Use django default is_superuser instead of custom admin field

Author: spalmurray

src/firetower/auth/admin.py

@@ -29,8 +29,7 @@ class UserAdmin(BaseUserAdmin):
 
 @admin.register(UserProfile)
 class UserProfileAdmin(admin.ModelAdmin):
-    list_display = ["user", "is_admin", "avatar_url"]
-    list_filter = ["is_admin"]
+    list_display = ["user", "avatar_url"]
     search_fields = [
         "user__username",
         "user__email",

src/firetower/auth/migrations/0003_remove_is_admin_field.py

@@ -0,0 +1,16 @@
+# Generated by Django 5.2.7 on 2025-10-21 19:36
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("firetower_auth", "0002_rename_type_fields"),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name="userprofile",
+            name="is_admin",
+        ),
+    ]

src/firetower/auth/models.py

@@ -17,13 +17,13 @@ class UserProfile(models.Model):
     - email
     - first_name
     - last_name
+    - is_superuser (for admin access)
     """
 
     user = models.OneToOneField(
         "auth.User", on_delete=models.CASCADE, related_name="userprofile"
     )
     avatar_url = models.URLField(blank=True)
-    is_admin = models.BooleanField(default=False)
 
     @property
     def user_incidents(self):

src/firetower/auth/tests/test_models.py

@@ -17,7 +17,6 @@ def test_userprofile_auto_created_on_user_creation(self):
 
         assert hasattr(user, "userprofile")
         assert isinstance(user.userprofile, UserProfile)
-        assert user.userprofile.is_admin is False
         assert user.userprofile.avatar_url == ""
 
     def test_userprofile_str(self):

src/firetower/incidents/models.py

@@ -175,8 +175,8 @@ def is_visible_to_user(self, user):
         if not self.is_private:
             return True
 
-        # Admins can see all incidents
-        if hasattr(user, "userprofile") and user.userprofile.is_admin:
+        # Superusers can see all incidents
+        if user.is_superuser:
             return True
 
         # Check if user is involved
@@ -239,7 +239,8 @@ def filter_visible_to_user(queryset, user):
     Returns:
         Filtered queryset
     """
-    if hasattr(user, "userprofile") and user.userprofile.is_admin:
+    # Superusers see everything
+    if user.is_superuser:
         return queryset
 
     from django.db.models import Q

src/firetower/incidents/tests/test_models.py

@@ -159,11 +159,13 @@ def test_private_incident_visible_to_participant(self):
         assert incident.is_visible_to_user(participant) is True
         assert incident.is_visible_to_user(other_user) is False
 
-    def test_private_incident_visible_to_admin(self):
-        """Test private incident is visible to admin users"""
-        admin_user = User.objects.create_user(username="[email protected]")
-        admin_user.userprofile.is_admin = True
-        admin_user.userprofile.save()
+    def test_private_incident_visible_to_superuser(self):
+        """Test private incident is visible to superusers"""
+        superuser = User.objects.create_superuser(
+            username="[email protected]",
+            email="[email protected]",
+            password="test123",
+        )
 
         incident = Incident.objects.create(
             title="Private Incident",
@@ -172,7 +174,7 @@ def test_private_incident_visible_to_admin(self):
             is_private=True,
         )
 
-        assert incident.is_visible_to_user(admin_user) is True
+        assert incident.is_visible_to_user(superuser) is True
 
     def test_affected_areas_property(self):
         """Test affected_areas property returns list of tag names"""
@@ -362,11 +364,13 @@ def test_external_link_str(self):
 
 @pytest.mark.django_db
 class TestFilterVisibleToUser:
-    def test_admin_sees_all_incidents(self):
-        """Test admin users see all incidents"""
-        admin = User.objects.create_user(username="[email protected]")
-        admin.userprofile.is_admin = True
-        admin.userprofile.save()
+    def test_superuser_sees_all_incidents(self):
+        """Test superusers see all incidents"""
+        superuser = User.objects.create_superuser(
+            username="[email protected]",
+            email="[email protected]",
+            password="test123",
+        )
 
         public = Incident.objects.create(
             title="Public",
@@ -383,7 +387,7 @@ def test_admin_sees_all_incidents(self):
         )
 
         queryset = Incident.objects.all()
-        filtered = filter_visible_to_user(queryset, admin)
+        filtered = filter_visible_to_user(queryset, superuser)
 
         assert filtered.count() == 2
         assert public in filtered