Prevent trusted users from approving their own packages
This commit is contained in:
parent
d4c2166019
commit
901e115a21
|
@ -34,6 +34,8 @@ title: Ranks and Permissions
|
|||
<th>N</th>
|
||||
<th>Y</th>
|
||||
<th>N</th>
|
||||
<th>Y</th>
|
||||
<th>N</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
|
@ -58,7 +60,7 @@ title: Ranks and Permissions
|
|||
<th></th>
|
||||
<th></th> <!-- member -->
|
||||
<th></th>
|
||||
<th>✓</th> <!-- trusted member -->
|
||||
<th></th> <!-- trusted member -->
|
||||
<th></th>
|
||||
<th>✓</th> <!-- editor -->
|
||||
<th>✓</th>
|
||||
|
@ -101,7 +103,7 @@ title: Ranks and Permissions
|
|||
<td>Approve Screenshot</td>
|
||||
<th></th> <!-- new -->
|
||||
<th></th>
|
||||
<th>✓</th> <!-- member -->
|
||||
<th></th> <!-- member -->
|
||||
<th></th>
|
||||
<th>✓</th> <!-- trusted member -->
|
||||
<th></th>
|
||||
|
@ -187,6 +189,21 @@ title: Ranks and Permissions
|
|||
<th>✓</th> <!-- admin -->
|
||||
<th>✓</th>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>See Private Thread</td>
|
||||
<th>✓</th> <!-- new -->
|
||||
<th></th>
|
||||
<th>✓</th> <!-- member -->
|
||||
<th></th>
|
||||
<th>✓</th> <!-- trusted member -->
|
||||
<th></th>
|
||||
<th>✓</th> <!-- editor -->
|
||||
<th>✓</th>
|
||||
<th>✓</th> <!-- moderator -->
|
||||
<th>✓</th>
|
||||
<th>✓</th> <!-- admin -->
|
||||
<th>✓</th>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Set Email</td>
|
||||
<th>✓</th> <!-- new -->
|
||||
|
|
|
@ -489,12 +489,11 @@ class Package(db.Model):
|
|||
else:
|
||||
return user.rank.atLeast(UserRank.EDITOR)
|
||||
|
||||
# Editors can change authors
|
||||
elif perm == Permission.CHANGE_AUTHOR:
|
||||
# Editors can change authors and approve new packages
|
||||
elif perm == Permission.APPROVE_NEW or perm == Permission.CHANGE_AUTHOR:
|
||||
return user.rank.atLeast(UserRank.EDITOR)
|
||||
|
||||
elif perm == Permission.APPROVE_NEW or perm == Permission.APPROVE_RELEASE \
|
||||
or perm == Permission.APPROVE_SCREENSHOT:
|
||||
elif perm == Permission.APPROVE_RELEASE or perm == Permission.APPROVE_SCREENSHOT:
|
||||
return user.rank.atLeast(UserRank.TRUSTED_MEMBER if isOwner else UserRank.EDITOR)
|
||||
|
||||
# Moderators can delete packages
|
||||
|
|
Loading…
Reference in New Issue