Fix non-admin users not being able to set profile URLs

diff --git a/app/blueprints/users/profile.py b/app/blueprints/users/profile.py
index a4e194e3def714eaeb148c995820b79995be7f7b..177eefef09865d2ad74c5bfd60f644bcaa346eff 100644 (file)
--- a/app/blueprints/users/profile.py
+++ b/app/blueprints/users/profile.py
@@ -63,6 +63,8 @@ def profile(username):
                        # Copy form fields to user_profile fields
                        if user.checkPerm(current_user, Permission.CHANGE_DNAME):
                                user.display_name = form["display_name"].data
+
+                       if user.checkPerm(current_user, Permission.CHANGE_PROFILE_URLS):
                                user.website_url  = form["website_url"].data
                                user.donate_url   = form["donate_url"].data
 

diff --git a/app/models.py b/app/models.py
index 86136f289fa164524dbdb927978251a5a3be74da..eff06b6af0ed51c745647bd062245b8324dd43ca 100644 (file)
--- a/app/models.py
+++ b/app/models.py
@@ -93,6 +93,7 @@ class Permission(enum.Enum):
        UNAPPROVE_PACKAGE  = "UNAPPROVE_PACKAGE"
        TOPIC_DISCARD      = "TOPIC_DISCARD"
        CREATE_TOKEN       = "CREATE_TOKEN"
+       CHANGE_PROFILE_URLS = "CHANGE_PROFILE_URLS"
 
        # Only return true if the permission is valid for *all* contexts
        # See Package.checkPerm for package-specific contexts
@@ -192,7 +193,7 @@ class User(db.Model, UserMixin):
                        return user.rank.atLeast(UserRank.EDITOR)
                elif perm == Permission.CHANGE_RANK or perm == Permission.CHANGE_DNAME:
                        return user.rank.atLeast(UserRank.MODERATOR)
-               elif perm == Permission.CHANGE_EMAIL:
+               elif perm == Permission.CHANGE_EMAIL or perm == Permission.CHANGE_PROFILE_URLS:
                        return user == self or (user.rank.atLeast(UserRank.MODERATOR) and user.rank.atLeast(self.rank))
                elif perm == Permission.CREATE_TOKEN:
                        if user == self:

diff --git a/app/templates/users/profile.html b/app/templates/users/profile.html
index 37ee5df0b99b1b39b1870502c62a70f01eea1c81..e237fa96e235eea8dbf5c18375e3e26355bd8e87 100644 (file)
--- a/app/templates/users/profile.html
+++ b/app/templates/users/profile.html
@@ -164,6 +164,9 @@
 
                                        {% if user.checkPerm(current_user, "CHANGE_DNAME") %}
                                                {{ render_field(form.display_name, tabindex=230) }}
+                                       {% endif %}
+
+                                       {% if user.checkPerm(current_user, "CHANGE_PROFILE_URLS") %}
                                                {{ render_field(form.website_url, tabindex=232) }}
                                                {{ render_field(form.donate_url, tabindex=233) }}
                                        {% endif %}
@@ -177,7 +180,9 @@
                                                {{ render_field(form.rank, tabindex=250) }}
                                        {% endif %}
 
-                                       {{ render_submit_field(form.submit, tabindex=280) }}
+                                       <p>
+                                               {{ render_submit_field(form.submit, tabindex=280) }}
+                                       </p>
                                </form>
                        </div>
                </div>