kit-eco.social/consumocuidado-server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f94d822d5e0c74874db20958ce4255338eb8a820
consumocuidado-server/back_latienda/permissions.py
Sam fc0478299b changes to views permissions
2021-01-25 10:36:57 +00:00

37 lines
1.1 KiB
Python
Raw Blame History

from rest_framework import permissions
class IsCreator(permissions.BasePermission):
"""
Grant permission if request.user same as obj.creator
"""
def has_object_permission(self, request, view, obj):
if obj is not None:
# allow if authenticated and method is safe
if request.method in permissions.SAFE_METHODS:
return True
# admins always have permission
if request.user.is_staff is True:
return True
# permission if user is the object's creator
return obj.creator == request.user
return False
class IsStaff(permissions.BasePermission):
"""
Grant permission if request.user.is_staff is True
"""
def has_object_permission(self, request, view, obj):
if obj is not None:
if request.user.is_staff is True:
return True
return False
class ReadOnly(permissions.BasePermission):
def has_permission(self, request, view):
return request.method in permissions.SAFE_METHODS
Reference in New Issue View Git Blame Copy Permalink