From 20bd38b5d394e4263c59ea3528dd4da7deff192a Mon Sep 17 00:00:00 2001 From: justcool393 Date: Wed, 5 Oct 2022 22:33:55 -0700 Subject: [PATCH] add oauth permissions --- files/helpers/const.py | 1 + files/routes/oauth.py | 14 +++++++------- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/files/helpers/const.py b/files/helpers/const.py index 5867b7cf0..738d29c50 100644 --- a/files/helpers/const.py +++ b/files/helpers/const.py @@ -177,6 +177,7 @@ PERMS = { # Minimum admin_level to perform action. 'NOTIFICATIONS_MODMAIL': 3, 'NOTIFICATIONS_FOR_SPECIFIC_WPD_COMMENTS': 1, 'MESSAGE_BLOCKED_USERS': 1, + 'APPS_MODERATE': 3, } FEATURES = { diff --git a/files/routes/oauth.py b/files/routes/oauth.py index da25790b0..35f46d118 100644 --- a/files/routes/oauth.py +++ b/files/routes/oauth.py @@ -83,7 +83,7 @@ def request_api_keys(v): new_comment.top_comment_id = new_comment.id - for admin in g.db.query(User).filter(User.admin_level > 2).all(): + for admin in g.db.query(User).filter(User.admin_level >= PERMS['APPS_MODERATE']).all(): notif = Notification(comment_id=new_comment.id, user_id=admin.id) g.db.add(notif) @@ -137,7 +137,7 @@ def edit_oauth_app(v, aid): @app.post("/admin/app/approve/") @limiter.limit("1/second;30/minute;200/hour;1000/day") -@admin_level_required(3) +@admin_level_required(PERMS['APPS_MODERATE']) def admin_app_approve(v, aid): app = g.db.get(OauthApp, aid) @@ -173,7 +173,7 @@ def admin_app_approve(v, aid): @app.post("/admin/app/revoke/") @limiter.limit("1/second;30/minute;200/hour;1000/day") -@admin_level_required(3) +@admin_level_required(PERMS['APPS_MODERATE']) def admin_app_revoke(v, aid): app = g.db.get(OauthApp, aid) @@ -198,7 +198,7 @@ def admin_app_revoke(v, aid): @app.post("/admin/app/reject/") @limiter.limit("1/second;30/minute;200/hour;1000/day") -@admin_level_required(3) +@admin_level_required(PERMS['APPS_MODERATE']) def admin_app_reject(v, aid): app = g.db.get(OauthApp, aid) @@ -223,7 +223,7 @@ def admin_app_reject(v, aid): @app.get("/admin/app/") -@admin_level_required(3) +@admin_level_required(PERMS['APPS_MODERATE']) def admin_app_id(v, aid): aid=aid oauth = g.db.get(OauthApp, aid) @@ -244,7 +244,7 @@ def admin_app_id(v, aid): ) @app.get("/admin/app//comments") -@admin_level_required(3) +@admin_level_required(PERMS['APPS_MODERATE']) def admin_app_id_comments(v, aid): aid=aid @@ -271,7 +271,7 @@ def admin_app_id_comments(v, aid): @app.get("/admin/apps") -@admin_level_required(3) +@admin_level_required(PERMS['APPS_MODERATE']) def admin_apps_list(v): apps = g.db.query(OauthApp).order_by(OauthApp.id.desc()).all()