encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2024-11-13 05:06:53 +03:00
Code Issues Packages Projects Releases Wiki Activity

Let AND and OR operators have multiple members

Browse Source 
resolve permission AND(OR(a,b,c), d, e) with logic (a v b v c) ^ d ^ e
This commit is contained in:
Matías Pierobon 2019-06-21 11:54:18 -03:00 committed by GitHub
parent 72de94a05d
commit 74855ff383
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 45 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
rest_framework/permissions.py
View File

@ -47,53 +47,6 @@ class OperandHolder(OperationHolderMixin):
return self.operator_class(op1, op2)
class AND:
def __init__(self, op1, op2):
self.op1 = op1
self.op2 = op2
def has_permission(self, request, view):
return (
self.op1.has_permission(request, view) and
self.op2.has_permission(request, view)
)
def has_object_permission(self, request, view, obj):
return (
self.op1.has_object_permission(request, view, obj) and
self.op2.has_object_permission(request, view, obj)
)
class OR:
def __init__(self, op1, op2):
self.op1 = op1
self.op2 = op2
def has_permission(self, request, view):
return (
self.op1.has_permission(request, view) or
self.op2.has_permission(request, view)
)
def has_object_permission(self, request, view, obj):
return (
self.op1.has_object_permission(request, view, obj) or
self.op2.has_object_permission(request, view, obj)
)
class NOT:
def __init__(self, op1):
self.op1 = op1
def has_permission(self, request, view):
return not self.op1.has_permission(request, view)
def has_object_permission(self, request, view, obj):
return not self.op1.has_object_permission(request, view, obj)
class BasePermissionMetaclass(OperationHolderMixin, type):
pass
@ -115,6 +68,51 @@ class BasePermission(metaclass=BasePermissionMetaclass):
"""
return True
class AND(BasePermission):
def __init__(self, *args):
self.permissions = args
def has_permission(self, request, view):
for permission in self.permissions:
if not permissions.has_permission(request, view):
return False
return True
def has_object_permission(self, request, view, obj):
for permission in self.permissions:
if not permissions.has_object_permission(request, view, obj):
return False
return True
class OR(BasePermission):
def __init__(self, *args):
self.permissions = op1
def has_permission(self, request, view):
for permission in self.permissions:
if permission.has_permission(request, view):
return True
return False
def has_object_permission(self, request, view, obj):
for permission in self.permissions:
if permission.has_object_permission(request, view, obj):
return True
return False
class NOT(BasePermission):
def __init__(self, op1):
self.op1 = op1
def has_permission(self, request, view):
return not self.op1.has_permission(request, view)
def has_object_permission(self, request, view, obj):
return not self.op1.has_object_permission(request, view, obj)
class AllowAny(BasePermission):
"""