def __init__(self, request: Request): organization = None if request.path_params.get("organization"): organization = organization_service.get_by_slug_or_raise( db_session=request.state.db, organization_in=OrganizationRead( slug=request.path_params["organization"], name=request.path_params["organization"], ), ) elif request.path_params.get("organization_id"): organization = organization_service.get( db_session=request.state.db, organization_id=request.path_params["organization_id"]) if not organization: raise HTTPException(status_code=self.status_code, detail=self.error_msg) user = get_current_user(request=request) if not user: raise HTTPException(status_code=self.status_code, detail=self.error_msg) self.role = user.get_organization_role(organization.name) if not self.has_required_permissions(request): raise HTTPException(status_code=self.status_code, detail=self.error_msg)
def has_required_permissions( self, request: Request, ) -> bool: current_project = None project_id = request.path_params.get("project_id") if project_id: current_project = project_service.get(db_session=request.state.db, project_id=project_id) incident_id = request.path_params.get("incident_id") if incident_id: current_incident = incident_service.get( db_session=request.state.db, incident_id=incident_id) current_project = current_incident.project current_user = get_current_user(db_session=request.state.db, request=request) if not current_project: return for p in current_user.projects: if p.project_id == current_project.id: if p.role == UserRoles.admin: return True
def has_required_permissions( self, request: Request, ) -> bool: current_user = get_current_user(db_session=request.state.db, request=request) if current_user.role == UserRoles.admin: return True
def has_required_permissions( self, request: Request, ) -> bool: current_user = get_current_user(db_session=request.state.db, request=request) current_incident = incident_service.get( db_session=request.state.db, incident_id=request.path_params.id) if current_incident.commander.individual.email == current_user.email: return True
def has_required_permissions( self, request: Request, ) -> bool: current_user = get_current_user(request=request) current_incident = incident_service.get( db_session=request.state.db, incident_id=request.path_params["incident_id"]) if not current_incident: return False if current_incident.reporter.individual.email == current_user.email: return True
def has_required_permissions( self, request: Request, ) -> bool: current_organization = organization_service.get_by_name( db_session=request.state.db, name=request.path_params["organization"]) current_user = get_current_user(db_session=request.state.db, request=request) for org in current_user.organizations: if org.id == current_organization.id: if org.role == UserRoles.manager: return True