From 983c101ed1e24d3c63d14d794235f1ff921273dc Mon Sep 17 00:00:00 2001 From: pacnpal <183241239+pacnpal@users.noreply.github.com> Date: Wed, 13 Nov 2024 16:13:54 +0000 Subject: [PATCH] Added support for Django's built-in superuser to access moderation features. Modified context processor and views to check both role-based and is_superuser permissions. --- moderation/context_processors.py | 16 +++++++++++++--- moderation/views.py | 14 +++++++------- 2 files changed, 20 insertions(+), 10 deletions(-) diff --git a/moderation/context_processors.py b/moderation/context_processors.py index 9a742e41..5232c422 100644 --- a/moderation/context_processors.py +++ b/moderation/context_processors.py @@ -9,8 +9,18 @@ def moderation_access(request): if request.user.is_authenticated: context['user_role'] = request.user.role - context['has_moderation_access'] = request.user.role in ['MODERATOR', 'ADMIN', 'SUPERUSER'] - context['has_admin_access'] = request.user.role in ['ADMIN', 'SUPERUSER'] - context['has_superuser_access'] = request.user.role == 'SUPERUSER' + # Check both role-based and Django's built-in superuser status + context['has_moderation_access'] = ( + request.user.role in ['MODERATOR', 'ADMIN', 'SUPERUSER'] or + request.user.is_superuser + ) + context['has_admin_access'] = ( + request.user.role in ['ADMIN', 'SUPERUSER'] or + request.user.is_superuser + ) + context['has_superuser_access'] = ( + request.user.role == 'SUPERUSER' or + request.user.is_superuser + ) return context diff --git a/moderation/views.py b/moderation/views.py index 97885df2..d5cd98b4 100644 --- a/moderation/views.py +++ b/moderation/views.py @@ -21,7 +21,7 @@ class ModeratorRequiredMixin(UserPassesTestMixin): user = cast(User, self.request.user) return ( user.is_authenticated and - getattr(user, 'role', None) in MODERATOR_ROLES + (getattr(user, 'role', None) in MODERATOR_ROLES or user.is_superuser) ) def handle_no_permission(self) -> HttpResponse: @@ -83,7 +83,7 @@ def _render_submission_response(template: str, submission: Any, request: HttpReq def submission_list(request: HttpRequest) -> HttpResponse: """HTMX endpoint for filtered submission list""" user = cast(User, request.user) - if user.role not in MODERATOR_ROLES: + if not (user.role in MODERATOR_ROLES or user.is_superuser): return HttpResponse(status=403) queryset = EditSubmission.objects.all().order_by('-created_at') @@ -106,7 +106,7 @@ def submission_list(request: HttpRequest) -> HttpResponse: def approve_submission(request: HttpRequest, submission_id: int) -> HttpResponse: """HTMX endpoint for approving a submission""" user = cast(User, request.user) - if user.role not in MODERATOR_ROLES: + if not (user.role in MODERATOR_ROLES or user.is_superuser): return HttpResponse(status=403) submission = get_object_or_404(EditSubmission, id=submission_id) @@ -122,7 +122,7 @@ def approve_submission(request: HttpRequest, submission_id: int) -> HttpResponse def reject_submission(request: HttpRequest, submission_id: int) -> HttpResponse: """HTMX endpoint for rejecting a submission""" user = cast(User, request.user) - if user.role not in MODERATOR_ROLES: + if not (user.role in MODERATOR_ROLES or user.is_superuser): return HttpResponse(status=403) submission = get_object_or_404(EditSubmission, id=submission_id) @@ -135,7 +135,7 @@ def reject_submission(request: HttpRequest, submission_id: int) -> HttpResponse: def escalate_submission(request: HttpRequest, submission_id: int) -> HttpResponse: """HTMX endpoint for escalating a submission""" user = cast(User, request.user) - if user.role != 'MODERATOR': + if user.role != 'MODERATOR' and not user.is_superuser: return HttpResponse(status=403) submission = get_object_or_404(EditSubmission, id=submission_id) @@ -148,7 +148,7 @@ def escalate_submission(request: HttpRequest, submission_id: int) -> HttpRespons def approve_photo(request: HttpRequest, submission_id: int) -> HttpResponse: """HTMX endpoint for approving a photo submission""" user = cast(User, request.user) - if user.role not in MODERATOR_ROLES: + if not (user.role in MODERATOR_ROLES or user.is_superuser): return HttpResponse(status=403) submission = get_object_or_404(PhotoSubmission, id=submission_id) @@ -163,7 +163,7 @@ def approve_photo(request: HttpRequest, submission_id: int) -> HttpResponse: def reject_photo(request: HttpRequest, submission_id: int) -> HttpResponse: """HTMX endpoint for rejecting a photo submission""" user = cast(User, request.user) - if user.role not in MODERATOR_ROLES: + if not (user.role in MODERATOR_ROLES or user.is_superuser): return HttpResponse(status=403) submission = get_object_or_404(PhotoSubmission, id=submission_id)