def has_permission(self, request: HttpRequest, view: View) -> bool: check = (request.user and not request.user.is_anonymous and is_authenticated_internal_user(request.user)) if not check: return False if self.SERVICE and request.user.service != self.SERVICE: return False return True
def get_object(self): if self._object: return self._object self._object = get_object_or_404(Repo, project=self.project) if not is_authenticated_internal_user(self.request.user): auditor.record(event_type=REPO_DOWNLOADED, instance=self._object, actor_id=self.request.user.id, actor_name=self.request.user.username) return self._object
def check_access_project_item(view, request, project): internal_condition = ((IsAuthenticatedOrInternal in view.permission_classes or IsInternal in view.permission_classes) and is_authenticated_internal_user(request.user)) if internal_condition: return permission = IsProjectOwnerOrPublicReadOnly() if not permission.has_object_permission(request, view, project): view.permission_denied(request, message=getattr(permission, 'message', None))
def get_object(self): if self._object: return self._object if self.project.has_repo: self._object = get_object_or_404(Repo, project=self.project) elif self.project.has_external_repo: self._object = get_object_or_404(ExternalRepo, project=self.project) else: raise Http404('Repo was not found') if not is_authenticated_internal_user(self.request.user): auditor.record(event_type=REPO_DOWNLOADED, instance=self._object, actor_id=self.request.user.id, actor_name=self.request.user.username, external=False) return self._object
def has_permission(self, request, view): return (request.user and not request.user.is_anonymous and is_authenticated_internal_user(request.user))
def has_permission(self, request, view): if super(IsAuthenticatedOrInternal, self).has_permission(request=request, view=view): return True return (request.user and not request.user.is_anonymous and is_authenticated_internal_user(request.user))