sarlink/sarlink-portal-api
7
0
Fork 0
mirror of https://github.com/i701/sarlink-portal-api.git synced 2025-02-22 23:12:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
sarlink-portal-api/api/permissions.py

33 lines
1.1 KiB
Python
Raw Normal View History

Initial commit
2025-01-20 14:33:03 +05:00
from rest_framework import permissions
class IsStaffEditorPermission(permissions.DjangoModelPermissions):
perms_map = {
"GET": ["%(app_label)s.view_%(model_name)s"],
"OPTIONS": [],
"HEAD": [],
"POST": ["%(app_label)s.add_%(model_name)s"],
"PUT": ["%(app_label)s.change_%(model_name)s"],
"PATCH": ["%(app_label)s.change_%(model_name)s"],
"DELETE": ["%(app_label)s.delete_%(model_name)s"],
}
message = {
"message": "You do not have permission to perform this action.",
}
def has_permission(self, request, view):
# Ensure the user is authenticated
if not request.user.is_authenticated:
return False
# Get the model name from the view
model_name = view.queryset.model._meta.model_name
app_label = view.queryset.model._meta.app_label
# Check permissions based on the request method
perms = self.perms_map.get(request.method, [])
perms = [perm % {'app_label': app_label, 'model_name': model_name} for perm in perms]
return request.user.has_perms(perms)
Reference in New Issue Copy Permalink