Mercurial Mercurial > renkan / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server/python/django2/renkanmanager/permissions.py
changeset 589 0ae11aa255a3
parent 587 fb0041aa74d3
child 591 7a548f69251c 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/server/python/django2/renkanmanager/permissions.py	Tue Feb 02 16:21:20 2016 +0100
@@ -0,0 +1,94 @@
+from rest_framework import permissions
+
+
+class CanCreateRenkan(permissions.BasePermission):
+    
+    def has_permission(self, request, view):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'POST') and not request.user.has_perm('add_renkan'):
+            return False
+        
+        return True
+
+
+class CanEditRenkan(permissions.BasePermission):
+    
+    def has_object_permission(self, request, view, obj):
+        if not request.user.has_perm('view_renkan', obj):
+            return False
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'PUT') and not request.user.has_perm('change_renkan', obj):
+            return False
+        
+        return True
+
+
+class CanDeleteRenkan(permissions.BasePermission):
+    
+    def has_object_permission(self, request, view, obj):
+        if not request.user.has_perm('view_renkan', obj):
+            return False
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'DELETE') and not request.user.has_perm('delete_renkan', obj):
+            return False
+        
+        return True
+
+
+class CanCreateWorkspace(permissions.BasePermission):
+    
+    def has_permission(self, request, view):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        if (request.method == 'POST') and not request.user.has_perm('add_workspace'):
+            return False
+        
+        return True
+
+
+class CanEditWorkspace(permissions.BasePermission):
+    
+    def has_object_permission(self, request, view, obj):
+        if not request.user.has_perm('view_workspace', obj):
+            return False
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'PUT') and not request.user.has_perm('change_workspace', obj):
+            return False
+        
+        return True
+
+
+class CanDeleteWorkspace(permissions.BasePermission):
+    
+    def has_object_permission(self, request, view, obj):
+        if not request.user.has_perm('view_workspace', obj):
+            return False
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'DELETE') and not request.user.has_perm('delete_workspace', obj):
+            return False
+        
+        return True
+
+
+class CanDeleteRevision(permissions.BasePermission):
+    
+    def has_object_permission(self, request, view, obj):
+        if not request.user.has_perm('view_revision', obj):
+            return False
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        
+        if (request.method == 'DELETE') and not request.user.has_perm('delete_revision', obj):
+            return False
+        
+        return True
\ No newline at end of file
renkan