Skip to content
Snippets Groups Projects
Commit 6e665966 authored by Sylvain Le Bon's avatar Sylvain Le Bon
Browse files

update: use the default permission

parent 5a58a8b9
No related branches found
No related tags found
1 merge request!64update: use the default permission
Pipeline #16892 passed
Hide whitespace changes
Inline Side-by-side
djangoldp_circle/models.py
+ 2
3
View file @ 6e665966
...@@ -7,11 +7,10 @@ from django.db import models ...@@ -7,11 +7,10 @@ from django.db import models
from django.db.models.signals import pre_save from django.db.models.signals import pre_save
from django.dispatch import receiver from django.dispatch import receiver
from djangoldp.models import Model, DynamicNestedField from djangoldp.models import Model, DynamicNestedField
from djangoldp.permissions import PublicPermission, ACLPermissions, AnonymousReadOnly, InheritPermissions from djangoldp.permissions import PublicPermission, ACLPermissions, AnonymousReadOnly, InheritPermissions, JoinMembersPermission
from djangoldp_account.models import LDPUser from djangoldp_account.models import LDPUser
from djangoldp_account.permissions import IPOpenPermissions from djangoldp_account.permissions import IPOpenPermissions
from djangoldp_community.models import Community from djangoldp_community.models import Community
from .permissions import JoinCirclePermission
import logging import logging
logger = logging.getLogger('djangoldp') logger = logging.getLogger('djangoldp')
...@@ -56,7 +55,7 @@ class Circle(Model): ...@@ -56,7 +55,7 @@ class Circle(Model):
empty_containers = ["owner"] empty_containers = ["owner"]
auto_author = 'owner' auto_author = 'owner'
# depth = 1 # Disabled due to owner being serialized # depth = 1 # Disabled due to owner being serialized
permission_classes = [IPOpenPermissions|(AnonymousReadOnly&InheritPermissions&(JoinCirclePermission|PublicPermission|ACLPermissions))] permission_classes = [IPOpenPermissions|(AnonymousReadOnly&InheritPermissions&(JoinMembersPermission|PublicPermission|ACLPermissions))]
permission_roles = { permission_roles = {
'members': {'perms': ['view'], 'add_author': True}, 'members': {'perms': ['view'], 'add_author': True},
'admins': {'perms': ['view', 'change', 'control'], 'add_author': True}, 'admins': {'perms': ['view', 'change', 'control'], 'add_author': True},
......
djangoldp_circle/permissions.py deleted 100644 → 0
+ 0
25
View file @ 5a58a8b9
from djangoldp.filters import NoFilterBackend
from djangoldp.permissions import LDPBasePermission
from djangoldp.utils import is_anonymous_user
class JoinCirclePermission(LDPBasePermission):
filter_backend = None
def has_permission(self, request:object, view:object) -> bool:
if is_anonymous_user(request.user):
return False
return request.method == 'PATCH'
def check_patch(self, first, second, user):
diff = first - second
return diff == set() or diff == {user.urlid}
def has_object_permission(self, request:object, view:object, circle:object) -> bool:
'''only accept patch request, only if the only difference on the user_set is the user'''
if not self.has_permission(request, view) or not circle or not 'user_set' in request.data:
return False
new_members = request.data['user_set']
if not isinstance(new_members, list):
new_members = [new_members]
new_ids = {user['@id'] for user in new_members}
old_ids = {user.urlid for user in circle.members.user_set.all()}
return self.check_patch(new_ids, old_ids, request.user) and self.check_patch(old_ids, new_ids, request.user)
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment