mirror of
https://github.com/encode/django-rest-framework.git
synced 2024-11-28 04:24:00 +03:00
Do not extend AND/OR/NOT from BasePermission
This can be done in a separate pull request, but it was reverted out of this one because it made it more difficult to review and increased its chances of not being accepted.
This commit is contained in:
parent
9c3ea30565
commit
e709378ddb
|
@ -47,6 +47,51 @@ class OperandHolder(OperationHolderMixin):
|
||||||
return self.operator_class(op1, op2)
|
return self.operator_class(op1, op2)
|
||||||
|
|
||||||
|
|
||||||
|
class AND:
|
||||||
|
def __init__(self, *args):
|
||||||
|
self.permissions = args
|
||||||
|
|
||||||
|
def has_permission(self, request, view):
|
||||||
|
for permission in self.permissions:
|
||||||
|
if not permission.has_permission(request, view):
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
def has_object_permission(self, request, view, obj):
|
||||||
|
for permission in self.permissions:
|
||||||
|
if not permission.has_object_permission(request, view, obj):
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
class OR:
|
||||||
|
def __init__(self, *args):
|
||||||
|
self.permissions = args
|
||||||
|
|
||||||
|
def has_permission(self, request, view):
|
||||||
|
for permission in self.permissions:
|
||||||
|
if permission.has_permission(request, view):
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
|
def has_object_permission(self, request, view, obj):
|
||||||
|
for permission in self.permissions:
|
||||||
|
if permission.has_object_permission(request, view, obj):
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
class NOT:
|
||||||
|
def __init__(self, op1):
|
||||||
|
self.op1 = op1
|
||||||
|
|
||||||
|
def has_permission(self, request, view):
|
||||||
|
return not self.op1.has_permission(request, view)
|
||||||
|
|
||||||
|
def has_object_permission(self, request, view, obj):
|
||||||
|
return not self.op1.has_object_permission(request, view, obj)
|
||||||
|
|
||||||
|
|
||||||
class BasePermissionMetaclass(OperationHolderMixin, type):
|
class BasePermissionMetaclass(OperationHolderMixin, type):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
@ -69,51 +114,6 @@ class BasePermission(metaclass=BasePermissionMetaclass):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
class AND(BasePermission):
|
|
||||||
def __init__(self, *args):
|
|
||||||
self.permissions = args
|
|
||||||
|
|
||||||
def has_permission(self, request, view):
|
|
||||||
for permission in self.permissions:
|
|
||||||
if not permission.has_permission(request, view):
|
|
||||||
return False
|
|
||||||
return True
|
|
||||||
|
|
||||||
def has_object_permission(self, request, view, obj):
|
|
||||||
for permission in self.permissions:
|
|
||||||
if not permission.has_object_permission(request, view, obj):
|
|
||||||
return False
|
|
||||||
return True
|
|
||||||
|
|
||||||
|
|
||||||
class OR(BasePermission):
|
|
||||||
def __init__(self, *args):
|
|
||||||
self.permissions = args
|
|
||||||
|
|
||||||
def has_permission(self, request, view):
|
|
||||||
for permission in self.permissions:
|
|
||||||
if permission.has_permission(request, view):
|
|
||||||
return True
|
|
||||||
return False
|
|
||||||
|
|
||||||
def has_object_permission(self, request, view, obj):
|
|
||||||
for permission in self.permissions:
|
|
||||||
if permission.has_object_permission(request, view, obj):
|
|
||||||
return True
|
|
||||||
return False
|
|
||||||
|
|
||||||
|
|
||||||
class NOT(BasePermission):
|
|
||||||
def __init__(self, op1):
|
|
||||||
self.op1 = op1
|
|
||||||
|
|
||||||
def has_permission(self, request, view):
|
|
||||||
return not self.op1.has_permission(request, view)
|
|
||||||
|
|
||||||
def has_object_permission(self, request, view, obj):
|
|
||||||
return not self.op1.has_object_permission(request, view, obj)
|
|
||||||
|
|
||||||
|
|
||||||
class AllowAny(BasePermission):
|
class AllowAny(BasePermission):
|
||||||
"""
|
"""
|
||||||
Allow any access.
|
Allow any access.
|
||||||
|
|
Loading…
Reference in New Issue
Block a user