Skip to content

Commit

Permalink
Attempt to exclude superusers from nuke and pave (#182)
Browse files Browse the repository at this point in the history
  • Loading branch information
@joyliu-q
joyliu-q authored Nov 10, 2024
1 parent 8f8aa3b commit 554ec4e
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 5 deletions.
9 changes: 5 additions & 4 deletions backend/accounts/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -515,12 +515,13 @@ def post(self, request, format=None):
content_type = ContentType.objects.get(app_label="accounts", model="user")
perms = Permission.objects.filter(
content_type=content_type, codename__endswith="_admin"
).exclude(codename="penn_clubs_admin")
)
for perm in perms:
perm.user_set.clear()
User.objects.filter(Q(is_superuser=True) | Q(is_staff=True)).update(
is_superuser=False, is_staff=False
)
users_to_reset = User.objects.filter(Q(is_staff=True)).exclude(
Q(is_superuser=True)
) # Superusers retain permissions across time
users_to_reset.update(is_superuser=False, is_staff=False)

try:
body = json.loads(request.body)
Expand Down
2 changes: 1 addition & 1 deletion backend/tests/accounts/test_views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -892,7 +892,7 @@ def test_remove_product_admin(self):

def test_remove_platform_admin(self):
self.user.is_staff = True
self.user.is_superuser = True
self.user.is_superuser = False
self.user.save()
response = self.client.post(
reverse("accounts:productadmin"),
Expand Down

0 comments on commit 554ec4e

Please sign in to comment.