Mercurial Mercurial > renkan / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server/python2/django/renkanmanager/permissions.py
author durandn
Tue, 26 Jan 2016 17:18:04 +0100
changeset 588 95536fa18d0d
parent 587 fb0041aa74d3
permissions -rw-r--r--
Minor adjustements to properly interact with Renkan client

from rest_framework import permissions


class CanCreateRenkan(permissions.BasePermission):
    
    def has_permission(self, request, view):
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'POST') and not request.user.has_perm('add_renkan'):
            return False
        
        return True


class CanEditRenkan(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_renkan', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'PUT') and not request.user.has_perm('change_renkan', obj):
            return False
        
        return True


class CanDeleteRenkan(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_renkan', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'DELETE') and not request.user.has_perm('delete_renkan', obj):
            return False
        
        return True


class CanCreateWorkspace(permissions.BasePermission):
    
    def has_permission(self, request, view):
        if request.method in permissions.SAFE_METHODS:
            return True
        if (request.method == 'POST') and not request.user.has_perm('add_workspace'):
            return False
        
        return True


class CanEditWorkspace(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_workspace', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'PUT') and not request.user.has_perm('change_workspace', obj):
            return False
        
        return True


class CanDeleteWorkspace(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_workspace', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'DELETE') and not request.user.has_perm('delete_workspace', obj):
            return False
        
        return True


class CanDeleteRevision(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_revision', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'DELETE') and not request.user.has_perm('delete_revision', obj):
            return False
        
        return True
renkan