def delete_list(self, object_list, bundle):
raise Unauthorized("Deletes not allowed")
def obj_delete_list(self, bundle, **kwargs):
raise Unauthorized('Não permitido.')
def create_detail(self, object_list, bundle):
raise Unauthorized()
def delete_detail(self, object_list, bundle):
raise Unauthorized("Sorry, no deletes.")
def delete_list(self, object_list, bundle):
raise Unauthorized('You cannot perform this action')
def create_list(self, object_list, bundle):
# Assuming their auto-assigned to ``user``.
raise Unauthorized("Not yet implemented.")
def delete_list(self, object_list, bundle):
# Sorry user, no deletes for you!
raise Unauthorized("Not yet implemented.")
def authorized(self, user):
user = User.objects.get(username=user.username).get_profile()
for perm in self.required_perms:
if not user.has_perm(perm):
raise Unauthorized(NO_ACCESS_MSG)
return True
def update_detail(self, object_list, bundle):
dbg_print('update_detail')
return Unauthorized("Can't update detail yet")
def delete_detail(self, object_list, bundle):
if not bundle.request.user.is_anonymous():
if int(bundle.obj.user_id.id) == int(bundle.request.user.id):
return True
raise Unauthorized("You are not allowed to access that resource.")
def update_detail(self, object_list, bundle):
if int(bundle.obj.id) == bundle.request.user.id:
return True
raise Unauthorized("You are not allowed to access that resource.")
def read_detail(self, object_list, bundle):
if int(bundle.obj.user_id) in self.get_timeline(bundle=bundle):
return True
raise Unauthorized("You are not allowed to access that resource.")
def delete_detail(self, object_list, bundle):
if bundle.obj.id == bundle.request.user.id or bundle.request.user.is_superuser:
return True
else:
raise Unauthorized('Not yours data')
def delete_detail(self, object_list, bundle):
if bundle.obj.owner == bundle.request.user:
return True
else:
raise Unauthorized("Deletes not allowed")
def delete_detail(self, object_list, bundle):
raise Unauthorized("You are not allowed to access that resource.")
def delete_list(self, object_list, bundle):
dbg_print('delete_list')
return Unauthorized("Can't delete list yet")
def delete_list(self, object_list, bundle):
# Sorry user, no deletes for you!
raise Unauthorized("Sorry, no deletes.")
def delete_detail(self, object_list, bundle):
dbg_print('delete_detail')
return Unauthorized("Can't delete detail yet")
def update_list(self, object_list, bundle):
raise Unauthorized("Not yet implemented.")
def update_list(self, object_list, bundle):
dbg_print('update_list')
return Unauthorized("Can't update list yet")
def delete_detail(self, object_list, bundle):
raise Unauthorized("Not yet implemented.")
def check_detail(self, object_list, bundle, perm):
user = self.get_pony_user(bundle)
if not self.get_pony_hasperm_model(user, perm, object_list._origin):
raise Unauthorized("You are not allowed to access that resource.")
return True
def obj_delete_list(self,bundle,**kwargs):
raise Unauthorized('exclusao de lista não permetido')
def delete_detail(self, object_list, bundle):
if isinstance(bundle.obj, Experiment):
return bundle.request.user.has_perm(
'tardis_portal.change_experiment') and \
has_delete_permissions(bundle.request, bundle.obj.id)
raise Unauthorized("Sorry, no deletes.")
def api_key_is_valid(self, bundle):
api_key = bundle.request.GET.get('api_key', None)
if api_key and api_key == settings.API_KEY:
return True
else:
raise Unauthorized('Missing api key')
def generic_list_check(self, object_list, bundle):
if not self.generic_base_check(object_list, bundle):
raise Unauthorized("You are not allowed to access that resource.")
return object_list.filter(pk=bundle.request.user.id)
def read_list(self, object_list, bundle):
raise Unauthorized()
def dispatch_likes(self, request, **kwargs):
if request.user.id is None:
raise Unauthorized(
"You are not authorized to like Pins unless you are logged in")
return LikeResource().dispatch('list', request, **kwargs)
def update_list(self, object_list, bundle):
raise Unauthorized()
def update_list(self, object_list, bundle):
return Unauthorized("Not allowed")
