Fix establishment timetable serailizer for permission

2019-11-25 10:45:20 +03:00 · 2019-11-25 10:45:20 +03:00 · 6bb0eac409
commit 6bb0eac409
parent 13eb8abac6
3 changed files with 25 additions and 15 deletions
--- a/apps/partner/serializers/back.py
+++ b/apps/partner/serializers/back.py
@ -13,6 +13,7 @@ class BackPartnerSerializer(serializers.ModelSerializer):
            'url',
            'image',
            'establishment',
            'establishment_id',
            'type',
            'starting_date',
            'expiry_date',
--- a/apps/timetable/serialziers.py
+++ b/apps/timetable/serialziers.py
@ -20,6 +20,7 @@ class ScheduleRUDSerializer(serializers.ModelSerializer):
    dinner_end = serializers.TimeField(required=False)
    opening_at = serializers.TimeField(required=False)
    closed_at = serializers.TimeField(required=False)
    establishment_id = serializers.ReadOnlyField(source='establishment.id')
    class Meta:
        """Meta class."""
@ -34,8 +35,10 @@ class ScheduleRUDSerializer(serializers.ModelSerializer):
            'dinner_end',
            'opening_at',
            'closed_at',
            'establishment_id'
        ]
    def validate(self, attrs):
        """Override validate method"""
        establishment_pk = self.context.get('request')\
--- a/apps/utils/permissions.py
+++ b/apps/utils/permissions.py
@ -280,10 +280,10 @@ class IsEstablishmentManager(IsStandardUser):
            super().has_permission(request, view)
        ]
-        # and request.user.email_confirmed,
+        if hasattr(request.data, 'user'):
-        if hasattr(request.data, 'user') and hasattr(request.data, 'establishment_id'):
+            if hasattr(request.data, 'establishment_id'):
                role = Role.objects.filter(role=Role.ESTABLISHMENT_MANAGER) \
-                .first()  # 'Comments moderator'
+                    .first()
                rules = [
                    UserRole.objects.filter(user=request.user, role=role,
@ -294,9 +294,15 @@ class IsEstablishmentManager(IsStandardUser):
        return any(rules)
    def has_object_permission(self, request, view, obj):
        role = Role.objects.filter(role=Role.ESTABLISHMENT_MANAGER) \
            .first()  # 'Comments moderator'
        rules = [
            super().has_object_permission(request, view, obj)
        ]
        role = Role.objects.filter(role=Role.ESTABLISHMENT_MANAGER) \
            .first()
        if hasattr(obj, 'establishment_id'):
            rules = [
                UserRole.objects.filter(user=request.user, role=role,
                                        establishment_id=obj.establishment_id