def has_object_permission(self, request, view, obj): assert isinstance(obj, (Node, DraftRegistration, PrivateLink)), 'obj must be a Node, Draft Registration, or PrivateLink, got {}'.format(obj) auth = get_user_auth(request) node = Node.load(request.parser_context['kwargs']['node_id']) if request.method != 'DELETE' and is_prereg_admin(auth.user): return True return node.has_permission(auth.user, osf_permissions.ADMIN)
def has_object_permission(self, request, view, obj): assert_resource_type(obj, self.acceptable_models) auth = get_user_auth(request) if request.method != 'DELETE' and is_prereg_admin(auth.user): return True return super(IsAdminContributorOrReviewer, self).has_object_permission(request, view, obj)
def has_object_permission(self, request, view, obj): assert_resource_type(obj, self.acceptable_models) auth = get_user_auth(request) if request.method != 'DELETE' and is_prereg_admin(auth.user): return True if isinstance(obj, DraftRegistration): obj = obj.branched_from return obj.has_permission(auth.user, osf_permissions.ADMIN)
def has_object_permission(self, request, view, obj): assert isinstance(obj, (AbstractNode, DraftRegistration)), 'obj must be a Node or Draft Registration, got {}'.format(obj) auth = get_user_auth(request) if request.method != 'DELETE' and is_prereg_admin(auth.user): return True if isinstance(obj, DraftRegistration): obj = obj.branched_from return obj.has_permission(auth.user, osf_permissions.ADMIN)
def has_object_permission(self, request, view, obj): assert_resource_type(obj, self.acceptable_models) auth = get_user_auth(request) if request.method != 'DELETE' and is_prereg_admin(auth.user): return True if isinstance(obj, DraftRegistration): obj = obj.branched_from return obj.has_permission(auth.user, osf_permissions.ADMIN)
def has_object_permission(self, request, view, obj): assert isinstance( obj, (AbstractNode, DraftRegistration, PrivateLink) ), 'obj must be an Node, Draft Registration, or PrivateLink, got {}'.format( obj) auth = get_user_auth(request) if request.method != 'DELETE' and is_prereg_admin(auth.user): return True return obj.has_permission(auth.user, osf_permissions.ADMIN)
def has_object_permission(self, request, view, obj): assert isinstance( obj, (Node, DraftRegistration) ), 'obj must be a Node or a Draft Registration, got {}'.format(obj) auth = get_user_auth(request) node = Node.load(request.parser_context['kwargs']['node_id']) if request.method != 'DELETE' and is_prereg_admin(auth.user): return True return node.has_permission(auth.user, osf_permissions.ADMIN)
def has_object_permission(self, request, view, obj): assert isinstance( obj, (AbstractNode, DraftRegistration )), 'obj must be a Node or Draft Registration, got {}'.format(obj) auth = get_user_auth(request) if request.method != 'DELETE' and is_prereg_admin(auth.user): return True if isinstance(obj, DraftRegistration): obj = obj.branched_from return obj.has_permission(auth.user, osf_permissions.ADMIN)
def has_object_permission(self, request, view, obj): assert isinstance(obj, (AbstractNode, DraftRegistration, PrivateLink)), 'obj must be an Node, Draft Registration, or PrivateLink, got {}'.format(obj) auth = get_user_auth(request) if request.method != 'DELETE' and is_prereg_admin(auth.user): return True return obj.has_permission(auth.user, osf_permissions.ADMIN)