Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix is_super_user_api for REST API. 

(imported from commit 94ba18656ca3b0636da9d5ca7969872b31ae970b)
This commit is contained in:
Tim Abbott 2013-05-14 10:41:15 -04:00
parent 6664ac8014
commit b8e1809f94
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
zephyr/views.py
View File

@ -915,7 +915,7 @@ def json_update_onboarding_steps(request, user_profile,
# Currently tabbott/extra@mit.edu is our only superuser. TODO: Make
# this a real superuser security check.
def is_super_user_api(request):
return request.POST.get("api-key") in ["xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"]
return request.user.is_authenticated() and request.user.email == "tabbott/extra@mit.edu"
def mit_to_mit(user_profile, email):
# Are the sender and recipient both @mit.edu addresses?