phzhik/gault-millau
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Develop rules

Browse Source
This commit is contained in:
Виктор Гладких 2019-12-10 12:49:59 +03:00
parent 6b8fdf7eed
commit 0132a03852
3 changed files with 44 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/product/views/back.py
View File

@ -92,6 +92,7 @@ class ProductDetailBackOfficeView(ProductBackOfficeMixinView,
generics.RetrieveUpdateDestroyAPIView):
"""Product back-office R/U/D view."""
serializer_class = serializers.ProductBackOfficeDetailSerializer
permission_classes = [IsLiquorReviewer]
class ProductListCreateBackOfficeView(BackOfficeListCreateMixin, ProductBackOfficeMixinView,
@ -101,6 +102,7 @@ class ProductListCreateBackOfficeView(BackOfficeListCreateMixin, ProductBackOffi
permission_classes = [IsLiquorReviewer]
class ProductTypeListCreateBackOfficeView(BackOfficeListCreateMixin,
ProductTypeBackOfficeMixinView,
generics.ListCreateAPIView):

63
apps/utils/permissions.py
View File

@ -8,7 +8,9 @@ from account.models import UserRole, Role
from authorization.models import JWTRefreshToken
from utils.tokens import GMRefreshToken
from establishment.models import EstablishmentSubType
from location.models import Address
from location.models import Address
from product.models import Product
class IsAuthenticatedAndTokenIsValid(permissions.BasePermission):
"""
@ -81,33 +83,21 @@ class IsStandardUser(IsGuest):
"""
def has_permission(self, request, view):
rules = [
super().has_permission(request, view)
]
# and request.user.email_confirmed,
if hasattr(request, 'user'):
rules = [
request.user.is_authenticated,
super().has_permission(request, view)
]
rules = [super().has_permission(request, view),
request.user.is_authenticated,
hasattr(request, 'user')
]
return any(rules)
def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request
rules = [
super().has_object_permission(request, view, obj)
]
if hasattr(obj, 'user'):
rules = [
obj.user == request.user
and obj.user.email_confirmed
and request.user.is_authenticated,
super().has_object_permission(request, view, obj)
]
rules = [super().has_object_permission(request, view, obj),
request.user.is_authenticated,
hasattr(request, 'user')
]
return any(rules)
@ -452,15 +442,44 @@ class IsWineryReviewer(IsStandardUser):
class IsLiquorReviewer(IsStandardUser):
# Через establishment получать страну
def has_permission(self, request, view):
rules = [
super().has_permission(request, view)
]
pk_object = None
product = None
permission = False
if 'pk' in view.kwargs:
pk_object = view.kwargs['pk']
if pk_object is not None:
product = Product.objects.get(pk=pk_object)
if hasattr(product, 'sites') and product.sites.exists():
role = Role.objects.filter(role=Role.LIQUOR_REVIEWER, site__in=[site for site in product.sites])
permission = UserRole.objects.filter(user=request.user, role=role).exists()
rules.append(permission)
return any(rules)
def has_object_permission(self, request, view, obj):
rules = [
super().has_object_permission(request, view, obj)
]
pk_object = None
product = None
permission = False
if 'pk' in view.kwargs:
pk_object = view.kwargs['pk']
if pk_object is not None:
product = Product.objects.get(pk=pk_object)
if product.sites.exists():
role = Role.objects.filter(role=Role.LIQUOR_REVIEWER, site__in=[site for site in product.sites])
permission = UserRole.objects.filter(user=request.user, role=role).exists()
rules.append(permission)
return any(rules)

3
project/settings/local.py
View File

@ -29,8 +29,7 @@ MEDIA_ROOT = os.path.join(PUBLIC_ROOT, MEDIA_LOCATION)
# SORL thumbnails
THUMBNAIL_DEBUG = True
# ADDED TRANSFER APP
INSTALLED_APPS.append('transfer.apps.TransferConfig')
# DATABASES
DATABASES = {