def update(self, request, *args, **kwargs): """ used for updating permissions/role of user in matter """ data = request.DATA.copy() username = data.get('username') role = data.get('role', None) permissions = data.get('permissions') try: participant = User.objects.get(username=username) except User.DoesNotExist: return Response({'details': 'User does not exist (username=%s)' % username}) perms = participant.matter_permissions(matter=self.matter) if perms.pk is None: # user is not a participant of this matter yet raise Http404 if role is not None: perms.role = ROLES.get_value_by_name(role) perms.update_permissions(**permissions) perms.save() return Response(LiteUserSerializer(participant, context={'request': self.request, 'matter': self.matter}).data, status=http_status.HTTP_202_ACCEPTED)
def can_edit(self, user): role = self.request.DATA.get('role') if not role: return False # manage_participants overrides manage_clients if user.matter_permissions(matter=self.matter).has_permission(manage_participants=True) is True: return True elif ROLES.get_value_by_name(role.lower()) == ROLES.client: return user.matter_permissions(matter=self.matter).has_permission(manage_clients=True) is True
def transform_role(self, role): """ Transform the role taking into account the fake co-owner->owner relationship """ return ROLES.get_value_by_name('owner') if role == 'co-owner' else ROLES.get_value_by_name(role)