Home Explore Help
Sign In
SMusatov
/
sentry
mirror of https://github.com/getsentry/sentry
1
0
Fork 0
Files
Browse Source

fix(api): Allow superusers to update user.is_active (#30800)

Megan Heskett 3 years ago
parent
5b6f6ab761
commit
e6fa9a117d
2 changed files with 13 additions and 3 deletions
Split View Show Diff Stats
  1. 11 1
      src/sentry/api/endpoints/user_details.py
  2. 2 2
      tests/sentry/api/endpoints/test_user_details.py

+ 11 - 1
src/sentry/api/endpoints/user_details.py
View File 

@@ -17,6 +17,7 @@ from sentry.api.decorators import sudo_required
 
 from sentry.api.serializers import serialize
 
 from sentry.api.serializers.models.user import DetailedUserSerializer
 
 from sentry.api.serializers.rest_framework import ListField
 
+from sentry.auth.superuser import is_active_superuser
 
 from sentry.constants import LANGUAGES
 
 from sentry.models import Organization, OrganizationMember, OrganizationStatus, User, UserOption
 
 
@@ -96,8 +97,15 @@ class UserSerializer(BaseUserSerializer):
 
         return super().validate(attrs)
 
 
 
-class PrivilegedUserSerializer(BaseUserSerializer):
 
+class SuperuserUserSerializer(BaseUserSerializer):
 
     isActive = serializers.BooleanField(source="is_active")
 
+
 
+    class Meta:
 
+        model = User
 
+        fields = ("name", "username", "isActive")
 
+
 
+
 
+class PrivilegedUserSerializer(SuperuserUserSerializer):
 
     isStaff = serializers.BooleanField(source="is_staff")
 
     isSuperuser = serializers.BooleanField(source="is_superuser")
 
 
@@ -144,6 +152,8 @@ class UserDetailsEndpoint(UserEndpoint):
 
 
         if request.access.has_permission("users.admin"):
 
             serializer_cls = PrivilegedUserSerializer
 
+        elif is_active_superuser(request):
 
+            serializer_cls = SuperuserUserSerializer
 
         else:
 
             serializer_cls = UserSerializer
 
         serializer = serializer_cls(user, data=request.data, partial=True)

+ 2 - 2
tests/sentry/api/endpoints/test_user_details.py
View File 

@@ -120,7 +120,7 @@ class UserDetailsUpdateTest(UserDetailsTest):
 
 class UserDetailsSuperuserUpdateTest(UserDetailsTest):
 
     method = "put"
 
 
-    def test_superuser_cannot_change_is_active(self):
 
+    def test_superuser_can_change_is_active(self):
 
         superuser = self.create_user(email="b@example.com", is_superuser=True)
 
         self.login_as(user=superuser, superuser=True)
 
 
@@ -131,7 +131,7 @@ class UserDetailsSuperuserUpdateTest(UserDetailsTest):
 
         assert resp.data["id"] == str(self.user.id)
 
 
         user = User.objects.get(id=self.user.id)
 
-        assert user.is_active
 
+        assert not user.is_active
 
 
     def test_superuser_with_permission_can_change_is_active(self):
 
         superuser = self.create_user(email="b@example.com", is_superuser=True)