sas: simplify and optimize permissions for SAS images

2024-11-21 21:53:30 +00:00 · 2019-09-15 16:43:17 +02:00 · 2019-09-15 16:43:17 +02:00 · 8330e1eaf2
commit 8330e1eaf2
parent 1f86827e46
1 changed files with 3 additions and 8 deletions
--- a/sas/models.py
+++ b/sas/models.py
@ -71,16 +71,11 @@ class Picture(SithFile):
        return False

    def can_be_edited_by(self, user):
-        # file = SithFile.objects.filter(id=self.id).first()
-        return user.is_in_group(
-            settings.SITH_GROUP_SAS_ADMIN_ID
-        )  # or user.can_edit(file)
+        return user.is_in_group(settings.SITH_GROUP_SAS_ADMIN_ID)

    def can_be_viewed_by(self, user):
-        # file = SithFile.objects.filter(id=self.id).first()
-        return self.can_be_edited_by(user) or (
-            self.is_in_sas and self.is_moderated and user.was_subscribed
-        )  # or user.can_view(file)
+        # SAS pictures are visible to old subscribers
+        return self.is_in_sas and self.is_moderated and user.was_subscribed

    def get_download_url(self):
        return reverse("sas:download", kwargs={"picture_id": self.id})