Beispiel #1
0
 def has_object_permission(self, request, view, obj):
     assert isinstance(obj, (Node, DraftRegistration, PrivateLink)), 'obj must be a Node, Draft Registration, or PrivateLink, got {}'.format(obj)
     auth = get_user_auth(request)
     node = Node.load(request.parser_context['kwargs']['node_id'])
     if request.method != 'DELETE' and is_prereg_admin(auth.user):
         return True
     return node.has_permission(auth.user, osf_permissions.ADMIN)
Beispiel #2
0
 def has_object_permission(self, request, view, obj):
     assert_resource_type(obj, self.acceptable_models)
     auth = get_user_auth(request)
     if request.method != 'DELETE' and is_prereg_admin(auth.user):
         return True
     return super(IsAdminContributorOrReviewer,
                  self).has_object_permission(request, view, obj)
Beispiel #3
0
 def has_object_permission(self, request, view, obj):
     assert_resource_type(obj, self.acceptable_models)
     auth = get_user_auth(request)
     if request.method != 'DELETE' and is_prereg_admin(auth.user):
         return True
     if isinstance(obj, DraftRegistration):
         obj = obj.branched_from
     return obj.has_permission(auth.user, osf_permissions.ADMIN)
Beispiel #4
0
 def has_object_permission(self, request, view, obj):
     assert isinstance(obj, (AbstractNode, DraftRegistration)), 'obj must be a Node or Draft Registration, got {}'.format(obj)
     auth = get_user_auth(request)
     if request.method != 'DELETE' and is_prereg_admin(auth.user):
         return True
     if isinstance(obj, DraftRegistration):
         obj = obj.branched_from
     return obj.has_permission(auth.user, osf_permissions.ADMIN)
Beispiel #5
0
 def has_object_permission(self, request, view, obj):
     assert_resource_type(obj, self.acceptable_models)
     auth = get_user_auth(request)
     if request.method != 'DELETE' and is_prereg_admin(auth.user):
         return True
     if isinstance(obj, DraftRegistration):
         obj = obj.branched_from
     return obj.has_permission(auth.user, osf_permissions.ADMIN)
Beispiel #6
0
 def has_object_permission(self, request, view, obj):
     assert isinstance(
         obj, (AbstractNode, DraftRegistration, PrivateLink)
     ), 'obj must be an Node, Draft Registration, or PrivateLink, got {}'.format(
         obj)
     auth = get_user_auth(request)
     if request.method != 'DELETE' and is_prereg_admin(auth.user):
         return True
     return obj.has_permission(auth.user, osf_permissions.ADMIN)
Beispiel #7
0
 def has_object_permission(self, request, view, obj):
     assert isinstance(
         obj, (Node, DraftRegistration)
     ), 'obj must be a Node or a Draft Registration, got {}'.format(obj)
     auth = get_user_auth(request)
     node = Node.load(request.parser_context['kwargs']['node_id'])
     if request.method != 'DELETE' and is_prereg_admin(auth.user):
         return True
     return node.has_permission(auth.user, osf_permissions.ADMIN)
Beispiel #8
0
 def has_object_permission(self, request, view, obj):
     assert isinstance(
         obj,
         (AbstractNode, DraftRegistration
          )), 'obj must be a Node or Draft Registration, got {}'.format(obj)
     auth = get_user_auth(request)
     if request.method != 'DELETE' and is_prereg_admin(auth.user):
         return True
     if isinstance(obj, DraftRegistration):
         obj = obj.branched_from
     return obj.has_permission(auth.user, osf_permissions.ADMIN)
Beispiel #9
0
 def has_object_permission(self, request, view, obj):
     assert isinstance(obj, (AbstractNode, DraftRegistration, PrivateLink)), 'obj must be an Node, Draft Registration, or PrivateLink, got {}'.format(obj)
     auth = get_user_auth(request)
     if request.method != 'DELETE' and is_prereg_admin(auth.user):
         return True
     return obj.has_permission(auth.user, osf_permissions.ADMIN)