Mercurial Mercurial > irinotes / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/notes/api/permissions/auth.py
author ymh <ymh.work@gmail.com>
Tue, 25 Jul 2017 19:11:26 +0200
changeset 128 34a75bd8d0b9
parent 117 9864fe2067cd
child 142 56850f5c73f6
permissions -rw-r--r--
add filter on session and node list to recover specific objects

"""
Permissions for auth objects
"""
import logging

from rest_framework import permissions
from rest_framework.permissions import BasePermission
from rest_framework.compat import is_authenticated

logger = logging.getLogger(__name__)


class GroupPermission(BasePermission):
    """
    Pemissions for Groups objects
    """

    def has_permission(self, request, view):
        return request.user and is_authenticated(request.user)


    def has_object_permission(self, request, view, obj):
        if request.method not in permissions.SAFE_METHODS:
            return request.user == obj.profile.owner
        return True
irinotes