Develop rules
This commit is contained in:
Виктор Гладких
parent
6b8fdf7eed
commit
0132a03852
|
|
@ -92,6 +92,7 @@ class ProductDetailBackOfficeView(ProductBackOfficeMixinView,
|
||||||
generics.RetrieveUpdateDestroyAPIView):
|
generics.RetrieveUpdateDestroyAPIView):
|
||||||
"""Product back-office R/U/D view."""
|
"""Product back-office R/U/D view."""
|
||||||
serializer_class = serializers.ProductBackOfficeDetailSerializer
|
serializer_class = serializers.ProductBackOfficeDetailSerializer
|
||||||
|
permission_classes = [IsLiquorReviewer]
|
||||||
|
|
||||||
|
|
||||||
class ProductListCreateBackOfficeView(BackOfficeListCreateMixin, ProductBackOfficeMixinView,
|
class ProductListCreateBackOfficeView(BackOfficeListCreateMixin, ProductBackOfficeMixinView,
|
||||||
|
|
@ -101,6 +102,7 @@ class ProductListCreateBackOfficeView(BackOfficeListCreateMixin, ProductBackOffi
|
||||||
permission_classes = [IsLiquorReviewer]
|
permission_classes = [IsLiquorReviewer]
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
class ProductTypeListCreateBackOfficeView(BackOfficeListCreateMixin,
|
class ProductTypeListCreateBackOfficeView(BackOfficeListCreateMixin,
|
||||||
ProductTypeBackOfficeMixinView,
|
ProductTypeBackOfficeMixinView,
|
||||||
generics.ListCreateAPIView):
|
generics.ListCreateAPIView):
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,9 @@ from account.models import UserRole, Role
|
||||||
from authorization.models import JWTRefreshToken
|
from authorization.models import JWTRefreshToken
|
||||||
from utils.tokens import GMRefreshToken
|
from utils.tokens import GMRefreshToken
|
||||||
from establishment.models import EstablishmentSubType
|
from establishment.models import EstablishmentSubType
|
||||||
from location.models import Address
|
from location.models import Address
|
||||||
|
from product.models import Product
|
||||||
|
|
||||||
|
|
||||||
class IsAuthenticatedAndTokenIsValid(permissions.BasePermission):
|
class IsAuthenticatedAndTokenIsValid(permissions.BasePermission):
|
||||||
"""
|
"""
|
||||||
|
|
@ -81,33 +83,21 @@ class IsStandardUser(IsGuest):
|
||||||
"""
|
"""
|
||||||
|
|
||||||
def has_permission(self, request, view):
|
def has_permission(self, request, view):
|
||||||
rules = [
|
|
||||||
super().has_permission(request, view)
|
|
||||||
]
|
|
||||||
|
|
||||||
# and request.user.email_confirmed,
|
rules = [super().has_permission(request, view),
|
||||||
if hasattr(request, 'user'):
|
request.user.is_authenticated,
|
||||||
rules = [
|
hasattr(request, 'user')
|
||||||
request.user.is_authenticated,
|
]
|
||||||
super().has_permission(request, view)
|
|
||||||
]
|
|
||||||
|
|
||||||
return any(rules)
|
return any(rules)
|
||||||
|
|
||||||
def has_object_permission(self, request, view, obj):
|
def has_object_permission(self, request, view, obj):
|
||||||
# Read permissions are allowed to any request
|
# Read permissions are allowed to any request
|
||||||
rules = [
|
|
||||||
super().has_object_permission(request, view, obj)
|
|
||||||
]
|
|
||||||
|
|
||||||
if hasattr(obj, 'user'):
|
rules = [super().has_object_permission(request, view, obj),
|
||||||
rules = [
|
request.user.is_authenticated,
|
||||||
obj.user == request.user
|
hasattr(request, 'user')
|
||||||
and obj.user.email_confirmed
|
]
|
||||||
and request.user.is_authenticated,
|
|
||||||
|
|
||||||
super().has_object_permission(request, view, obj)
|
|
||||||
]
|
|
||||||
|
|
||||||
return any(rules)
|
return any(rules)
|
||||||
|
|
||||||
|
|
@ -452,15 +442,44 @@ class IsWineryReviewer(IsStandardUser):
|
||||||
|
|
||||||
|
|
||||||
class IsLiquorReviewer(IsStandardUser):
|
class IsLiquorReviewer(IsStandardUser):
|
||||||
# Через establishment получать страну
|
|
||||||
def has_permission(self, request, view):
|
def has_permission(self, request, view):
|
||||||
rules = [
|
rules = [
|
||||||
super().has_permission(request, view)
|
super().has_permission(request, view)
|
||||||
]
|
]
|
||||||
|
|
||||||
|
pk_object = None
|
||||||
|
product = None
|
||||||
|
permission = False
|
||||||
|
if 'pk' in view.kwargs:
|
||||||
|
pk_object = view.kwargs['pk']
|
||||||
|
|
||||||
|
if pk_object is not None:
|
||||||
|
product = Product.objects.get(pk=pk_object)
|
||||||
|
|
||||||
|
if hasattr(product, 'sites') and product.sites.exists():
|
||||||
|
role = Role.objects.filter(role=Role.LIQUOR_REVIEWER, site__in=[site for site in product.sites])
|
||||||
|
permission = UserRole.objects.filter(user=request.user, role=role).exists()
|
||||||
|
|
||||||
|
rules.append(permission)
|
||||||
return any(rules)
|
return any(rules)
|
||||||
|
|
||||||
def has_object_permission(self, request, view, obj):
|
def has_object_permission(self, request, view, obj):
|
||||||
rules = [
|
rules = [
|
||||||
super().has_object_permission(request, view, obj)
|
super().has_object_permission(request, view, obj)
|
||||||
]
|
]
|
||||||
|
pk_object = None
|
||||||
|
product = None
|
||||||
|
permission = False
|
||||||
|
|
||||||
|
if 'pk' in view.kwargs:
|
||||||
|
pk_object = view.kwargs['pk']
|
||||||
|
|
||||||
|
if pk_object is not None:
|
||||||
|
product = Product.objects.get(pk=pk_object)
|
||||||
|
|
||||||
|
if product.sites.exists():
|
||||||
|
role = Role.objects.filter(role=Role.LIQUOR_REVIEWER, site__in=[site for site in product.sites])
|
||||||
|
permission = UserRole.objects.filter(user=request.user, role=role).exists()
|
||||||
|
|
||||||
|
rules.append(permission)
|
||||||
return any(rules)
|
return any(rules)
|
||||||
|
|
@ -29,8 +29,7 @@ MEDIA_ROOT = os.path.join(PUBLIC_ROOT, MEDIA_LOCATION)
|
||||||
# SORL thumbnails
|
# SORL thumbnails
|
||||||
THUMBNAIL_DEBUG = True
|
THUMBNAIL_DEBUG = True
|
||||||
|
|
||||||
# ADDED TRANSFER APP
|
|
||||||
INSTALLED_APPS.append('transfer.apps.TransferConfig')
|
|
||||||
|
|
||||||
# DATABASES
|
# DATABASES
|
||||||
DATABASES = {
|
DATABASES = {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user