1
This commit is contained in:
Виктор Гладких
parent
0656e2ae32
commit
1bd3cc9170
|
|
@ -23,14 +23,17 @@ class Role(ProjectBaseMixin):
|
||||||
"""Base Role model."""
|
"""Base Role model."""
|
||||||
STANDARD_USER = 1
|
STANDARD_USER = 1
|
||||||
COMMENTS_MODERATOR = 2
|
COMMENTS_MODERATOR = 2
|
||||||
|
COUNTRY_ADMIN = 3
|
||||||
|
|
||||||
ROLE_CHOICES = (
|
ROLE_CHOICES = (
|
||||||
(STANDARD_USER, 'Standard user'),
|
(STANDARD_USER, 'Standard user'),
|
||||||
(COMMENTS_MODERATOR, 'Comments moderator'),
|
(COMMENTS_MODERATOR, 'Comments moderator'),
|
||||||
|
(COUNTRY_ADMIN, 'Country admin'),
|
||||||
)
|
)
|
||||||
role = models.PositiveIntegerField(verbose_name=_('Role'), choices=ROLE_CHOICES,
|
role = models.PositiveIntegerField(verbose_name=_('Role'), choices=ROLE_CHOICES,
|
||||||
null=False, blank=False)
|
null=False, blank=False)
|
||||||
country = models.ForeignKey(Country, verbose_name=_('Country'), on_delete=models.CASCADE)
|
country = models.ForeignKey(Country, verbose_name=_('Country'),
|
||||||
|
null=True, blank=True, on_delete=models.SET_NULL)
|
||||||
# is_list = models.BooleanField(verbose_name=_('list'), default=True, null=False)
|
# is_list = models.BooleanField(verbose_name=_('list'), default=True, null=False)
|
||||||
# is_create = models.BooleanField(verbose_name=_('create'), default=False, null=False)
|
# is_create = models.BooleanField(verbose_name=_('create'), default=False, null=False)
|
||||||
# is_update = models.BooleanField(verbose_name=_('update'), default=False, null=False)
|
# is_update = models.BooleanField(verbose_name=_('update'), default=False, null=False)
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@ class IsGuest(permissions.IsAuthenticatedOrReadOnly):
|
||||||
Object-level permission to only allow owners of an object to edit it.
|
Object-level permission to only allow owners of an object to edit it.
|
||||||
"""
|
"""
|
||||||
def has_object_permission(self, request, view, obj):
|
def has_object_permission(self, request, view, obj):
|
||||||
if request.method in permissions.SAFE_METHODS:
|
if request.method in permissions.SAFE_METHODS or request.user.is_superuser:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
return False
|
return False
|
||||||
|
|
@ -68,8 +68,7 @@ class IsStandardUser(IsGuest):
|
||||||
def has_object_permission(self, request, view, obj):
|
def has_object_permission(self, request, view, obj):
|
||||||
# Read permissions are allowed to any request
|
# Read permissions are allowed to any request
|
||||||
if super().has_object_permission(request, view, obj) or\
|
if super().has_object_permission(request, view, obj) or\
|
||||||
(obj.user == request.user and obj.user.email_confirmed) \
|
(obj.user == request.user and obj.user.email_confirmed):
|
||||||
or request.user.is_superuser:
|
|
||||||
return True
|
return True
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
@ -96,3 +95,18 @@ class IsCommentModerator(IsStandardUser):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
class IsCountryAdmin(IsGuest):
|
||||||
|
|
||||||
|
def has_object_permission(self, request, view, obj):
|
||||||
|
# Read permissions are allowed to any request.
|
||||||
|
|
||||||
|
# Must have role
|
||||||
|
role = Role.objects.filter(role=Role.COUNTRY_ADMIN).first() # 'Country admin'
|
||||||
|
is_access = UserRole.objects.filter(user=request.user, role=role).exists()
|
||||||
|
|
||||||
|
if super().has_object_permission(request, view, obj) and is_access:
|
||||||
|
return True
|
||||||
|
|
||||||
|
return False
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user