Verified Commit 80622cc9 authored by Kevin Morris's avatar Kevin Morris
Browse files

fix: suspend check should check Suspended...



This was causing some false negative errors in the update process,
and it clearly not correct -- oops :(

Signed-off-by: Kevin Morris's avatarKevin Morris <kevr@0cost.org>
parent 4a4fd015
Pipeline #16040 passed with stages
in 4 minutes and 27 seconds
...@@ -15,6 +15,7 @@ from aurweb.captcha import get_captcha_answer, get_captcha_salts, get_captcha_to ...@@ -15,6 +15,7 @@ from aurweb.captcha import get_captcha_answer, get_captcha_salts, get_captcha_to
from aurweb.exceptions import ValidationError from aurweb.exceptions import ValidationError
from aurweb.models.account_type import ACCOUNT_TYPE_NAME from aurweb.models.account_type import ACCOUNT_TYPE_NAME
from aurweb.models.ssh_pub_key import get_fingerprint from aurweb.models.ssh_pub_key import get_fingerprint
from aurweb.util import strtobool
logger = logging.get_logger(__name__) logger = logging.get_logger(__name__)
...@@ -26,9 +27,9 @@ def invalid_fields(E: str = str(), U: str = str(), **kwargs) -> None: ...@@ -26,9 +27,9 @@ def invalid_fields(E: str = str(), U: str = str(), **kwargs) -> None:
def invalid_suspend_permission(request: Request = None, def invalid_suspend_permission(request: Request = None,
user: models.User = None, user: models.User = None,
J: bool = False, S: str = "False",
**kwargs) -> None: **kwargs) -> None:
if not request.user.is_elevated() and J != bool(user.InactivityTS): if not request.user.is_elevated() and strtobool(S) != bool(user.Suspended):
raise ValidationError([ raise ValidationError([
"You do not have permission to suspend accounts."]) "You do not have permission to suspend accounts."])
......
...@@ -916,13 +916,13 @@ def test_post_account_edit_error_invalid_password(client: TestClient, ...@@ -916,13 +916,13 @@ def test_post_account_edit_error_invalid_password(client: TestClient,
assert "Invalid password." in content assert "Invalid password." in content
def test_post_account_edit_inactivity_unauthorized(client: TestClient, def test_post_account_edit_suspend_unauthorized(client: TestClient,
user: User): user: User):
cookies = {"AURSID": user.login(Request(), "testPassword")} cookies = {"AURSID": user.login(Request(), "testPassword")}
post_data = { post_data = {
"U": "test", "U": "test",
"E": "test@example.org", "E": "test@example.org",
"J": True, "S": True,
"passwd": "testPassword" "passwd": "testPassword"
} }
with client as request: with client as request:
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment