editing permissions

files/helpers/const.py

@@ -129,6 +129,7 @@ PERMS = { # Minimum admin_level to perform action.
 	'USER_VOTERS_VISIBLE': 0,
 	'POST_COMMENT_MODERATION': 2,
 	'GLOBAL_HOLE_MODERATION': 3,
+	'POST_EDITING': 3,
 }
 
 FEATURES = {

files/routes/posts.py

@@ -373,14 +373,13 @@ def morecomments(v, cid):
 @auth_required
 def edit_post(pid, v):
 	p = get_post(pid)
+	if v.id != p.author_id and v.admin_level < PERMS['POST_EDITING']:
+		abort(403)
 
 	title = sanitize_raw_title(request.values.get("title", ""))
 
 	body = sanitize_raw_body(request.values.get("body", ""))
 
-	if v.id != p.author_id and v.admin_level < 3:
-		abort(403)
-
 	if v.id == p.author_id:
 		if v.longpost and (len(body) < 280 or ' [](' in body or body.startswith('[](')):
 			return {"error":"You have to type more than 280 characters!"}, 403

files/templates/submission.html

@@ -790,7 +790,7 @@
 					</div>
 					{% endif %}
 
-					{% if v and (v.id==p.author_id or v.admin_level > 2) and not v.is_suspended %}
+					{% if v and (v.id==p.author_id or v.admin_level >= PERMS['POST_EDITING']) and not v.is_suspended %}
 						<div id="edit-post-body-{{p.id}}" class="d-none comment-write collapsed child">
 							<form id="post-edit-form-{{p.id}}" action="/edit_post/{{p.id}}" method="post" enctype="multipart/form-data">
 									<input type="hidden" name="formkey" value="{{v.formkey}}">
@@ -844,7 +844,7 @@
 							</a>
 						</li>
 
-						{% if v and (v.id==p.author_id or v.admin_level > 1 and v.admin_level > 2) %}
+						{% if v and (v.id==p.author_id or v.admin_level >= PERMS['POST_EDITING']) %}
 							<a class="list-inline-item" role="button" onclick="togglePostEdit('{{p.id}}')"><i class="fas fa-edit"></i>Edit</a>
 						{% endif %}
 
@@ -1092,7 +1092,7 @@
 	{% include "report_post_modal.html" %}
 {% endif %}
 
-{% if v and (v.id == p.author_id or v.admin_level > 1 and v.admin_level > 2) %}
+{% if v and (v.id == p.author_id or v.admin_level >= PERMS['POST_EDITING']) %}
 	<script defer src="{{'js/togglePostEdit.js' | asset}}"></script>
 {% endif %}