From 6e665966da654e734ee743a7fc55c3350ef5870c Mon Sep 17 00:00:00 2001
From: Sylvain Le Bon <sylvain@startinblox.com>
Date: Mon, 29 Jan 2024 12:22:20 +0100
Subject: [PATCH] update: use the default permission

---
 djangoldp_circle/models.py      |  5 ++---
 djangoldp_circle/permissions.py | 25 -------------------------
 2 files changed, 2 insertions(+), 28 deletions(-)
 delete mode 100644 djangoldp_circle/permissions.py

diff --git a/djangoldp_circle/models.py b/djangoldp_circle/models.py
index 97e9aec..a63ef99 100644
--- a/djangoldp_circle/models.py
+++ b/djangoldp_circle/models.py
@@ -7,11 +7,10 @@ from django.db import models
 from django.db.models.signals import pre_save
 from django.dispatch import receiver
 from djangoldp.models import Model, DynamicNestedField
-from djangoldp.permissions import PublicPermission, ACLPermissions, AnonymousReadOnly, InheritPermissions
+from djangoldp.permissions import PublicPermission, ACLPermissions, AnonymousReadOnly, InheritPermissions, JoinMembersPermission
 from djangoldp_account.models import LDPUser
 from djangoldp_account.permissions import IPOpenPermissions
 from djangoldp_community.models import Community
-from .permissions import JoinCirclePermission
 import logging
 
 logger = logging.getLogger('djangoldp')
@@ -56,7 +55,7 @@ class Circle(Model):
         empty_containers = ["owner"]
         auto_author = 'owner'
         # depth = 1 # Disabled due to owner being serialized
-        permission_classes = [IPOpenPermissions|(AnonymousReadOnly&InheritPermissions&(JoinCirclePermission|PublicPermission|ACLPermissions))]
+        permission_classes = [IPOpenPermissions|(AnonymousReadOnly&InheritPermissions&(JoinMembersPermission|PublicPermission|ACLPermissions))]
         permission_roles = {
             'members': {'perms': ['view'], 'add_author': True},
             'admins': {'perms': ['view', 'change', 'control'], 'add_author': True},
diff --git a/djangoldp_circle/permissions.py b/djangoldp_circle/permissions.py
deleted file mode 100644
index 58d4f13..0000000
--- a/djangoldp_circle/permissions.py
+++ /dev/null
@@ -1,25 +0,0 @@
-from djangoldp.filters import NoFilterBackend
-from djangoldp.permissions import LDPBasePermission
-from djangoldp.utils import is_anonymous_user
-
-class JoinCirclePermission(LDPBasePermission):
-    filter_backend = None
-    def has_permission(self, request:object, view:object) -> bool:
-        if is_anonymous_user(request.user):
-            return False
-        return request.method == 'PATCH'
-
-    def check_patch(self, first, second, user):
-        diff = first - second
-        return diff == set() or diff == {user.urlid}
-
-    def has_object_permission(self, request:object, view:object, circle:object) -> bool:
-        '''only accept patch request, only if the only difference on the user_set is the user'''
-        if not self.has_permission(request, view) or not circle or not 'user_set' in request.data:
-            return False
-        new_members = request.data['user_set']
-        if not isinstance(new_members, list):
-            new_members = [new_members]
-        new_ids = {user['@id'] for user in new_members}
-        old_ids = {user.urlid for user in circle.members.user_set.all()}
-        return self.check_patch(new_ids, old_ids, request.user) and self.check_patch(old_ids, new_ids, request.user)
\ No newline at end of file
-- 
GitLab