external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

add User.is_elevated()

Browse source 
This one returns true if the user is either a Trusted User
or a Developer.

Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit is contained in:
Kevin Morris 2021-08-28 16:14:07 -07:00
parent b59601a8b7
commit c006386079
No known key found for this signature in database
GPG key ID: F7E46DED420788F3
2 changed files with 14 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
aurweb/models/user.py
View file

@ -165,6 +165,15 @@ class User(Base):
aurweb.models.account_type.TRUSTED_USER_AND_DEV_ID aurweb.models.account_type.TRUSTED_USER_AND_DEV_ID
} }
def is_elevated(self):
""" A User is 'elevated' when they have either a
Trusted User or Developer AccountType. """
return self.AccountType.ID in {
aurweb.models.account_type.TRUSTED_USER_ID,
aurweb.models.account_type.DEVELOPER_ID,
aurweb.models.account_type.TRUSTED_USER_AND_DEV_ID,
}
def can_edit_user(self, user): def can_edit_user(self, user):
""" Can this account record edit the target user? It must either """ Can this account record edit the target user? It must either
be the target user or a user with enough permissions to do so. be the target user or a user with enough permissions to do so.

5
test/test_user.py
View file

@ -214,6 +214,11 @@ def test_user_credential_types():
assert aurweb.auth.developer(user) assert aurweb.auth.developer(user)
assert aurweb.auth.trusted_user_or_dev(user) assert aurweb.auth.trusted_user_or_dev(user)
# Some model authorization checks.
assert user.is_elevated()
assert user.is_trusted_user()
assert user.is_developer()
def test_user_json(): def test_user_json():
data = json.loads(user.json()) data = json.loads(user.json())