From 2c02dc73a07f087af0d430109fead751fd0c2e16 Mon Sep 17 00:00:00 2001 From: Michael DeHaan Date: Fri, 22 Mar 2013 15:44:32 -0400 Subject: [PATCH] Moving more logic into the models, more view cleanup --- lib/main/base_views.py | 8 ++++++++ lib/main/models/__init__.py | 15 ++++++++++++++- 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/lib/main/base_views.py b/lib/main/base_views.py index 123d4667e8..0d1b84ec4d 100644 --- a/lib/main/base_views.py +++ b/lib/main/base_views.py @@ -46,5 +46,13 @@ class BaseDetail(generics.RetrieveUpdateDestroyAPIView): def delete_permissions_check(self, request, obj): raise exceptions.NotImplementedError() + def item_permissions_check(self, request, obj): + + if request.method == 'GET': + return self.__class__.model.can_user_read(request.user, obj) + elif request.method in [ 'PUT' ]: + return self.__class__.model.can_user_administrate(request.user, obj) + return False + diff --git a/lib/main/models/__init__.py b/lib/main/models/__init__.py index 26598de097..437d380f1d 100644 --- a/lib/main/models/__init__.py +++ b/lib/main/models/__init__.py @@ -35,7 +35,10 @@ class CommonModel(models.Model): raise exceptions.NotImplementedError() def can_user_delete(cls, user, obj): - return user in obj.admins.all() + raise exceptions.NotImplementedError + + def can_user_access(cls, user, obj): + raise exceptions.NotImplementedError() class Tag(models.Model): @@ -88,6 +91,16 @@ class Organization(CommonModel): def can_user_delete(cls, user, obj): return user in obj.admins.all() + def can_user_administrate(cls, user, obj): + return request.user in obj.admins.all() + + def can_user_access(cls, user, obj): + return self.can_user_administrate(user,obj) or request.user in obj.users.all() + + def can_user_delete(cls, user, obj): + return self.can_user_administrate(user, obj) + + class Inventory(CommonModel): ''' an inventory source contains lists and hosts.