revert back tests from is_staff to has_perm

2025-05-16 01:27:03 +02:00 · 2023-09-29 21:33:48 -04:00 · 2023-09-29 21:33:48 -04:00 · 3580e070a3
commit 3580e070a3
parent 0c05518d61
3 changed files with 11 additions and 15 deletions
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@ -842,12 +842,11 @@ class DomainAdmin(ListHeaderAdmin):
        # Fixes a bug wherein users which are only is_staff
        # can access 'change' when GET,
        # but cannot access this page when it is a request of type POST.
-        # if request.user.has_perm(
-        #     "registrar.full_access_permission"
-        # ) or request.user.has_perm(
-        #     "registrar.analyst_access_permission"
-        # ):
-        if request.user.is_staff:
+        if request.user.has_perm(
+            "registrar.full_access_permission"
+        ) or request.user.has_perm(
+            "registrar.analyst_access_permission"
+        ):
            return True
        return super().has_change_permission(request, obj)

--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@ -63,11 +63,9 @@ class DomainPermission(PermissionsLoginMixin):
        """

        # Check if the user is permissioned...
-        # user_is_analyst_or_superuser = self.request.user.has_perm(
-        #     "registrar.analyst_access_permission"
-        # ) or self.request.user.has_perm("registrar.full_access_permission")
-
-        user_is_analyst_or_superuser = self.request.user.is_staff
+        user_is_analyst_or_superuser = self.request.user.has_perm(
+            "registrar.analyst_access_permission"
+        ) or self.request.user.has_perm("registrar.full_access_permission")

        if not user_is_analyst_or_superuser:
            return False
--- a/src/registrar/views/utility/permission_views.py
+++ b/src/registrar/views/utility/permission_views.py
@ -33,10 +33,9 @@ class DomainPermissionView(DomainPermission, DetailView, abc.ABC):
    def get_context_data(self, **kwargs):
        context = super().get_context_data(**kwargs)
        user = self.request.user
-        # context["is_analyst_or_superuser"] = user.has_perm(
-        #     "registrar.analyst_access_permission"
-        # ) or user.has_perm("registrar.full_access_permission")
-        context["is_analyst_or_superuser"] = user.is_staff
+        context["is_analyst_or_superuser"] = user.has_perm(
+            "registrar.analyst_access_permission"
+        ) or user.has_perm("registrar.full_access_permission")
        # Stored in a variable for the linter
        action = "analyst_action"
        action_location = "analyst_action_location"