phzhik/gault-millau
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

refactored permission a little

Browse Source
This commit is contained in:
Anatoly 2020-02-07 09:44:04 +03:00
parent 4388253bf9
commit 14da53ed94
2 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
apps/utils/methods.py
View File

@ -7,6 +7,7 @@ import string
from collections import namedtuple from collections import namedtuple
from functools import reduce from functools import reduce
from io import BytesIO from io import BytesIO
from operator import or_
import requests import requests
from PIL import Image from PIL import Image
@ -242,12 +243,12 @@ def get_image_meta_by_url(url) -> (int, int, int):
def get_permission_classes(*args) -> list: def get_permission_classes(*args) -> list:
"""Return permission_class object with admin permissions.""" """Return permission_class object with admin permissions."""
from rest_framework.permissions import IsAdminUser from rest_framework.permissions import IsAdminUser
from utils.permissions import IsCountryAdmin from utils.permissions import IsCountryAdmin, IsReadOnly
admin_permission_classes = [IsCountryAdmin, IsAdminUser] admin_permission_classes = [IsCountryAdmin, IsAdminUser, IsReadOnly]
permission_classes = [ permission_classes = [
reduce( reduce(
lambda a, b: a | b, admin_permission_classes + list(args) or_, admin_permission_classes + list(args)
) )
] ]
return permission_classes return permission_classes

13
apps/utils/permissions.py
View File

@ -53,7 +53,7 @@ class IsRefreshTokenValid(permissions.BasePermission):
return False return False
class IsGuest(permissions.IsAuthenticatedOrReadOnly): class IsGuest(permissions.BasePermission):
""" """
Object-level permission to only allow owners of an object to edit it. Object-level permission to only allow owners of an object to edit it.
""" """
@ -66,6 +66,15 @@ class IsGuest(permissions.IsAuthenticatedOrReadOnly):
return all(rules) return all(rules)
class IsReadOnly(permissions.BasePermission):
"""
Allows getting access to resource only if request method in SAFE_METHODs.
"""
def has_permission(self, request, view):
return request.method in SAFE_HTTP_METHODS
class IsApprovedUser(IsAuthenticatedAndTokenIsValid): class IsApprovedUser(IsAuthenticatedAndTokenIsValid):
""" """
Object-level permission to only allow owners of an object to edit it. Object-level permission to only allow owners of an object to edit it.
@ -200,7 +209,7 @@ class IsEstablishmentAdministrator(IsApprovedUser):
).only('id') ).only('id')
has_permission = True if user_role.exists() else has_permission has_permission = True if user_role.exists() else has_permission
rules.append(has_permission) rules.append(has_permission)
return all(rules) return bool(request.method in SAFE_HTTP_METHODS or all(rules))
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
rules = [ rules = [