def has_list_permission(cls, request):
try:
return check_has_access(cls.has_access, request) or len(
request.user.memberships.filter(
membership_type=MembershipType.LEADER))
except AttributeError:
return check_has_access(cls.has_access, request)
def has_object_write_permission(self, request):
if request.method == "DELETE":
return check_has_access(
self.has_access,
request,
)
return self == request.user or check_has_access(
self.has_access,
request,
)
def has_retrieve_permission(cls, request):
if request.user:
return request.id == request._user.user_id or check_has_access(
cls.has_access,
request,
)
return check_has_access(
cls.has_access,
request,
)
def has_update_permission(cls, request):
try:
if request.user:
return request.user.user_id == request.parser_context[
"kwargs"]["pk"] or check_has_access(
cls.has_access,
request,
)
except (AssertionError, KeyError):
return check_has_access(
cls.has_access,
request,
)
def has_object_retrieve_permission(self, request):
return self == request.user or check_has_access(
self.has_access,
request,
)
def has_write_permission(cls, request):
return check_has_access(
cls.has_access,
request,
)
def has_write_permission(cls, request):
if not request.user:
return False
return check_has_access(cls.write_access, request)
def has_list_permission(cls, request):
return check_has_access(cls.write_access, request)