Admin flagged page for superusers only.

Adapt code so that it could be opened up more in future.

2 files changed, 12 insertions, 13 deletions

diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm
index b57788e89..1f07aae82 100644
--- a/perllib/FixMyStreet/App/Controller/Admin.pm
+++ b/perllib/FixMyStreet/App/Controller/Admin.pm
@@ -1025,10 +1025,8 @@ sub users: Path('users') : Args(0) {
         $c->stash->{users} = [ @users ];
 
         my $emails = $c->model('DB::Abuse')->search(
-            {
-                email => { ilike => $isearch }
-            }
-        );
+            { email => { ilike => $isearch } }
+        ) if $c->user->is_superuser;
         foreach my $email ($emails->all) {
             # Slight abuse of the boolean flagged value
             if ($email2user{$email->email}) {
@@ -1328,12 +1326,13 @@ sub flagged : Path('flagged') : Args(0) {
     # which has to use an array ref for sql quoting reasons
     $c->stash->{problems} = [ $problems->all ];
 
-    my $users = $c->model('DB::User')->search( { flagged => 1 } );
+    my $users = $c->cobrand->users->search( { flagged => 1 } );
     my @users = $users->all;
     my %email2user = map { $_->email => $_ } @users;
     $c->stash->{users} = [ @users ];
 
-    my @abuser_emails = $c->model('DB::Abuse')->all();
+    my @abuser_emails = $c->model('DB::Abuse')->all()
+        if $c->user->is_superuser;
 
     foreach my $email (@abuser_emails) {
         # Slight abuse of the boolean flagged value
@@ -1566,7 +1565,7 @@ sub flag_user : Private {
 
     return unless $email;
 
-    my $user = $c->model('DB::User')->find({ email => $email });
+    my $user = $c->cobrand->users->find({ email => $email });
 
     if ( !$user ) {
         $c->stash->{status_message} = _('Could not find user');
@@ -1594,7 +1593,7 @@ sub remove_user_flag : Private {
 
     return unless $email;
 
-    my $user = $c->model('DB::User')->find({ email => $email });
+    my $user = $c->cobrand->users->find({ email => $email });
 
     if ( !$user ) {
         $c->stash->{status_message} = _('Could not find user');
diff --git a/perllib/FixMyStreet/Cobrand/Default.pm b/perllib/FixMyStreet/Cobrand/Default.pm
index 48484d4bb..68e8f957c 100644
--- a/perllib/FixMyStreet/Cobrand/Default.pm
+++ b/perllib/FixMyStreet/Cobrand/Default.pm
@@ -648,7 +648,6 @@ sub admin_pages {
          'reports' => [_('Reports'), 2],
          'timeline' => [_('Timeline'), 5],
          'users' => [_('Users'), 6],
-         'flagged'  => [_('Flagged'), 7],
          'stats'  => [_('Stats'), 8],
          'user_edit' => [undef, undef],
          'body' => [undef, undef],
@@ -659,16 +658,17 @@ sub admin_pages {
 
     # There are some pages that only super users can see
     if ( $user->is_superuser ) {
+        $pages->{flagged} = [ _('Flagged'), 7 ];
         $pages->{config} = [ _('Configuration'), 9];
     };
     # And some that need special permissions
     if ( $user->is_superuser || $user->has_body_permission_to('template_edit') ) {
-        $pages->{templates} = [_('Templates'), 3];
-        $pages->{template_edit} = [undef, undef];
+        $pages->{templates} = [ _('Templates'), 3 ];
+        $pages->{template_edit} = [ undef, undef ];
     };
     if ( $user->is_superuser || $user->has_body_permission_to('responsepriority_edit') ) {
-        $pages->{responsepriorities} = [_('Priorities'), 4];
-        $pages->{responsepriority_edit} = [undef, undef];
+        $pages->{responsepriorities} = [ _('Priorities'), 4 ];
+        $pages->{responsepriority_edit} = [ undef, undef ];
     };