sarlink/sarlink-portal-api
7
0
Fork 0
mirror of https://github.com/i701/sarlink-portal-api.git synced 2025-07-13 20:45:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactor(views): update user queryset logic to filter out superusers for non-admins 🔨
All checks were successful
Build and Push Docker Images / Build and Push Docker Images (push) Successful in 3m56s
Details

Browse Source
This commit is contained in:
i701
2025-07-11 15:10:01 +05:00
parent 596ce510c7
commit 72c2ea1ecc
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
api/views.py
View File

@ -352,9 +352,9 @@ class ListUserView(StaffEditorPermissionMixin, generics.ListAPIView):
def get_queryset(self):
user = self.request.user
if user.is_authenticated and user.is_staff:
return User.objects.all()
return User.objects.filter(is_staff=False)
if user.is_authenticated and getattr(user, "is_admin"):
return User.objects.filter(is_superuser=False)
return User.objects.none()
class UserVerifyAPIView(StaffEditorPermissionMixin, generics.UpdateAPIView):