commit
This commit is contained in:
Sander Roosendaal
@@ -7,6 +7,7 @@ from __future__ import unicode_literals
|
||||
from rest_framework import permissions
|
||||
from rowers.models import Rower
|
||||
|
||||
|
||||
class IsOwnerOrReadOnly(permissions.BasePermission):
|
||||
"""
|
||||
Custom permission to only allow owners of an object to edit it.
|
||||
@@ -15,35 +16,40 @@ class IsOwnerOrReadOnly(permissions.BasePermission):
|
||||
def has_object_permission(self, request, view, obj):
|
||||
# Read permissions are allowed to any request,
|
||||
# so we'll always allow GET, HEAD or OPTIONS requests.
|
||||
if request.method in permissions.SAFE_METHODS: # pragma: no cover
|
||||
if request.method in permissions.SAFE_METHODS: # pragma: no cover
|
||||
return True
|
||||
|
||||
# Write permissions are only allowed to the owner of the snippet.
|
||||
return obj.user == request.user # pragma: no cover
|
||||
return obj.user == request.user # pragma: no cover
|
||||
|
||||
|
||||
class IsOwnerOrNot(permissions.BasePermission):
|
||||
|
||||
def has_object_permission(self, request, view, obj): # pragma: no cover
|
||||
def has_object_permission(self, request, view, obj): # pragma: no cover
|
||||
r = Rower.objects.get(user=request.user)
|
||||
return (obj.user == r)
|
||||
|
||||
|
||||
class IsRowerOrNot(permissions.BasePermission):
|
||||
def has_object_permission(self, request, view, obj): # pragma: no cover
|
||||
def has_object_permission(self, request, view, obj): # pragma: no cover
|
||||
r = Rower.objects.get(user=request.user)
|
||||
return (r in obj.rower.all())
|
||||
|
||||
|
||||
class IsPlanOrHigher(permissions.BasePermission):
|
||||
def has_object_permission(self, request, view, obj): # pragma: no cover
|
||||
def has_object_permission(self, request, view, obj): # pragma: no cover
|
||||
r = Rower.objects.get(user=request.user)
|
||||
return r not in ['basic','pro','freecoach']
|
||||
return r not in ['basic', 'pro', 'freecoach']
|
||||
|
||||
|
||||
class IsCompetitorOrNot(permissions.BasePermission):
|
||||
|
||||
def has_object_permission(self, request, view, obj): # pragma: no cover
|
||||
def has_object_permission(self, request, view, obj): # pragma: no cover
|
||||
return (obj.userid == request.user.id)
|
||||
|
||||
|
||||
class IsManagerOrReadOnly(permissions.BasePermission):
|
||||
def has_object_permission(self, request, view, obj): # pragma: no cover
|
||||
def has_object_permission(self, request, view, obj): # pragma: no cover
|
||||
if request.method in permissions.SAFE_METHODS:
|
||||
return True
|
||||
|
||||
|
||||
Reference in New Issue
Block a user