Phoenix Channels - broadcasting from controller -

2019-07-20 19:45发布

站内问答 / 后端开发
1324 1 4

I have an app where I broadcast some submissions for forms in the submission_controller, like this:

Formerer.Endpoint.broadcast("forms:#{form.id}", "new_submission", payload)

However, what I try to do now, is to make sure that only the current_user has access to the submissions broadcasted for its forms. (eg, current_user will have no way to see the submission for "forms:2" if form 2 belongs to another user).

I manage to do this in the channel join action by filtering the forms only for the user id which I assigned to the channel in the connect action:

user = Repo.get(Formerer.User, socket.assigns.user_id)

But for the broadcast I have no socket available.

My questions:

  1. Is there a way to find somehow the socket by the channel topic? something like:

    %Phoenix.Socket{assigns: %{user_id: user_id}, topic: "forms:1"} = ALL_OPEN_SOCKETS?!

After that I could just see if user_id == submission.user_id, and broadcast if true

  1. If that is not possible, what would be a best practice to do this, and to ensure only the current_user has access to their form submissions?

1条回答
SAY GOODBYE
2楼-- · 2019-07-20 20:14

use the intercept api and create a handle_out function for the event. In the handle_out function you will have the socket. You can verify the user_id stored there. It its correct, push socket, event, message, otherwise do nothing except {:ok, socket}.

Edit

Here is a code example:

defmodule MyApp.Web.UserChannel do
  Use MyApp.Web, :channel

  intercept ["new_submission"]

  def handle_out("new_submission", msg, socket) do
    if msg[:user_id] == socket.assigns[:user_id] do
      push socket, "new_submission, msg
    end
    {:noreply, socket}
  end
end

Then you can just broadcast on the new_submission event anywhere and the socket will channel will take care of pushing the event out only three user defined in the payload.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)