def has_permission(self, request, view): user = request.user if request.method in permissions.SAFE_METHODS: return user.is_authenticated() # UPDATE requires a cloud administrator account kwargs = request.parser_context.get('kwargs', {}) admin_uuid = kwargs.get('cloud_admin_uuid') provider_uuid = kwargs.get('provider_uuid') # You would use this keyword to update a # SPECIFIC cloud_admin if admin_uuid: admin = _get_administrator_account(request.user, admin_uuid) # When a 'specific Provider' is involved, # Ensure that the request.user has admin permission # before updating on that provider. elif provider_uuid: admin = get_cloud_admin_for_provider(request.user, provider_uuid) # In the event 'cloud_admin' or 'provider' is not specified # This decorator will ensure that the request user # holds 'CloudAdmin' privileges on at least one provider # in order to make the action. else: admin = cloud_admin_list(request.user).exists() return True if admin else False
def has_permission(self, request, view): user = request.user if request.method in permissions.SAFE_METHODS: return user.is_authenticated() # UPDATE requires a cloud administrator account kwargs = request.parser_context.get('kwargs', {}) admin_uuid = kwargs.get('cloud_admin_uuid') provider_uuid = kwargs.get('provider_uuid') # You would use this keyword to update a # SPECIFIC cloud_admin if admin_uuid: admin = _get_administrator_account( request.user, admin_uuid) # When a 'specific Provider' is involved, # Ensure that the request.user has admin permission # before updating on that provider. elif provider_uuid: admin = get_cloud_admin_for_provider( request.user, provider_uuid) # In the event 'cloud_admin' or 'provider' is not specified # This decorator will ensure that the request user # holds 'CloudAdmin' privileges on at least one provider # in order to make the action. else: admin = cloud_admin_list(request.user).exists() return True if admin else False
def has_permission(self, request, view): if not request.user.is_authenticated(): return False kwargs = request.parser_context.get('kwargs', {}) admin_uuid = kwargs.get('cloud_admin_uuid') # Generally you would use this keyword to look at a # SPECIFIC cloud_admin if admin_uuid: admin = _get_administrator_account(request.user, admin_uuid) else: admin = cloud_admin_list(request.user).exists() return admin or request.user.is_staff
def has_permission(self, request, view): if not request.user.is_authenticated(): return False kwargs = request.parser_context.get('kwargs', {}) admin_uuid = kwargs.get('cloud_admin_uuid') # Generally you would use this keyword to look at a # SPECIFIC cloud_admin if admin_uuid: admin = _get_administrator_account( request.user, admin_uuid) else: admin = cloud_admin_list(request.user).exists() return admin or request.user.is_staff
def _get_administrator_account(user, admin_uuid): try: return cloud_admin_list(user).get(uuid=admin_uuid) except CloudAdministrator.DoesNotExist: return None