diff options
| -rw-r--r-- | pysite/constants.py | 1 | ||||
| -rw-r--r-- | pysite/views/wiki/edit.py | 6 | ||||
| -rw-r--r-- | pysite/views/wiki/page.py | 4 | ||||
| -rw-r--r-- | pysite/views/wiki/render.py | 4 |
4 files changed, 8 insertions, 7 deletions
diff --git a/pysite/constants.py b/pysite/constants.py index 69633127..e300fdd3 100644 --- a/pysite/constants.py +++ b/pysite/constants.py @@ -26,6 +26,7 @@ DEVOPS_ROLE = 409416496733880320 HELPER_ROLE = 267630620367257601 ALL_STAFF_ROLES = (OWNER_ROLE, ADMIN_ROLE, MODERATOR_ROLE, DEVOPS_ROLE) +EDITOR_ROLES = ALL_STAFF_ROLES + (HELPER_ROLE, ) SERVER_ID = 267624335836053506 diff --git a/pysite/views/wiki/edit.py b/pysite/views/wiki/edit.py index 089da58d..0a0af15b 100644 --- a/pysite/views/wiki/edit.py +++ b/pysite/views/wiki/edit.py @@ -4,7 +4,7 @@ from flask import request, url_for from werkzeug.utils import redirect from pysite.base_route import RouteView -from pysite.constants import ALL_STAFF_ROLES +from pysite.constants import EDITOR_ROLES from pysite.decorators import csrf, require_roles from pysite.mixins import DBMixin @@ -16,7 +16,7 @@ class EditView(RouteView, DBMixin): table_name = "wiki" table_primary_key = "slug" - @require_roles(*ALL_STAFF_ROLES) + @require_roles(*EDITOR_ROLES) def get(self, page): rst = "" title = "" @@ -31,7 +31,7 @@ class EditView(RouteView, DBMixin): return self.render("wiki/page_edit.html", page=page, rst=rst, title=title, preview=preview) - @require_roles(*ALL_STAFF_ROLES) + @require_roles(*EDITOR_ROLES) @csrf def post(self, page): rst = request.form["rst"] diff --git a/pysite/views/wiki/page.py b/pysite/views/wiki/page.py index aa26a725..a7e4de51 100644 --- a/pysite/views/wiki/page.py +++ b/pysite/views/wiki/page.py @@ -3,7 +3,7 @@ from flask import redirect, url_for from werkzeug.exceptions import NotFound from pysite.base_route import RouteView -from pysite.constants import ALL_STAFF_ROLES +from pysite.constants import EDITOR_ROLES from pysite.mixins import DBMixin @@ -31,7 +31,7 @@ class PageView(RouteView, DBMixin): roles = self.user_data.get("roles", []) for role in roles: - if role in ALL_STAFF_ROLES: + if role in EDITOR_ROLES: return True return False diff --git a/pysite/views/wiki/render.py b/pysite/views/wiki/render.py index 73c38731..131db1d3 100644 --- a/pysite/views/wiki/render.py +++ b/pysite/views/wiki/render.py @@ -7,7 +7,7 @@ from flask import jsonify from schema import Schema from pysite.base_route import APIView -from pysite.constants import ALL_STAFF_ROLES, ValidationTypes +from pysite.constants import EDITOR_ROLES, ValidationTypes from pysite.decorators import api_params, csrf, require_roles SCHEMA = Schema([{ @@ -22,7 +22,7 @@ class RenderView(APIView): name = "render" @csrf - @require_roles(*ALL_STAFF_ROLES) + @require_roles(*EDITOR_ROLES) @api_params(schema=SCHEMA, validation_type=ValidationTypes.json) def post(self, data): if not len(data): |