feat: add permission checks for election views

- Add permission checks to the election index and election year views.
- Show election views only to users with a certain association status.
- Update nostrApp.js to entangle the 'isAllowed' state.

resources/js/nostrApp.js

@@ -1,5 +1,6 @@
 export default (livewireComponent) => ({
 
+    isAllowed: livewireComponent.entangle('isAllowed', true),
     signThisEvent: livewireComponent.entangle('signThisEvent'),
 
     init() {

resources/views/pages/association/election/[Election:year].blade.php

@@ -24,7 +24,9 @@ use function Livewire\Volt\{on};
 
 name('association.election');
 
+state(['isAllowed' => false]);
 state(['currentPubkey' => null]);
+state(['currentPleb' => null]);
 state(['events' => []]);
 state(['election' => fn() => $election]);
 state(['plebs' => []]);
@@ -50,6 +52,12 @@ mount(function () {
 on([
     'nostrLoggedIn' => function ($pubkey) {
         $this->currentPubkey = $pubkey;
+        $this->currentPleb = \App\Models\EinundzwanzigPleb::query()
+            ->where('pubkey', $pubkey)->first();
+        if($this->currentPleb->association_status->value < 3) {
+            return redirect()->route('association.profile');
+        }
+        $this->isAllowed = true;
     },
 ]);
 
@@ -150,7 +158,7 @@ $signEvent = function ($event) {
 
 <x-layouts.app title="{{ __('Wahl') }}">
     @volt
-    <div class="relative flex h-full" x-data="nostrApp(@this)" wire:poll.600000ms="checkElection">
+    <div x-cloak x-show="isAllowed" class="relative flex h-full" x-data="nostrApp(@this)" wire:poll.600000ms="checkElection">
 
         @php
             $positions = [

resources/views/pages/association/election/index.blade.php

@@ -13,6 +13,8 @@ use function Livewire\Volt\{on};
 
 name('association.elections');
 
+state(['isAllowed' => false]);
+state(['currentPubkey' => null]);
 state(['elections' => []]);
 
 mount(function () {
@@ -21,7 +23,16 @@ mount(function () {
         ->toArray();
 });
 
-updated([
+on([
+    'nostrLoggedIn' => function ($pubkey) {
+        $this->currentPubkey = $pubkey;
+        $this->currentPleb = \App\Models\EinundzwanzigPleb::query()
+            ->where('pubkey', $pubkey)->first();
+        if($this->currentPleb->association_status->value < 3) {
+            return redirect()->route('association.profile');
+        }
+        $this->isAllowed = true;
+    },
 ]);
 
 $saveElection = function ($index) {
@@ -35,7 +46,7 @@ $saveElection = function ($index) {
 
 <x-layouts.app title="{{ __('Wahlen') }}">
     @volt
-    <div class="relative flex h-full">
+    <div x-cloak class="relative flex h-full" x-show="isAllowed" x-data="{isAllowed: $wire.entangle('isAllowed').live}">
         @foreach($elections as $election)
             <div class="w-full sm:w-1/3 p-4">
                 <div class="shadow-lg rounded-lg overflow-hidden">

resources/views/pages/association/members/admin.blade.php

@@ -13,12 +13,19 @@ use function Livewire\Volt\{on};
 
 name('association.members.admin');
 
+state(['isAllowed' => false]);
 state(['currentPubkey' => null]);
 state(['members' => []]);
 
 on([
     'nostrLoggedIn' => function ($pubkey) {
         $this->currentPubkey = $pubkey;
+        $this->currentPleb = \App\Models\EinundzwanzigPleb::query()
+            ->where('pubkey', $pubkey)->first();
+        if($this->currentPubkey !== '0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033') {
+            return redirect()->route('association.profile');
+        }
+        $this->isAllowed = true;
     },
 ]);
 
@@ -26,7 +33,7 @@ on([
 
 <x-layouts.app title="{{ __('Mitglieder') }}">
     @volt
-    <div class="px-4 sm:px-6 lg:px-8 py-8 w-full max-w-9xl mx-auto">
+    <div class="px-4 sm:px-6 lg:px-8 py-8 w-full max-w-9xl mx-auto" x-show="isAllowed" x-data="{isAllowed: $wire.entangle('isAllowed').live}" x-cloak>
         <livewire:einundzwanzig-pleb-table/>
     </div>
     @endvolt