def _user_can_modify_price_list_item(self, item):
if self.request.user.is_staff:
return True
customer = structure_permissions._get_customer(item)
return customer.has_user(self.request.user,
structure_models.CustomerRole.OWNER)
def user_is_owner_or_service_manager(request, view, obj=None):
if not obj:
return
if isinstance(obj, models.Offering):
offering = obj
elif isinstance(obj, models.Resource):
customer = structure_permissions._get_customer(obj)
if structure_permissions._has_owner_access(request.user, customer):
return
offering = obj.offering
else:
return
if offering.has_user(request.user):
return
if structure_permissions._has_owner_access(request.user,
offering.customer):
return
if offering.customer.has_user(
request.user, role=structure_models.CustomerRole.SERVICE_MANAGER):
return
raise exceptions.PermissionDenied()
def get_is_service_provider(serializer, scope):
customer = structure_permissions._get_customer(scope)
return models.ServiceProvider.objects.filter(customer=customer).exists()
def check_customer_blocked(obj):
from waldur_core.structure import permissions
customer = permissions._get_customer(obj)
if customer and customer.blocked:
raise ValidationError(_('Blocked organization is not available.'))