phzhik/gault-millau
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix country or site

Browse Source
This commit is contained in:
Виктор Гладких 2019-11-25 09:49:17 +03:00
parent 58db94e2d0
commit 13eb8abac6
1 changed files with 69 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
apps/utils/permissions.py
View File

@ -117,8 +117,9 @@ class IsContentPageManager(IsStandardUser):
rules = [ rules = [
super().has_permission(request, view) super().has_permission(request, view)
] ]
# and request.user.email_confirmed,
if hasattr(request, 'user') and hasattr(request.data, 'site_id'): if hasattr(request, 'user'):
if hasattr(request.data, 'site_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER, role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
site_id=request.data.site_id,) \ site_id=request.data.site_id,) \
.first() .first()
@ -127,11 +128,21 @@ class IsContentPageManager(IsStandardUser):
UserRole.objects.filter(user=request.user, role=role).exists(), UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view) super().has_permission(request, view)
] ]
elif hasattr(request.data, 'country_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
country_id=request.data.country_id) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view)
]
return any(rules) return any(rules)
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request. # Read permissions are allowed to any request.
if hasattr(obj, 'site_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER, role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
site_id=obj.site_id) \ site_id=obj.site_id) \
.first() .first()
@ -140,6 +151,16 @@ class IsContentPageManager(IsStandardUser):
UserRole.objects.filter(user=request.user, role=role).exists(), UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_object_permission(request, view, obj) super().has_object_permission(request, view, obj)
] ]
elif hasattr(obj, 'country_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
country_id=obj.country_id) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_object_permission(request, view, obj)
]
return any(rules) return any(rules)
@ -148,19 +169,29 @@ class IsCountryAdmin(IsStandardUser):
Object-level permission to only allow owners of an object to edit it. Object-level permission to only allow owners of an object to edit it.
Assumes the model instance has an `owner` attribute. Assumes the model instance has an `owner` attribute.
""" """
def has_permission(self, request, view): def has_permission(self, request, view):
rules = [ rules = [
super().has_permission(request, view) super().has_permission(request, view)
] ]
# and request.user.email_confirmed, # and request.user.email_confirmed,
if hasattr(request.data, 'user') and hasattr(request.data, 'site_id'): if hasattr(request.data, 'user'):
if hasattr(request.data, 'site_id'):
# Read permissions are allowed to any request. # Read permissions are allowed to any request.
role = Role.objects.filter(role=Role.COUNTRY_ADMIN, role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
site_id=request.data.site_id) \ site_id=request.data.site_id) \
.first() # 'Comments moderator' .first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view)
]
elif hasattr(request.data, 'country_id'):
role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
country_id=request.data.country_id) \
.first()
rules = [ rules = [
UserRole.objects.filter(user=request.user, role=role).exists(), UserRole.objects.filter(user=request.user, role=role).exists(),
@ -170,14 +201,23 @@ class IsCountryAdmin(IsStandardUser):
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request. # Read permissions are allowed to any request.
if hasattr(obj, 'site_id'):
role = Role.objects.filter(role=Role.COUNTRY_ADMIN, role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
site_id=obj.site_id) \ site_id=obj.site_id) \
.first() # 'Comments moderator' .first()
rules = [ rules = [
super().has_object_permission(request, view, obj) super().has_object_permission(request, view, obj)
] ]
# and request.user.email_confirmed, elif hasattr(obj, 'country_id'):
role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
country_id=obj.country_id) \
.first()
rules = [
super().has_object_permission(request, view, obj)
]
if hasattr(request, 'user') and request.user.is_authenticated: if hasattr(request, 'user') and request.user.is_authenticated:
rules = [ rules = [
UserRole.objects.filter(user=request.user, role=role).exists(), UserRole.objects.filter(user=request.user, role=role).exists(),