def has_object_permission(self, request: Request, view, object: OrganizationMembership) -> bool:
if request.method in SAFE_METHODS:
return True
if request.method == "DELETE" and object.user_id == request.user.id:
return True
organization = extract_organization(object)
return (
OrganizationMembership.objects.get(user_id=request.user.id, organization=organization).level
>= OrganizationMembership.Level.ADMIN
)
def has_object_permission(self, request: Request, view,
object: Model) -> bool:
if request.method in permissions.SAFE_METHODS:
return True
# TODO: Optimize so that this computation is only done once, on `OrganizationMemberPermissions`
organization = extract_organization(object)
min_level = (OrganizationMembership.Level.OWNER if request.method
== "DELETE" else OrganizationMembership.Level.ADMIN)
return OrganizationMembership.objects.get(
user=request.user, organization=organization).level >= min_level
def has_object_permission(self, request: Request, view,
membership: OrganizationMembership) -> bool:
if request.method in SAFE_METHODS:
return True
organization = extract_organization(membership)
requesting_membership: OrganizationMembership = OrganizationMembership.objects.get(
user_id=request.user.id, organization=organization)
try:
requesting_membership.validate_update(membership)
except exceptions.ValidationError:
return False
return True