feat: remove usage of privileged group

06b310ba · Ernesto Rico Schmidt · 318fd135 · 06b310ba
Verified Commit 06b310ba authored 1 year ago by Ernesto Rico Schmidt
--- a/program/views.py
+++ b/program/views.py
@@ -32,7 +32,6 @@ from rest_framework.exceptions import ValidationError
 from rest_framework.pagination import LimitOffsetPagination
 from rest_framework.response import Response
-from django.conf import settings
 from django.contrib.auth.models import User
 from django.db import IntegrityError
 from django.http import Http404, HttpResponse, JsonResponse
@@ -266,12 +265,12 @@ class APIUserViewSet(
    search_fields = ["username", "first_name", "last_name", "email"]
    def get_queryset(self):
-        """The queryset contains all the users if the requesting user is a superuser or member of
+        """The queryset contains all the users if the requesting user is a superuser, otherwise it
-        the privileged group, otherwise it only contains the requesting user."""
+        only contains the requesting user."""
        user = self.request.user
-        if user.is_superuser or user.groups.filter(name=settings.PRIVILEGED_GROUP).exists():
+        if user.is_superuser:
            return User.objects.all()
        else:
            return User.objects.filter(pk=user.id)