encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-09-16 09:12:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adding permission IsModelInstanceOwnerOrIsAnonReadOnly

Browse Source
This commit is contained in:
Camille Harang 2012-02-02 03:06:55 +01:00
parent d44a6c5a69
commit 6bd2205833
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
djangorestframework/permissions.py
View File

@ -77,6 +77,27 @@ class IsAdminUser(BasePermission):
raise _403_FORBIDDEN_RESPONSE raise _403_FORBIDDEN_RESPONSE
class IsModelInstanceOwnerOrIsAnonReadOnly(BasePermission):
"""
The request is authenticated as the owner of the model instance, or is a read-only request.
"""
def check_permission(self, user):
if self.view.method in('GET', 'HEAD',):
return
if not user.is_authenticated():
raise _403_FORBIDDEN_RESPONSE
try:
if self.view.model_instance.get_owner() == user:
return
except: pass
raise _403_FORBIDDEN_RESPONSE
class IsUserOrIsAnonReadOnly(BasePermission): class IsUserOrIsAnonReadOnly(BasePermission):
""" """
The request is authenticated as a user, or is a read-only request. The request is authenticated as a user, or is a read-only request.