6b40f95033
Co-authored-by: Eve832 <eve.meelan@grafana.com>
Co-authored-by: Francisco Montes de Oca <nevermind89x@gmail.com>
Co-authored-by: Ildar Iskhakov <ildar.iskhakov@grafana.com>
Co-authored-by: Innokentii Konstantinov <innokenty.konstantinov@grafana.com>
Co-authored-by: Julia <ferril.darkdiver@gmail.com>
Co-authored-by: maskin25 <kengurek@gmail.com>
Co-authored-by: Matias Bordese <mbordese@gmail.com>
Co-authored-by: Matvey Kukuy <motakuk@gmail.com>
Co-authored-by: Michael Derynck <michael.derynck@grafana.com>
Co-authored-by: Richard Hartmann <richih@richih.org>
Co-authored-by: Robby Milo <robbymilo@fastmail.com>
Co-authored-by: Timur Olzhabayev <timur.olzhabayev@grafana.com>
Co-authored-by: Vadim Stepanov <vadimkerr@gmail.com>
Co-authored-by: Yulia Shanyrova <yulia.shanyrova@grafana.com>
24 lines
695 B
Python
24 lines
695 B
Python
from typing import Any
|
|
|
|
from rest_framework import permissions
|
|
from rest_framework.request import Request
|
|
from rest_framework.viewsets import ViewSet
|
|
|
|
from apps.api.permissions.roles import IsAdmin, IsEditor
|
|
from common.utils import getattrd
|
|
|
|
|
|
class IsOwner(permissions.BasePermission):
|
|
def has_object_permission(self, request: Request, view: ViewSet, obj: Any) -> bool:
|
|
ownership_field = getattr(view, "ownership_field", None)
|
|
if ownership_field is None:
|
|
owner = obj
|
|
else:
|
|
owner = getattrd(obj, ownership_field)
|
|
|
|
return owner == request.user
|
|
|
|
|
|
IsOwnerOrAdmin = IsOwner | IsAdmin
|
|
|
|
IsOwnerOrAdminOrEditor = IsOwner | IsAdmin | IsEditor
|