def has_permission(self, request, view):
token = get_token(request)
if not token:
return False
if is_admin(token):
return True
elif is_superuser(token):
return True
else:
return False
def has_permission(self, request, view):
token=get_token(request)
if(token!=False):
department=get_department(token)
role=get_role(token)
claim=get_claim(token)
if is_superuser(token):
return True
elif str(department) == 'Sales':
if str(claim) == 'Manager':
return True
elif str(claim) == 'Senior' and request.method in CRITICAL_METHODS:
return True
elif str(claim) == 'Junior' and request.method in SAFE_METHODS:
return True
else:
return False
else:
return False