Allow approvers and editors to see the audit log (package events only)

This commit is contained in:
rubenwardy
2025-09-23 17:59:45 +01:00
parent feeed21b94
commit b88cc1366f
4 changed files with 9 additions and 6 deletions

View File

@@ -124,7 +124,7 @@ class AuditLogEntry(db.Model):
raise Exception("Unknown permission given to AuditLogEntry.check_perm()")
if perm == Permission.VIEW_AUDIT_DESCRIPTION:
return user.rank.at_least(UserRank.APPROVER if self.package is not None else UserRank.MODERATOR)
return (self.package and user in self.package.maintainers) or user.rank.at_least(UserRank.APPROVER if self.package is not None else UserRank.MODERATOR)
else:
raise Exception("Permission {} is not related to audit log entries".format(perm.name))