class PublicResourceActivityPermission(ProjectResourcePermission): """ A Permission that checks allowed scopes, otherwise allows any user to interact with public project's resources. This is useful to allow to create bookmarks, searches, ... """ SCOPE_MAPPING = access.get_scope_mapping_for(Resources.PUBLIC) def has_object_permission(self, request: HttpRequest, view, obj) -> bool: result = super().has_object_permission(request, view, obj) return result or obj.project.is_public
class PublicActivityPermission(ProjectPermission): """ A Permission that checks allowed scopes, otherwise allows any user to interact with public projects. This is useful to allow to create bookmarks, searches, ... """ SCOPE_MAPPING = access.get_scope_mapping_for('PublicInteraction') def has_object_permission(self, request, view, obj): result = super().has_object_permission(request, view, obj) return result or obj.is_public
class NodePermission(ScopesPermission): SCOPE_MAPPING = access.get_scope_mapping_for(Resources.NODE) def has_object_permission(self, request: HttpRequest, view, obj) -> bool: # This means that we allowed this auth backend on this endpoint if self._check_internal_or_ephemeral(request=request): return True return access.has_object_permission(resource=Resources.NODE, permission=NodePermission, request=request, view=view, obj=obj)
class ClusterPermission(ScopesPermission): SCOPE_MAPPING = access.get_scope_mapping_for('Cluster') def has_object_permission(self, request, view, obj): # This means that we allowed this auth backend on this endpoint if self._check_internal_or_ephemeral(request=request): return True return access.has_object_permission(entity=Entities.OWNER, permission=ClusterPermission, request=request, view=view, obj=obj)
class ActivityLogPermission(ScopesPermission): SCOPE_MAPPING = access.get_scope_mapping_for(Resources.ACTIVITY_LOG) def has_object_permission(self, request, view, obj): # This means that we allowed this auth backend on this endpoint if self._check_internal_or_ephemeral(request=request): return True return access.has_object_permission(resource=Resources.ACTIVITY_LOG, permission=ActivityLogPermission, request=request, view=view, obj=obj)
class ProjectPermission(OwnerPermission): SCOPE_MAPPING = access.get_scope_mapping_for(Resources.PROJECT) def has_object_permission(self, request: HttpRequest, view, obj) -> bool: if self._check_internal_or_ephemeral(request=request): return True result = super().has_object_permission(request, view, obj.owner) if not result: return result return access.has_object_permission(resource=Resources.PROJECT, permission=ProjectPermission, request=request, view=view, obj=obj)
class ProjectResourcePermission(ProjectPermission): SCOPE_MAPPING = access.get_scope_mapping_for(Resources.PROJECT_RESOURCE) def has_object_permission(self, request: HttpRequest, view, obj) -> bool: return super().has_object_permission(request, view, obj.project)
class ProjectResourceListPermission(ProjectPermission): SCOPE_MAPPING = access.get_scope_mapping_for(Resources.PROJECT_RESOURCE)
class OwnerProjectListPermission(OwnerPermission): SCOPE_MAPPING = access.get_scope_mapping_for(Resources.OWNER)
class ExperimentGroupResourcePermission(ProjectPermission): SCOPE_MAPPING = access.get_scope_mapping_for(Resources.PROJECT_RESOURCE) def has_object_permission(self, request, view, obj): return super().has_object_permission(request, view, obj.experiment_group.project)
class ExperimentJobResourcePermission(ExperimentResourcePermission): SCOPE_MAPPING = access.get_scope_mapping_for(Resources.PROJECT_RESOURCE) def has_object_permission(self, request, view, obj): return super().has_object_permission(request, view, obj.job)
class ExperimentResourcePermission(ProjectPermission): SCOPE_MAPPING = access.get_scope_mapping_for('ProjectResource') def has_object_permission(self, request, view, obj): return super().has_object_permission(request, view, obj.experiment.project)
class OwnerProjectListPermission(OwnerPermission): SCOPE_MAPPING = access.get_scope_mapping_for('OwnerProjectList')
class AdminProjectListPermission(AdminPermission): SCOPE_MAPPING = access.get_scope_mapping_for(Resources.ADMIN)
class ProjectResourceListPermission(ProjectPermission): SCOPE_MAPPING = access.get_scope_mapping_for( 'ProjectResourceListPermission')