revert account type permission changes

While this does make more sense to me personally, there is no need to change how the AUR treats its users; it has been accepted for ages and not found to be ridden with flaws. Stay with the tried and true method. Signed-off-by: Kevin Morris <kevr@0cost.org>
2025-02-03 10:43:03 +01:00 · 2021-12-27 17:42:56 -08:00 · 2021-12-27 17:42:56 -08:00 · d55dab93da
commit d55dab93da
parent 80ee7f3d4b
4 changed files with 132 additions and 82 deletions
--- a/aurweb/routers/accounts.py
+++ b/aurweb/routers/accounts.py
@ -10,7 +10,7 @@ from sqlalchemy import and_, or_
 import aurweb.config

 from aurweb import cookies, db, l10n, logging, models, util
-from aurweb.auth import account_type_required, auth_required, creds
+from aurweb.auth import account_type_required, auth_required
 from aurweb.captcha import get_captcha_salts
 from aurweb.exceptions import ValidationError
 from aurweb.l10n import get_translator_for_request
@ -169,17 +169,15 @@ def make_account_form_context(context: dict,
    # Do not modify the original context.
    context = copy.copy(context)

-    context["account_types"] = [
-        (at.USER_ID, f"Normal {at.USER}"),
-        (at.TRUSTED_USER_ID, at.TRUSTED_USER)
-    ]
-
-    user_account_type_id = context.get("account_types")[0][0]
-
-    if request.user.has_credential(creds.ACCOUNT_EDIT_DEV):
-        context["account_types"].append((at.DEVELOPER_ID, at.DEVELOPER))
-        context["account_types"].append((at.TRUSTED_USER_AND_DEV_ID,
-                                         at.TRUSTED_USER_AND_DEV))
+    context["account_types"] = list(filter(
+        lambda e: request.user.AccountTypeID >= e[0],
+        [
+            (at.USER_ID, f"Normal {at.USER}"),
+            (at.TRUSTED_USER_ID, at.TRUSTED_USER),
+            (at.DEVELOPER_ID, at.DEVELOPER),
+            (at.TRUSTED_USER_AND_DEV_ID, at.TRUSTED_USER_AND_DEV)
+        ]
+    ))

    if request.user.is_authenticated():
        context["username"] = args.get("U", user.Username)
@ -202,7 +200,7 @@ def make_account_form_context(context: dict,
        context["inactive"] = args.get("J", user.InactivityTS != 0)
    else:
        context["username"] = args.get("U", str())
-        context["account_type"] = args.get("T", user_account_type_id)
+        context["account_type"] = args.get("T", at.USER_ID)
        context["suspended"] = args.get("S", False)
        context["email"] = args.get("E", str())
        context["hide_email"] = args.get("H", False)
--- a/aurweb/users/validate.py
+++ b/aurweb/users/validate.py
@ -13,7 +13,6 @@ from aurweb import config, db, l10n, logging, models, time, util
 from aurweb.auth import creds
 from aurweb.captcha import get_captcha_answer, get_captcha_salts, get_captcha_token
 from aurweb.exceptions import ValidationError
-from aurweb.models import account_type as at
 from aurweb.models.account_type import ACCOUNT_TYPE_NAME
 from aurweb.models.ssh_pub_key import get_fingerprint

@ -171,31 +170,23 @@ def invalid_account_type(T: int = None, request: Request = None,
                         _: l10n.Translator = None,
                         **kwargs) -> None:
    if T is not None and (T := int(T)) != user.AccountTypeID:
+        name = ACCOUNT_TYPE_NAME.get(T, None)
        has_cred = request.user.has_credential(creds.ACCOUNT_CHANGE_TYPE)
-        if T not in ACCOUNT_TYPE_NAME:
+        if name is None:
            raise ValidationError(["Invalid account type provided."])
        elif not has_cred:
            raise ValidationError([
                "You do not have permission to change account types."])
-
-        credential_checks = {
-            at.USER_ID: request.user.is_trusted_user,
-            at.TRUSTED_USER_ID: request.user.is_trusted_user,
-            at.DEVELOPER_ID: request.user.is_developer,
-            at.TRUSTED_USER_AND_DEV_ID: (lambda: request.user.is_trusted_user()
-                                         and request.user.is_developer())
-        }
-        credential_check = credential_checks.get(T)
-
-        name = ACCOUNT_TYPE_NAME.get(T)
-        if not credential_check() or request.user == user:
+        elif T > request.user.AccountTypeID:
+            # If the chosen account type is higher than the editor's account
+            # type, the editor doesn't have permission to set the new type.
            error = _("You do not have permission to change "
                      "this user's account type to %s.") % name
            raise ValidationError([error])
-        else:
-            logger.debug(f"Trusted User '{request.user.Username}' has "
-                         f"modified '{user.Username}' account's type to"
-                         f" {name}.")
+
+        logger.debug(f"Trusted User '{request.user.Username}' has "
+                     f"modified '{user.Username}' account's type to"
+                     f" {name}.")


 def invalid_captcha(captcha_salt: str = None, captcha: str = None,