Skip to content
Snippets Groups Projects
Verified Commit 7b8f1386 authored by Ernesto Rico Schmidt's avatar Ernesto Rico Schmidt
Browse files

fix: replace privileged user with superuser. the last time

parent 6fcf4d71
No related branches found
No related tags found
No related merge requests found
Pipeline #7435 passed
Stage: build
Stage: deploy
Stage: release
Hide whitespace changes
Inline Side-by-side
Showing
with 2 additions and 5 deletions
program/views.py
+ 2
5
View file @ 7b8f1386
...@@ -593,7 +593,7 @@ class APIScheduleViewSet( ...@@ -593,7 +593,7 @@ class APIScheduleViewSet(
them including notes. them including notes.
""" """
if not request.user.groups.filter(name=settings.PRIVILEGED_GROUP).exists(): if not request.user.is_superuser:
return Response(status=status.HTTP_401_UNAUTHORIZED) return Response(status=status.HTTP_401_UNAUTHORIZED)
# Only allow updating when with the `schedule` JSON object # Only allow updating when with the `schedule` JSON object
...@@ -721,10 +721,7 @@ class APINoteViewSet( ...@@ -721,10 +721,7 @@ class APINoteViewSet(
user = self.request.user user = self.request.user
if ( if self.request.method in permissions.SAFE_METHODS or user.is_superuser:
self.request.method in permissions.SAFE_METHODS
or user.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
):
return Note.objects.all() return Note.objects.all()
else: else:
return Note.objects.filter(timeslot__schedule__show__owners=user) return Note.objects.filter(timeslot__schedule__show__owners=user)
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment