activities/:id", ActivityLive.Show, :show
      live "/organizations/:organization_id", OrganizationLive.Show, :show
      live "/announcements/:id", AnnouncementLive.Show, :show

      live "/profile/:slug", ProfileLive.Show, :show

      pipe_through [
        :require_authenticated_user,
        :require_confirmed_user,
        :require_finished_user_setup
      ]

      live "/profile/:slug/edit", ProfileLive.Edit, :edit

      live "/scanner", ScannerLive.Index, :index

      get "/users/change_password", UserChangePasswordController, :edit
      put "/users/change_password", UserChangePasswordController, :update

      live "/users/confirm_email/:token", ProfileLive.Edit, :confirm_email

      scope "/organizations/:organization_id" do
        scope "/departments" do
          pipe_through :confirm_department_association
          live "/", DepartmentLive.Index, :index
          live "/:id", DepartmentLive.Show, :show
        end

        scope "/partners" do
          pipe_through :confirm_partner_association
          live "/", PartnerLive.Index, :index
          live "/:id", PartnerLive.Show, :show
        end

        scope "/announcements" do
          pipe_through :confirm_announcement_association
          live "/", AnnouncementLive.Index, :index
          live "/:id", AnnouncementLive.Show, :show
        end
      end

      # Only masters can create organizations
      pipe_through [:master]
      live "/organizations/new", OrganizationLive.New, :new
    end
  end

  ## Authentication routes

  scope "/", AtomicWeb do
    pipe_through [:browser, :redirect_if_user_is_authenticated]

    scope "/users" do
      get "/register", UserRegistrationController, :new
      post "/register", UserRegistrationController, :create

      get "/log_in", UserSessionController, :new
      post "/log_in", UserSessionController, :create

      get "/reset_password", UserResetPasswordController, :new
      post "/reset_password", UserResetPasswordController, :create
      get "/reset_password/:token", UserResetPasswordController, :edit
      put "/reset_password/:token", UserResetPasswordController, :update
    end
  end

  scope "/", AtomicWeb do
    pipe_through [
      :browser,
      :require_authenticated_user,
      :redirect_if_user_has_finished_account_setup
    ]

    get "/users/setup", UserSetupController, :edit
    put "/users/setup", UserSetupController, :finish
  end

  scope "/", AtomicWeb do
    pipe_through :browser

    scope "/users" do
      delete "/log_out", UserSessionController, :delete

      get "/confirm", UserConfirmationController, :new
      post "/confirm", UserConfirmationController, :create
      get "/confirm/:token", UserConfirmationController, :edit
      post "/confirm/:token", UserConfirmationController, :update
    end
  end

  # Enables the Swoosh mailbox preview in development.
  #
  # Note that preview only shows emails that were sent by the same
  # node running the Phoenix server.
  if Mix.env() == :dev do
    scope "/dev" do
      pipe_through :browser

      forward "/mailbox", Plug.Swoosh.MailboxPreview
    end
  end

  # Enables the Storybook components collection in development.
  #
  # Check the PhoenixStorybook documentation for more information.
  if Mix.env() == :dev do
    scope "/" do
      storybook_assets()
    end

    scope "/", AtomicWeb do
      pipe_through :browser

      live_storybook("/storybook", backend_module: AtomicWeb.Storybook)
    end
  end

  # Enables LiveDashboard only for development
  #
  # If you want to use the LiveDashboard in production, you should put
  # it behind authentication and allow only admins to access it.
  # If your application does not have an admins-only section yet,
  # you can use Plug.BasicAuth to set up some basic authentication
  # as long as you are also using SSL (which you should anyway).
  if Mix.env() in [:dev, :test] do
    import Phoenix.LiveDashboard.Router

    scope "/" do
      pipe_through :browser

      live_dashboard "/dashboard", metrics: AtomicWeb.Telemetry
    end
  end
end