diff --git a/program/serializers.py b/program/serializers.py
index e837ae4eeb645205fb5a4408e7a0728fe02dff7f..06286f8813c757b059f115c9e5e6cfbcd0723b30 100644
--- a/program/serializers.py
+++ b/program/serializers.py
@@ -134,7 +134,8 @@ class UserSerializer(serializers.ModelSerializer):
@staticmethod
def get_is_privileged(obj: User) -> bool:
- return obj.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
+ # return obj.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
+ return obj.is_superuser
def create(self, validated_data):
"""
@@ -371,7 +372,7 @@ class HostSerializer(serializers.ModelSerializer):
"""
user = self.context.get("request").user
- user_is_privileged = user.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
+ # user_is_privileged = user.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
user_is_owner = user in instance.owners.all()
user_edit_permissions = [
permission.split("__")[-1]
@@ -379,9 +380,9 @@ class HostSerializer(serializers.ModelSerializer):
if permission.startswith("program.edit__host")
]
- # Only privileged users and owners of a host with edit permissions are allowed to update it
- # Being a privileged user overrides the ownership
- if not (user_is_privileged or (user_is_owner and len(user_edit_permissions) > 0)):
+ # Only superusers and owners of a host with edit permissions are allowed to update it
+ # Being a superuser overrides the ownership
+ if not (user.is_superuser or (user_is_owner and len(user_edit_permissions) > 0)):
raise exceptions.PermissionDenied(detail="You are not allowed to update this host.")
# Only users with edit permissions are allowed to edit these fields
@@ -398,8 +399,8 @@ class HostSerializer(serializers.ModelSerializer):
instance.biography = validated_data.get("biography", instance.biography)
instance.name = validated_data.get("name", instance.name)
- # Only update these fields if the user is privileged, ignore otherwise
- if user_is_privileged:
+ # Only update these fields if the user superuser, ignore otherwise
+ if user.is_superuser:
instance.email = validated_data.get("email", instance.email)
instance.image = validated_data.get("image_id", instance.image)
instance.is_active = validated_data.get("is_active", instance.is_active)
@@ -594,7 +595,7 @@ class ShowSerializer(serializers.HyperlinkedModelSerializer):
"""
user = self.context.get("request").user
- user_is_privileged = user.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
+ # user_is_privileged = user.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
user_is_owner = instance in user.shows.all()
user_edit_permissions = [
permission.split("__")[-1]
@@ -602,9 +603,9 @@ class ShowSerializer(serializers.HyperlinkedModelSerializer):
if permission.startswith("program.edit__show")
]
- # Only privileged users and owners of a show with edit permissions are allowed to update it
+ # Only superusers and owners of a show with edit permissions are allowed to update it
# Being a privileged user overrides the ownership
- if not (user_is_privileged or (user_is_owner and len(user_edit_permissions) > 0)):
+ if not (user.is_superuser or (user_is_owner and len(user_edit_permissions) > 0)):
raise exceptions.PermissionDenied(detail="You are not allowed to update this show.")
# Only users with edit permissions are allowed to update these fields
@@ -632,8 +633,8 @@ class ShowSerializer(serializers.HyperlinkedModelSerializer):
"short_description", instance.short_description
)
- # Only update these fields if the user is privileged, ignore otherwise
- if user_is_privileged:
+ # Only update these fields if the user is superuser, ignore otherwise
+ if user.is_superuser:
instance.cba_series_id = validated_data.get("cba_series_id", instance.cba_series_id)
instance.default_playlist_id = validated_data.get(
"default_playlist_id", instance.default_playlist_id
@@ -977,12 +978,12 @@ class NoteSerializer(serializers.ModelSerializer):
show = validated_data["timeslot"].schedule.show
user = self.context.get("request").user
- user_is_privileged = user.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
+ # user_is_privileged = user.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
user_is_owner = user in show.owners.all()
- # Only privileged users and owners of a show are allowed to create a note
+ # Only superusers and owners of a show are allowed to create a note
# Being a privileged user overrides the ownership
- if not (user_is_privileged or user_is_owner):
+ if not (user.is_superuser or user_is_owner):
raise exceptions.PermissionDenied(
detail="You are not allowed to create a note for this show."
)
@@ -1025,12 +1026,12 @@ class NoteSerializer(serializers.ModelSerializer):
"""
user = self.context.get("request").user
- user_is_privileged = user.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
+ # user_is_privileged = user.groups.filter(name=settings.PRIVILEGED_GROUP).exists()
user_is_owner = user in instance.timeslot.schedule.show.owners
- # Only privileged users and owners of a show are allowed to update a note
+ # Only superusers and owners of a show are allowed to update a note
# Being a privileged user overrides the ownership
- if not (user_is_privileged or user_is_owner):
+ if not (user.is_superuser or user_is_owner):
raise exceptions.PermissionDenied(detail="You are not allowed to update this note.")
instance.cba_id = validated_data.get("cba_id", instance.cba_id)
@@ -1049,8 +1050,8 @@ class NoteSerializer(serializers.ModelSerializer):
if language := validated_data.get("language"):
instance.language.set(language)
- # Only update this field if the user is privileged, ignore otherwise
- if (topic := validated_data.get("topic")) and user_is_privileged:
+ # Only update this field if the user is superuser, ignore otherwise
+ if (topic := validated_data.get("topic")) and user.is_superuser:
instance.topic.set(topic)
if cba_id := validated_data.get("cba_id"):