def process(self, request, *args, **kwargs):
if request.is_trust:
return
task_id = kwargs["task_id"]
subject = Subject("user", request.user.username)
action = Action(IAMMeta.TASK_CLAIM_ACTION)
resources = res_factory.resources_for_task(task_id)
allow_or_raise_auth_failed(iam, IAMMeta.SYSTEM_ID, subject, action, resources, cache=True)
def process(self, request, *args, **kwargs):
task_id = self.get_task_id(request, *args, **kwargs)
subject = Subject("user", request.user.username)
action = Action(self.action)
resources = res_factory.resources_for_task(task_id)
request = Request(IAMMeta.SYSTEM_ID, subject, action, resources, {})
allowed = iam.is_allowed_with_cache(request)
if not allowed:
raise AuthFailedException(IAMMeta.SYSTEM_ID, subject, action, resources)
def has_permission(self, request, view):
task_id = view.kwargs["task_id"]
task_resources = res_factory.resources_for_task(task_id)
allow_or_raise_auth_failed(
iam=iam,
system=IAMMeta.SYSTEM_ID,
subject=Subject("user", request.user.username),
action=Action(IAMMeta.TASK_VIEW_ACTION),
resources=task_resources,
)
return True
def get_delete_detail_resources(self, bundle):
return res_factory.resources_for_task(bundle.obj.task_id)
