SDE/FireGame
2
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
c17da7eaab3c19931057a00c58eb688e854c7e71
FireGame/AuthApp/api/v1/permissions/personal_api_permissions.py
SDE c17da7eaab init
2023-05-16 17:14:16 +03:00

117 lines
3.7 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# coding=utf-8
from rest_framework.permissions import BasePermission
from rest_framework.exceptions import PermissionDenied
from tEDataProj.inter import check_user_key_inter
from AuthApp.models import User
def check_of_user_is_manager_of_company(user, view):
if not 'pk' in view.kwargs:
return False
try:
objs = User.objects.get(
user_profile__company_obj__manager_obj=user,
id=view.kwargs['pk']
)
except:
return False
return objs
def check_of_user_is_company_staff(user, view):
if not 'pk' in view.kwargs:
return False
try:
objs = User.objects.get(
user_profile__company_obj=user.user_profile.company_obj,
id=view.kwargs['pk']
)
except:
return False
return objs
class Personal_API_perms(BasePermission):
"""
Allows access only users w full access.
"""
def has_permission(self, request, view):
if not request.user or request.user.is_anonymous or not request.user.is_active:
return False
# auth_data = request.query_params
# if not check_user_key_inter(auth_data):
# raise PermissionDenied(code=403)
user = request.user
groups = user.groups.all()
groups_name_list = groups.values_list('name', flat=True)
if u'API 1С импорт' in groups_name_list:
return False
if view.basename == u'user':
if view.action in ('create',):
perm = user.has_perm('AuthApp.UI_company_staff_create')
return perm
if view.action in (
'update', 'partial_update', 'add_communication_item', 'get_connected_mailings', 'possible_mailings',
'change_mailing_status'):
# perm = user.has_perm('AuthApp.UI_managers_modify')
# return perm
if not user.is_staff:
# персонал компании
if user.has_perm('AuthApp.UI_company_staff_modify_if_staff_company'):
return check_of_user_is_company_staff(user, view)
return False
# если персонал
else:
if check_of_user_is_manager_of_company(user, view) and user.has_perm(
'AuthApp.UI_company_staff_modify_if_manager'):
return True
elif user.has_perm('AuthApp.UI_company_staff_modify_any'):
return True
if view.action in ('destroy',):
perm = user.has_perm('AuthApp.UI_company_staff_delete')
return perm
if view.action in (
'retrieve', 'list', 'list_by_company_id', 'list_by_office_id',
'possible_departaments_list', 'possible_company_positions_list'
):
perm = user.has_perm('AuthApp.UI_company_staff_retrieve_any_no_staff')
if not perm:
perm = user.has_perm('AuthApp.UI_company_staff_retrieve')
return perm
# if view.basename == u'userprofile':
#
# if view.action in ('create',):
# perm = user.has_perm('AuthApp.add_userprofile')
# return perm
#
# if view.action in ('update', 'partial_update'):
# perm = user.has_perm('AuthApp.change_userprofile')
# return perm
#
# if view.action in ('destroy',):
# perm = user.has_perm('AuthApp.delete_userprofile')
# return perm
#
# if view.action in ('retrieve', 'list'):
# return True
return False
Reference in New Issue View Git Blame Copy Permalink