olly/codebox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Olly Hearn
2023-05-12 07:31:04 +03:00
commit 786a6a9abb
70 changed files with 32822 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
backend/snippets/permissions.py Normal file
View File

@ -0,0 +1,26 @@
from rest_framework import permissions
from snippets.models import SnippetParticipant
class IsOwnerOrReadOnly(permissions.BasePermission):
"""
Custom permission to only allow owners of an object to edit it.
"""
def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request,
# so we'll always allow GET, HEAD or OPTIONS requests.
if request.method in permissions.SAFE_METHODS:
return True
# Write permissions are only allowed to the owner of the snippet.
return obj.owner == request.user
class IsAccessedOrDeny(permissions.BasePermission):
def has_object_permission(self, request, view, obj):
if obj.owner == request.user:
return True
allowed_users = SnippetParticipant.objects.filter(snippet=obj)
return request.user in [i.user for i in allowed_users]