From 3654fcfca716c7994bd166436cfb57b6b65d7c85 Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Mon, 7 Jan 2019 17:06:45 -0800 Subject: only superusers get auto-magic-privs --- rust/migrations/2018-05-12-001226_init/up.sql | 2 +- rust/src/api_helpers.rs | 2 +- rust/src/auth.rs | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/rust/migrations/2018-05-12-001226_init/up.sql b/rust/migrations/2018-05-12-001226_init/up.sql index b5b39f6f..cf7e3fe2 100644 --- a/rust/migrations/2018-05-12-001226_init/up.sql +++ b/rust/migrations/2018-05-12-001226_init/up.sql @@ -16,7 +16,7 @@ CREATE EXTENSION IF NOT EXISTS "uuid-ossp"; CREATE TABLE editor ( id UUID PRIMARY KEY DEFAULT uuid_generate_v4(), - username TEXT NOT NULL CHECK (username ~* '^[A-Za-z0-9][A-Za-z0-9._-]{2,15}$'), -- UNIQ below + username TEXT NOT NULL CHECK (username ~* '^[A-Za-z0-9][A-Za-z0-9._-]{2,19}$'), -- UNIQ below is_superuser BOOLEAN NOT NULL DEFAULT false, is_admin BOOLEAN NOT NULL DEFAULT false, is_bot BOOLEAN NOT NULL DEFAULT false, diff --git a/rust/src/api_helpers.rs b/rust/src/api_helpers.rs index 79114d4f..5e68d8e2 100644 --- a/rust/src/api_helpers.rs +++ b/rust/src/api_helpers.rs @@ -359,7 +359,7 @@ pub fn uuid2fcid(id: &Uuid) -> String { pub fn check_username(raw: &str) -> Result<()> { lazy_static! { - static ref RE: Regex = Regex::new(r"^[A-Za-z0-9][A-Za-z0-9._-]{2,15}$").unwrap(); + static ref RE: Regex = Regex::new(r"^[A-Za-z0-9][A-Za-z0-9._-]{2,19}$").unwrap(); } if RE.is_match(raw) { Ok(()) diff --git a/rust/src/auth.rs b/rust/src/auth.rs index 0160d2e8..8894e33b 100644 --- a/rust/src/auth.rs +++ b/rust/src/auth.rs @@ -40,7 +40,7 @@ impl AuthContext { // if account is disabled, only allow public role return role == FatcatRole::Public; } - if self.editor_row.is_admin { + if self.editor_row.is_superuser { return true; } match role { -- cgit v1.2.3