perms: consistently use >= for admin levels

places that use the PERMS constant do it and this way makes it clearer what admin level is required to perform an action.
2023-04-04 04:08:17 -05:00 · 2023-04-04 04:08:17 -05:00 · 688cd91e83
commit 688cd91e83
parent 3bbedd7375
21 changed files with 50 additions and 50 deletions
--- a/files/helpers/comments.py
+++ b/files/helpers/comments.py
@ -223,7 +223,7 @@ def comment_on_unpublish(comment:Comment):


 def comment_filter_moderated(q: Query, v: Optional[User]) -> Query:
-	if not (v and v.shadowbanned) and not (v and v.admin_level > 2):
+	if not (v and v.shadowbanned) and not (v and v.admin_level >= 3):
 		q = q.join(User, User.id == Comment.author_id) \
 		     .filter(User.shadowbanned == None)
 	if not v or v.admin_level < 2:
--- a/files/helpers/get.py
+++ b/files/helpers/get.py
@ -262,7 +262,7 @@ def get_comments(
 			blocked.c.target_id,
 		).filter(Comment.id.in_(cids))
 
-		if not (v and (v.shadowbanned or v.admin_level > 1)):
+		if not (v and (v.shadowbanned or v.admin_level >= 2)):
 			comments = comments.join(User, User.id == Comment.author_id) \
 				.filter(User.shadowbanned == None)

--- a/files/helpers/listing.py
+++ b/files/helpers/listing.py
@ -101,11 +101,11 @@ def frontlist(v=None, sort='new', page=1, t="all", ids_only=True, ccmode="false"

@cache.memoize(timeout=USERPAGELISTING_TIMEOUT_SECS)
 def userpagelisting(u:User, v=None, page=1, sort="new", t="all"):
-	if u.shadowbanned and not (v and (v.admin_level > 1 or v.id == u.id)): return []
+	if u.shadowbanned and not (v and (v.admin_level >= 2 or v.id == u.id)): return []

 	posts = g.db.query(Submission.id).filter_by(author_id=u.id, is_pinned=False)

-	if not (v and (v.admin_level > 1 or v.id == u.id)):
+	if not (v and (v.admin_level >= 2 or v.id == u.id)):
 		posts = posts.filter_by(deleted_utc=0, is_banned=False, private=False, ghost=False)

 	posts = apply_time_filter(posts, t, Submission)
--- a/files/helpers/sanitize.py
+++ b/files/helpers/sanitize.py
@ -232,7 +232,7 @@ def sanitize(sanitized, alert=False, comment=False, edit=False):
 			if not u: continue
 			m = [ m for m in matches if u.username == m.group(2) or u.original_username == m.group(2) ]
 			for i in m:
-				if not (g.v and g.v.any_block_exists(u)) or g.v.admin_level > 1:
+				if not (g.v and g.v.any_block_exists(u)) or g.v.admin_level >= 2:
 					sanitized = sanitized.replace(i.group(0), f'''{i.group(1)}<a href="/id/{u.id}"><img loading="lazy" src="/pp/{u.id}">@{u.username}</a>''', 1)

 	soup = BeautifulSoup(sanitized, 'lxml')