From dc071d1914941592400d2032a05b17c946ba4570 Mon Sep 17 00:00:00 2001 From: Michael DeHaan Date: Fri, 22 Mar 2013 15:57:24 -0400 Subject: [PATCH] More view/model cleanup --- lib/main/models/__init__.py | 6 +++--- lib/main/views.py | 14 -------------- 2 files changed, 3 insertions(+), 17 deletions(-) diff --git a/lib/main/models/__init__.py b/lib/main/models/__init__.py index 5600ded7a5..36e040ca5f 100644 --- a/lib/main/models/__init__.py +++ b/lib/main/models/__init__.py @@ -40,7 +40,7 @@ class CommonModel(models.Model): raise exceptions.NotImplementedError @classmethod - def can_user_access(cls, user, obj): + def can_user_read(cls, user, obj): raise exceptions.NotImplementedError() @@ -100,8 +100,8 @@ class Organization(CommonModel): return user in obj.admins.all() @classmethod - def can_user_access(cls, user, obj): - return cls.can_user_administrate(user,obj) or request.user in obj.users.all() + def can_user_read(cls, user, obj): + return cls.can_user_administrate(user,obj) or user in obj.users.all() @classmethod def can_user_delete(cls, user, obj): diff --git a/lib/main/views.py b/lib/main/views.py index f211435b41..083f9c17ec 100644 --- a/lib/main/views.py +++ b/lib/main/views.py @@ -40,26 +40,12 @@ class OrganizationsDetail(BaseDetail): serializer_class = OrganizationSerializer permission_classes = (CustomRbac,) - def item_permissions_check(self, request, obj): - - is_admin = request.user in obj.admins.all() - is_user = request.user in obj.users.all() - - if request.method == 'GET': - return is_admin or is_user - elif request.method in [ 'PUT' ]: - return is_admin - return False - class OrganizationsAuditTrailList(BaseList): model = AuditTrail serializer_class = AuditTrailSerializer permission_classes = (CustomRbac,) - # FIXME: guts & tests - pass - class OrganizationsUsersList(BaseList): model = User