def resolve_user(root: models.CustomerEvent, info):
user = info.context.user
if (user == root.user or user.has_perm(AccountPermissions.MANAGE_USERS)
or user.has_perm(AccountPermissions.MANAGE_STAFF)):
return root.user
raise PermissionDenied()
def resolve_stored_payment_sources(root: models.User, info):
from .resolvers import resolve_payment_sources
if root == info.context.user:
return resolve_payment_sources(root)
raise PermissionDenied()
def resolve_user(root: models.GiftCard, info):
user = info.context.user
if user == root.user or user.has_perm("account.manage_users"):
return root.user
raise PermissionDenied()
def clean_instance(cls, info, instance):
# Method check_permissions cannot be used for permission check, because
# it doesn't have the address instance.
if not can_edit_address(info.context.user, instance):
raise PermissionDenied()
return super().clean_instance(info, instance)
def auth_resolver(attname, default_value, root, info, **args):
if info.context.user.is_authenticated:
return getattr(root, attname, default_value)
raise PermissionDenied()
def clean_input(cls, info, instance, data):
# Method user_is_allowed cannot be used for permission check, because
# it doesn't have the address instance.
if not can_edit_address(info.context.user, instance):
raise PermissionDenied()
return super().clean_input(info, instance, data)
def resolve_user(root: models.Order, info):
user = info.context.user
if user == root.user or user.has_perm(AccountPermissions.MANAGE_USERS):
return root.user
raise PermissionDenied()
def resolve_user(root: models.StaffNotificationRecipient, info):
user = info.context.user
if user == root.user or user.has_perm(AccountPermissions.MANAGE_STAFF):
return root.user
raise PermissionDenied()
model = models.GiftCard
@staticmethod
def resolve_display_code(root: models.GiftCard, *_args, **_kwargs):
return root.display_code
@staticmethod
def resolve_user(root: models.GiftCard, info):
user = info.context.user
<<<<<<< HEAD
if user == root.user or user.has_perm("account.manage_users"):
=======
if user == root.user or user.has_perm(AccountPermissions.MANAGE_USERS):
>>>>>>> 3284a2fd2e71c2bf040adcd5a59f0f98f23d901a
return root.user
raise PermissionDenied()
@staticmethod
def resolve_code(root: models.GiftCard, info, **_kwargs):
user = info.context.user
# Staff user has access to show gift card code only for gift card without user.
<<<<<<< HEAD
if user.has_perm("giftcard.manage_gift_card") and not root.user:
=======
if user.has_perm(GiftcardPermissions.MANAGE_GIFT_CARD) and not root.user:
>>>>>>> 3284a2fd2e71c2bf040adcd5a59f0f98f23d901a
return root.code
# Only user associated with a gift card can see gift card code.
if user == root.user:
return root.code
return None
def mutate(cls, root, info, **data):
if not cls.check_permissions(info.context, cls._meta.permissions):
raise PermissionDenied()
return cls.perform_mutation(root, info, **data)
def validate_user_is_linked_to_node(user, node):
if not user_is_linked_to_node(user, node):
raise PermissionDenied(
_("You do not have permission to perform this action."))
def resolve_user(root: models.OrderEvent, info):
user = info.context.user
if (user == root.user or user.has_perm("account.manage_users")
or user.has_perm("account.manage_staff")):
return root.user
raise PermissionDenied()
def resolve_stream_tickets(info, game_id):
if get_user_or_app_from_context(info.context):
return StreamTicket.objects.filter(game_id=game_id).all()
return PermissionDenied()
