From 6d5bbda14d2743d3866d65cabada4ea80815abf7 Mon Sep 17 00:00:00 2001
From: Ernesto Rico Schmidt <ernesto@helsinki.at>
Date: Wed, 2 Feb 2022 18:05:27 -0400
Subject: [PATCH] Don't check if superuser in the serializers
---
program/serializers.py | 36 ++++++++++++++----------------------
1 file changed, 14 insertions(+), 22 deletions(-)
diff --git a/program/serializers.py b/program/serializers.py
index f9430050..6b8be90a 100644
--- a/program/serializers.py
+++ b/program/serializers.py
@@ -64,16 +64,12 @@ class UserSerializer(serializers.ModelSerializer):
Update and return an existing User instance, given the validated data.
"""
- user = self.context['user']
-
instance.first_name = validated_data.get('first_name', instance.first_name)
instance.last_name = validated_data.get('last_name', instance.last_name)
instance.email = validated_data.get('email', instance.email)
-
- if user.is_superuser:
- instance.is_active = validated_data.get('is_active', instance.is_active)
- instance.is_staff = validated_data.get('is_staff', instance.is_staff)
- instance.is_superuser = validated_data.get('is_superuser', instance.is_superuser)
+ instance.is_active = validated_data.get('is_active', instance.is_active)
+ instance.is_staff = validated_data.get('is_staff', instance.is_staff)
+ instance.is_superuser = validated_data.get('is_superuser', instance.is_superuser)
profile_data = validated_data.pop('profile') if 'profile' in validated_data else None
@@ -318,8 +314,6 @@ class ShowSerializer(serializers.HyperlinkedModelSerializer):
Update and return an existing Show instance, given the validated data.
"""
- user = self.context['user']
-
instance.name = validated_data.get('name', instance.name)
instance.slug = validated_data.get('slug', instance.slug)
instance.image = validated_data.get('image', instance.image)
@@ -332,19 +326,17 @@ class ShowSerializer(serializers.HyperlinkedModelSerializer):
instance.cba_series_id = validated_data.get('cba_series_id', instance.cba_series_id)
instance.default_playlist_id = validated_data.get('default_playlist_id', instance.default_playlist_id)
- # Only superusers may update the following fields
- if user.is_superuser:
- instance.owners.set(validated_data.get('owners', instance.owners))
- instance.category.set(validated_data.get('category', instance.category))
- instance.hosts.set(validated_data.get('hosts', instance.hosts))
- instance.language.set(validated_data.get('language', instance.language))
- instance.topic.set(validated_data.get('topic', instance.topic))
- instance.musicfocus.set(validated_data.get('musicfocus', instance.musicfocus))
- instance.type = validated_data.get('type', instance.type)
- instance.fundingcategory = validated_data.get('fundingcategory', instance.fundingcategory)
- instance.predecessor = validated_data.get('predecessor', instance.predecessor)
- instance.is_active = validated_data.get('is_active', instance.is_active)
- instance.is_public = validated_data.get('is_public', instance.is_public)
+ instance.owners.set(validated_data.get('owners', instance.owners))
+ instance.category.set(validated_data.get('category', instance.category))
+ instance.hosts.set(validated_data.get('hosts', instance.hosts))
+ instance.language.set(validated_data.get('language', instance.language))
+ instance.topic.set(validated_data.get('topic', instance.topic))
+ instance.musicfocus.set(validated_data.get('musicfocus', instance.musicfocus))
+ instance.type = validated_data.get('type', instance.type)
+ instance.fundingcategory = validated_data.get('fundingcategory', instance.fundingcategory)
+ instance.predecessor = validated_data.get('predecessor', instance.predecessor)
+ instance.is_active = validated_data.get('is_active', instance.is_active)
+ instance.is_public = validated_data.get('is_public', instance.is_public)
instance.save()
return instance
--
GitLab