From bfdb8749e535e0332ce6d0f4a64ce49ac8fb83db Mon Sep 17 00:00:00 2001
From: rimu <3310831+rimu@users.noreply.github.com>
Date: Sun, 7 Jul 2024 16:09:50 +0800
Subject: [PATCH] Admins can see all of the modlog, everyone else can only see
 public entries #21

---
 app/main/routes.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/app/main/routes.py b/app/main/routes.py
index ecab8105..f0e48b42 100644
--- a/app/main/routes.py
+++ b/app/main/routes.py
@@ -358,7 +358,14 @@ def modlog():
     page = request.args.get('page', 1, type=int)
     low_bandwidth = request.cookies.get('low_bandwidth', '0') == '1'
 
-    modlog_entries = ModLog.query.filter(ModLog.public == True).order_by(desc(ModLog.created_at))
+    # Admins can see all of the modlog, everyone else can only see public entries
+    if current_user.is_authenticated:
+        if current_user.is_admin() or current_user.is_staff():
+            modlog_entries = ModLog.query.order_by(desc(ModLog.created_at))
+        else:
+            modlog_entries = ModLog.query.filter(ModLog.public == True).order_by(desc(ModLog.created_at))
+    else:
+        modlog_entries = ModLog.query.filter(ModLog.public == True).order_by(desc(ModLog.created_at))
 
     # Pagination
     modlog_entries = modlog_entries.paginate(page=page, per_page=100 if not low_bandwidth else 50, error_out=False)