Use normal user authentication to control access to /admin

- Adds is_superuser flag to User - Logged-in user must be a superuser or have from_body set in order to access anything within /admin - has_permission_to on a superuser will always return true - Only superusers can create/grant superusers - New `createsuperuser` command for creating superusers
author: Matthew Somerville <matthew-github@dracos.co.uk> 2016-07-06 18:07:22 +0100
committer: Dave Arter <davea@mysociety.org> 2016-07-19 17:56:22 +0100
commit: 6afbfe45183412e35e8e846fd0d4a9d846c8644b (patch)
tree: 3f5cb6173c08a571811f0a31508b45acf31d69f7 /bin/update-schema
parent: 65545553b5171f1ef1d611ea93c38f138451fb31 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/bin/update-schema b/bin/update-schema
index 1393178f8..8f74f34f1 100755
--- a/bin/update-schema
+++ b/bin/update-schema
@@ -194,6 +194,7 @@ else {
 # By querying the database schema, we can see where we're currently at
 # (assuming schema change files are never half-applied, which should be the case)
 sub get_db_version {
+    return '0040' if column_exists('users', 'is_superuser');
     return '0039' if column_exists('users', 'facebook_id');
     return '0038' if column_exists('admin_log', 'time_spent');
     return '0037' if table_exists('response_templates');
author	Matthew Somerville <matthew-github@dracos.co.uk>	2016-07-06 18:07:22 +0100
committer	Dave Arter <davea@mysociety.org>	2016-07-19 17:56:22 +0100
commit	6afbfe45183412e35e8e846fd0d4a9d846c8644b (patch)
tree	3f5cb6173c08a571811f0a31508b45acf31d69f7 /bin/update-schema
parent	65545553b5171f1ef1d611ea93c38f138451fb31 (diff)