You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

54 lines
1.6 KiB

2 years ago
2 years ago
2 years ago
  1. from django.conf import settings
  2. from rest_framework.permissions import BasePermission, SAFE_METHODS
  3. from .models import Member
  4. class RolePermission(BasePermission):
  5. UNSAFE_METHODS = ("POST", "PATCH", "DELETE")
  6. unsafe_methods_check = True
  7. role_name = ""
  8. @classmethod
  9. def get_project_id(cls, request, view):
  10. return view.kwargs.get("project_id") or request.query_params.get("project_id")
  11. def has_permission(self, request, view):
  12. if request.user.is_superuser:
  13. return True
  14. if self.unsafe_methods_check and request.method in self.UNSAFE_METHODS:
  15. return request.user.is_superuser
  16. project_id = self.get_project_id(request, view)
  17. if not project_id and request.method in SAFE_METHODS:
  18. return True
  19. return Member.objects.has_role(project_id, request.user, self.role_name)
  20. class IsProjectAdmin(RolePermission):
  21. unsafe_methods_check = False
  22. role_name = settings.ROLE_PROJECT_ADMIN
  23. class IsAnnotatorAndReadOnly(RolePermission):
  24. role_name = settings.ROLE_ANNOTATOR
  25. class IsAnnotator(RolePermission):
  26. unsafe_methods_check = False
  27. role_name = settings.ROLE_ANNOTATOR
  28. class IsAnnotationApproverAndReadOnly(RolePermission):
  29. role_name = settings.ROLE_ANNOTATION_APPROVER
  30. class IsAnnotationApprover(RolePermission):
  31. unsafe_methods_check = False
  32. role_name = settings.ROLE_ANNOTATION_APPROVER
  33. IsProjectMember = IsAnnotator | IsAnnotationApprover | IsProjectAdmin # type: ignore
  34. IsProjectStaffAndReadOnly = IsAnnotatorAndReadOnly | IsAnnotationApproverAndReadOnly # type: ignore