Mercurial Mercurial > renkan / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server/python/django2/renkanmanager/permissions.py
author durandn
Thu, 03 Mar 2016 18:04:27 +0100
changeset 594 b45eb8244cd9
parent 591 7a548f69251c
permissions -rw-r--r--
Added default to the RENKAN_USER_DISPLAY_FIELD setting. Will default to the USERFIELD_NAME for the user model

from rest_framework import permissions


class CanCreateRenkan(permissions.BasePermission):
    
    def has_permission(self, request, view):
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'POST') and not request.user.has_perm('renkanmanager.add_renkan'):
            return False
        
        return True


class CanEditRenkan(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_renkan', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'PUT') and not request.user.has_perm('change_renkan', obj):
            return False
        
        return True


class CanDeleteRenkan(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_renkan', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'DELETE') and not request.user.has_perm('delete_renkan', obj):
            return False
        
        return True


class CanCreateWorkspace(permissions.BasePermission):
    
    def has_permission(self, request, view):
        if request.method in permissions.SAFE_METHODS:
            return True
        if (request.method == 'POST') and not request.user.has_perm('add_workspace'):
            return False
        
        return True


class CanEditWorkspace(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_workspace', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'PUT') and not request.user.has_perm('change_workspace', obj):
            return False
        
        return True


class CanDeleteWorkspace(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_workspace', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'DELETE') and not request.user.has_perm('delete_workspace', obj):
            return False
        
        return True


class CanDeleteRevision(permissions.BasePermission):
    
    def has_object_permission(self, request, view, obj):
        if not request.user.has_perm('view_revision', obj):
            return False
        if request.method in permissions.SAFE_METHODS:
            return True
        
        if (request.method == 'DELETE') and not request.user.has_perm('delete_revision', obj):
            return False
        
        return True
renkan