pacnpal/thrillwiki_django_no_react
1
1
Fork 0
mirror of https://github.com/pacnpal/thrillwiki_django_no_react.git synced 2025-12-20 14:11:09 -05:00
Code Issues Packages Projects Releases Wiki Activity

Added support for Django's built-in superuser to access moderation features. Modified context processor and views to check both role-based and is_superuser permissions.

Browse Source
This commit is contained in:
pacnpal
2024-11-13 16:13:54 +00:00
parent 97a3555e81
commit 983c101ed1
2 changed files with 20 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
moderation/views.py
View File

@@ -21,7 +21,7 @@ class ModeratorRequiredMixin(UserPassesTestMixin):
user = cast(User, self.request.user)
return (
user.is_authenticated and
getattr(user, 'role', None) in MODERATOR_ROLES
(getattr(user, 'role', None) in MODERATOR_ROLES or user.is_superuser)
)
def handle_no_permission(self) -> HttpResponse:
@@ -83,7 +83,7 @@ def _render_submission_response(template: str, submission: Any, request: HttpReq
def submission_list(request: HttpRequest) -> HttpResponse:
"""HTMX endpoint for filtered submission list"""
user = cast(User, request.user)
if user.role not in MODERATOR_ROLES:
if not (user.role in MODERATOR_ROLES or user.is_superuser):
return HttpResponse(status=403)
queryset = EditSubmission.objects.all().order_by('-created_at')
@@ -106,7 +106,7 @@ def submission_list(request: HttpRequest) -> HttpResponse:
def approve_submission(request: HttpRequest, submission_id: int) -> HttpResponse:
"""HTMX endpoint for approving a submission"""
user = cast(User, request.user)
if user.role not in MODERATOR_ROLES:
if not (user.role in MODERATOR_ROLES or user.is_superuser):
return HttpResponse(status=403)
submission = get_object_or_404(EditSubmission, id=submission_id)
@@ -122,7 +122,7 @@ def approve_submission(request: HttpRequest, submission_id: int) -> HttpResponse
def reject_submission(request: HttpRequest, submission_id: int) -> HttpResponse:
"""HTMX endpoint for rejecting a submission"""
user = cast(User, request.user)
if user.role not in MODERATOR_ROLES:
if not (user.role in MODERATOR_ROLES or user.is_superuser):
return HttpResponse(status=403)
submission = get_object_or_404(EditSubmission, id=submission_id)
@@ -135,7 +135,7 @@ def reject_submission(request: HttpRequest, submission_id: int) -> HttpResponse:
def escalate_submission(request: HttpRequest, submission_id: int) -> HttpResponse:
"""HTMX endpoint for escalating a submission"""
user = cast(User, request.user)
if user.role != 'MODERATOR':
if user.role != 'MODERATOR' and not user.is_superuser:
return HttpResponse(status=403)
submission = get_object_or_404(EditSubmission, id=submission_id)
@@ -148,7 +148,7 @@ def escalate_submission(request: HttpRequest, submission_id: int) -> HttpRespons
def approve_photo(request: HttpRequest, submission_id: int) -> HttpResponse:
"""HTMX endpoint for approving a photo submission"""
user = cast(User, request.user)
if user.role not in MODERATOR_ROLES:
if not (user.role in MODERATOR_ROLES or user.is_superuser):
return HttpResponse(status=403)
submission = get_object_or_404(PhotoSubmission, id=submission_id)
@@ -163,7 +163,7 @@ def approve_photo(request: HttpRequest, submission_id: int) -> HttpResponse:
def reject_photo(request: HttpRequest, submission_id: int) -> HttpResponse:
"""HTMX endpoint for rejecting a photo submission"""
user = cast(User, request.user)
if user.role not in MODERATOR_ROLES:
if not (user.role in MODERATOR_ROLES or user.is_superuser):
return HttpResponse(status=403)
submission = get_object_or_404(PhotoSubmission, id=submission_id)