From fc6c2202cb6d75519f2286976d285b99980b447e Mon Sep 17 00:00:00 2001
From: Jean-Baptiste <bleme@pm.me>
Date: Mon, 25 Mar 2019 17:02:49 +0100
Subject: [PATCH] update: add LoggedReadOnly permission

---
 djangoldp/permissions.py | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/djangoldp/permissions.py b/djangoldp/permissions.py
index 9de91cd7..337abc74 100644
--- a/djangoldp/permissions.py
+++ b/djangoldp/permissions.py
@@ -129,3 +129,31 @@ class AnonymousReadOnly(WACPermissions):
                 return self.author_perms
             else:
                 return self.authenticated_perms
+
+
+class LoggedReadOnly(WACPermissions):
+    """
+        Anonymous users: Nothing
+        Logged in users: can read all posts
+    """
+
+    anonymous_perms = []
+    authenticated_perms = ['view']
+
+    def has_permission(self, request, view):
+        if view.action in ['list', 'retrieve'] and request.user.is_authenticated():
+            return True
+        else:
+            return super().has_permission(request, view)
+
+    def has_object_permission(self, request, view, obj):
+        if view.action in ["list", "retrieve"] and request.user.is_authenticated():
+            return True
+        else:
+            return super().has_object_permission(request, view, obj)
+
+    def user_permissions(self, user, obj):
+        if user.is_anonymous:
+            return self.anonymous_perms
+        else:
+            return self.authenticated_perms
-- 
GitLab