Fixes errors in permissions

2024-06-17 20:50:39 +00:00 · 2022-07-07 14:01:51 -07:00 · 2022-07-07 14:01:51 -07:00 · a972c58f3b
parent 948f2964ac
commit a972c58f3b
6 changed files with 13 additions and 8 deletions
--- a/bookwyrm/models/base_model.py
+++ b/bookwyrm/models/base_model.py
@ -132,7 +132,7 @@ class BookWyrmModel(models.Model):
            return

        # but generally moderators can delete other people's stuff
-        if self.user == viewer or viewer.has_perm("moderate_post"):
+        if self.user == viewer or viewer.has_perm("bookwyrm.moderate_post"):
            return

        raise PermissionDenied()
--- a/bookwyrm/models/link.py
+++ b/bookwyrm/models/link.py
@ -84,7 +84,7 @@ class LinkDomain(BookWyrmModel):
    )

    def raise_not_editable(self, viewer):
-        if viewer.has_perm("moderate_post"):
+        if viewer.has_perm("bookwyrm.moderate_post"):
            return
        raise PermissionDenied()

--- a/bookwyrm/models/notification.py
+++ b/bookwyrm/models/notification.py
@ -222,8 +222,12 @@ def notify_user_on_import_complete(
@receiver(models.signals.post_save, sender=Report)
@transaction.atomic
 # pylint: disable=unused-argument
-def notify_admins_on_report(sender, instance, *args, **kwargs):
+def notify_admins_on_report(sender, instance, created, *args, **kwargs):
    """something is up, make sure the admins know"""
+    if not created:
+        # otherwise you'll get a notification when you resolve a report
+        return
+
    # moderators and superusers should be notified
    admins = User.objects.filter(
        models.Q(user_permissions__name__in=["moderate_user", "moderate_post"])
--- a/bookwyrm/views/admin/link_domains.py
+++ b/bookwyrm/views/admin/link_domains.py
@ -45,6 +45,7 @@ class LinkDomain(View):

@require_POST
@login_required
+@permission_required("bookwyrm.moderate_user")
 def update_domain_status(request, domain_id, status):
    """This domain seems fine"""
    domain = get_object_or_404(models.LinkDomain, id=domain_id)
--- a/bookwyrm/views/admin/reports.py
+++ b/bookwyrm/views/admin/reports.py
@ -83,7 +83,7 @@ class ReportAdmin(View):


@login_required
-@permission_required("bookwyrm_moderate_user")
+@permission_required("bookwyrm.moderate_user")
 def suspend_user(_, user_id):
    """mark an account as inactive"""
    user = get_object_or_404(models.User, id=user_id)
@ -95,7 +95,7 @@ def suspend_user(_, user_id):


@login_required
-@permission_required("bookwyrm_moderate_user")
+@permission_required("bookwyrm.moderate_user")
 def unsuspend_user(_, user_id):
    """mark an account as inactive"""
    user = get_object_or_404(models.User, id=user_id)
@ -107,7 +107,7 @@ def unsuspend_user(_, user_id):


@login_required
-@permission_required("bookwyrm_moderate_user")
+@permission_required("bookwyrm.moderate_user")
 def moderator_delete_user(request, user_id):
    """permanently delete a user"""
    user = get_object_or_404(models.User, id=user_id)
@ -132,7 +132,7 @@ def moderator_delete_user(request, user_id):


@login_required
-@permission_required("bookwyrm_moderate_post")
+@permission_required("bookwyrm.moderate_post")
 def resolve_report(_, report_id):
    """mark a report as (un)resolved"""
    report = get_object_or_404(models.Report, id=report_id)
--- a/bookwyrm/views/admin/user_admin.py
+++ b/bookwyrm/views/admin/user_admin.py
@ -62,7 +62,7 @@ class UserAdminList(View):

@method_decorator(login_required, name="dispatch")
@method_decorator(
-    permission_required("bookwyrm.moderate_users", raise_exception=True),
+    permission_required("bookwyrm.moderate_user", raise_exception=True),
    name="dispatch",
 )
 class UserAdmin(View):