phzhik
fe24802831
+ Telegram bot: sign up, sign in, notifications + Anonymous users can't see yuan_rate_commission * Only logged in customers can create/update orders * Customer info migrated to separate User model * Renamed legacy fields in serializers * Cleanup in API classes
23 lines
700 B
Python
23 lines
700 B
Python
from rest_framework.permissions import BasePermission, SAFE_METHODS
|
|
|
|
|
|
class ReadOnly(BasePermission):
|
|
def has_permission(self, request, view):
|
|
return request.method in SAFE_METHODS
|
|
|
|
|
|
class IsClient(BasePermission):
|
|
def has_permission(self, request, view):
|
|
from account.models import User
|
|
return request.user.is_authenticated and request.user.role == User.CLIENT
|
|
|
|
|
|
class IsManager(BasePermission):
|
|
def has_permission(self, request, view):
|
|
return request.user.is_authenticated and request.user.is_manager
|
|
|
|
|
|
class IsAdmin(BasePermission):
|
|
def has_permission(self, request, view):
|
|
return request.user.is_authenticated and request.user.is_superuser
|