Mercurial Mercurial > renkan / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server/python/django2/renkanmanager/permissions.py
author durandn
Tue, 02 Feb 2016 16:21:20 +0100
changeset 589 0ae11aa255a3
parent 587 server/python2/django/renkanmanager/permissions.py@fb0041aa74d3
child 591 7a548f69251c
permissions -rw-r--r--
Moved python2/django into a django2 folder for consistency + clarified serializers fields name

from rest_framework import permissions


class CanCreateRenkan(permissions.BasePermission):
    
    def has_permission(self, request, view):
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'POST') and not request.user.has_perm('add_renkan'):
            return False
        
        return True


class CanEditRenkan(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_renkan', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'PUT') and not request.user.has_perm('change_renkan', obj):
            return False
        
        return True


class CanDeleteRenkan(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_renkan', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'DELETE') and not request.user.has_perm('delete_renkan', obj):
            return False
        
        return True


class CanCreateWorkspace(permissions.BasePermission):
    
    def has_permission(self, request, view):
        if request.method in permissions.SAFE_METHODS:
            return True
        if (request.method == 'POST') and not request.user.has_perm('add_workspace'):
            return False
        
        return True


class CanEditWorkspace(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_workspace', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'PUT') and not request.user.has_perm('change_workspace', obj):
            return False
        
        return True


class CanDeleteWorkspace(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_workspace', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'DELETE') and not request.user.has_perm('delete_workspace', obj):
            return False
        
        return True


class CanDeleteRevision(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_revision', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'DELETE') and not request.user.has_perm('delete_revision', obj):
            return False
        
        return True
renkan