only superusers get auto-magic-privs

3 files changed, 3 insertions, 3 deletions

diff --git a/rust/migrations/2018-05-12-001226_init/up.sql b/rust/migrations/2018-05-12-001226_init/up.sql
index b5b39f6f..cf7e3fe2 100644
--- a/rust/migrations/2018-05-12-001226_init/up.sql
+++ b/rust/migrations/2018-05-12-001226_init/up.sql
@@ -16,7 +16,7 @@ CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
 
 CREATE TABLE editor (
     id                  UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
-    username            TEXT NOT NULL CHECK (username ~* '^[A-Za-z0-9][A-Za-z0-9._-]{2,15}$'), -- UNIQ below
+    username            TEXT NOT NULL CHECK (username ~* '^[A-Za-z0-9][A-Za-z0-9._-]{2,19}$'), -- UNIQ below
     is_superuser        BOOLEAN NOT NULL DEFAULT false,
     is_admin            BOOLEAN NOT NULL DEFAULT false,
     is_bot              BOOLEAN NOT NULL DEFAULT false,
diff --git a/rust/src/api_helpers.rs b/rust/src/api_helpers.rs
index 79114d4f..5e68d8e2 100644
--- a/rust/src/api_helpers.rs
+++ b/rust/src/api_helpers.rs
@@ -359,7 +359,7 @@ pub fn uuid2fcid(id: &Uuid) -> String {
 
 pub fn check_username(raw: &str) -> Result<()> {
     lazy_static! {
-        static ref RE: Regex = Regex::new(r"^[A-Za-z0-9][A-Za-z0-9._-]{2,15}$").unwrap();
+        static ref RE: Regex = Regex::new(r"^[A-Za-z0-9][A-Za-z0-9._-]{2,19}$").unwrap();
     }
     if RE.is_match(raw) {
         Ok(())
diff --git a/rust/src/auth.rs b/rust/src/auth.rs
index 0160d2e8..8894e33b 100644
--- a/rust/src/auth.rs
+++ b/rust/src/auth.rs
@@ -40,7 +40,7 @@ impl AuthContext {
             // if account is disabled, only allow public role
             return role == FatcatRole::Public;
         }
-        if self.editor_row.is_admin {
+        if self.editor_row.is_superuser {
             return true;
         }
         match role {