def has_object_permission(self, request, view, obj): return True if is_safe_method(request) else obj.user == request.user
def has_object_permission(self, request, view, obj): return True if is_safe_method(request) else Action.objects.filter(item_id=obj.item_id, shop_id=request.user.id).exists()
def has_permission(self, request, view): item_id = request.data.get('item', False) return True if is_safe_method(request) else not Item.objects.filter(id=item_id, quantity__exact=0).exists()
def has_permission(self, request, view): item_id = request.data.get('item', False) return True if is_safe_method(request) else Item.objects.filter(id=item_id, user_id=request.user.id).exists()
def has_permission(self, request, view): item_id = request.data.get('item', False) return True if is_safe_method(request) else not Item.objects.filter( id=item_id, quantity__exact=0).exists()
def has_object_permission(self, request, view, obj): return True if is_safe_method(request) else Action.objects.filter( item_id=obj.item_id, shop_id=request.user.id).exists()
def has_permission(self, request, view): item_id = request.data.get('item', False) return True if is_safe_method(request) else Item.objects.filter( id=item_id, user_id=request.user.id).exists()