From ccf4b7abeb0d703f05f5ab34d2193a520a049f4f Mon Sep 17 00:00:00 2001
From: fsociety <fsociety.mp3@pm.me>
Date: Tue, 1 Oct 2024 20:55:07 +0200
Subject: [PATCH] feat: add multiple allowed public keys for admin access

This commit introduces a change in the authorization mechanism for the admin sections of the association members and election pages. Instead of checking for a single allowed public key, the system now checks for an array of allowed public keys, enhancing the flexibility of the admin access control.
---
 .../association/election/admin/[Election:year].blade.php    | 6 +++++-
 resources/views/pages/association/members/admin.blade.php   | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/resources/views/pages/association/election/admin/[Election:year].blade.php b/resources/views/pages/association/election/admin/[Election:year].blade.php
index a4ad6fa..d97ca1a 100644
--- a/resources/views/pages/association/election/admin/[Election:year].blade.php
+++ b/resources/views/pages/association/election/admin/[Election:year].blade.php
@@ -72,7 +72,11 @@ mount(function () {
 on([
     'nostrLoggedIn' => function ($pubkey) {
         $this->currentPubkey = $pubkey;
-        if ($this->currentPubkey !== '0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033') {
+        $allowedPubkeys = [
+            '0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033',
+            '430169631f2f0682c60cebb4f902d68f0c71c498fd1711fd982f052cf1fd4279'
+        ];
+        if (!in_array($this->currentPubkey, $allowedPubkeys, true)) {
             return redirect()->route('association.profile');
         }
         $this->isAllowed = true;
diff --git a/resources/views/pages/association/members/admin.blade.php b/resources/views/pages/association/members/admin.blade.php
index 6762f9b..d9a6285 100644
--- a/resources/views/pages/association/members/admin.blade.php
+++ b/resources/views/pages/association/members/admin.blade.php
@@ -22,7 +22,11 @@ on([
         $this->currentPubkey = $pubkey;
         $this->currentPleb = \App\Models\EinundzwanzigPleb::query()
             ->where('pubkey', $pubkey)->first();
-        if($this->currentPleb->association_status->value < 3) {
+        $allowedPubkeys = [
+            '0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033',
+            '430169631f2f0682c60cebb4f902d68f0c71c498fd1711fd982f052cf1fd4279'
+        ];
+        if (!in_array($this->currentPubkey, $allowedPubkeys, true)) {
             return redirect()->route('association.profile');
         }
         $this->isAllowed = true;