phzhik/gault-millau
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix country or site

Browse Source
This commit is contained in:
Виктор Гладких 2019-11-25 09:49:17 +03:00
parent 58db94e2d0
commit 13eb8abac6
1 changed files with 69 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
apps/utils/permissions.py
View File

@ -117,29 +117,50 @@ class IsContentPageManager(IsStandardUser):
rules = [ rules = [
super().has_permission(request, view) super().has_permission(request, view)
] ]
# and request.user.email_confirmed,
if hasattr(request, 'user') and hasattr(request.data, 'site_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
site_id=request.data.site_id,) \
.first()
rules = [ if hasattr(request, 'user'):
UserRole.objects.filter(user=request.user, role=role).exists(), if hasattr(request.data, 'site_id'):
super().has_permission(request, view) role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
] site_id=request.data.site_id,) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view)
]
elif hasattr(request.data, 'country_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
country_id=request.data.country_id) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view)
]
return any(rules) return any(rules)
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request. # Read permissions are allowed to any request.
if hasattr(obj, 'site_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
site_id=obj.site_id) \
.first()
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER, rules = [
site_id=obj.site_id) \ UserRole.objects.filter(user=request.user, role=role).exists(),
.first() super().has_object_permission(request, view, obj)
]
elif hasattr(obj, 'country_id'):
role = Role.objects.filter(role=Role.CONTENT_PAGE_MANAGER,
country_id=obj.country_id) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_object_permission(request, view, obj)
]
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_object_permission(request, view, obj)
]
return any(rules) return any(rules)
@ -148,36 +169,55 @@ class IsCountryAdmin(IsStandardUser):
Object-level permission to only allow owners of an object to edit it. Object-level permission to only allow owners of an object to edit it.
Assumes the model instance has an `owner` attribute. Assumes the model instance has an `owner` attribute.
""" """
def has_permission(self, request, view): def has_permission(self, request, view):
rules = [ rules = [
super().has_permission(request, view) super().has_permission(request, view)
] ]
# and request.user.email_confirmed, # and request.user.email_confirmed,
if hasattr(request.data, 'user') and hasattr(request.data, 'site_id'): if hasattr(request.data, 'user'):
# Read permissions are allowed to any request. if hasattr(request.data, 'site_id'):
# Read permissions are allowed to any request.
role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
site_id=request.data.site_id) \
.first()
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view)
]
elif hasattr(request.data, 'country_id'):
role = Role.objects.filter(role=Role.COUNTRY_ADMIN, role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
site_id=request.data.site_id) \ country_id=request.data.country_id) \
.first() # 'Comments moderator' .first()
rules = [ rules = [
UserRole.objects.filter(user=request.user, role=role).exists(), UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view) super().has_permission(request, view)
] ]
return any(rules) return any(rules)
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request. # Read permissions are allowed to any request.
role = Role.objects.filter(role=Role.COUNTRY_ADMIN, if hasattr(obj, 'site_id'):
site_id=obj.site_id) \ role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
.first() # 'Comments moderator' site_id=obj.site_id) \
.first()
rules = [
super().has_object_permission(request, view, obj)
]
elif hasattr(obj, 'country_id'):
role = Role.objects.filter(role=Role.COUNTRY_ADMIN,
country_id=obj.country_id) \
.first()
rules = [
super().has_object_permission(request, view, obj)
]
rules = [
super().has_object_permission(request, view, obj)
]
# and request.user.email_confirmed,
if hasattr(request, 'user') and request.user.is_authenticated: if hasattr(request, 'user') and request.user.is_authenticated:
rules = [ rules = [
UserRole.objects.filter(user=request.user, role=role).exists(), UserRole.objects.filter(user=request.user, role=role).exists(),