def get_form(self, request, obj=None, **kwargs):
form = super().get_form(request=request, obj=obj, **kwargs)
if not request.user.is_superuser and not business_logic.is_user_manager(
None, request=request):
form.base_fields['user'].queryset = form.base_fields[
'user'].queryset.filter(pk=request.user.pk)
return form
def get_static_actions(cls, request):
if (request is None or not business_logic.is_curator(request.user)
or not business_logic.is_user_manager(request.user)):
return {}
return dict(**cls.get_group_actions(), )
def has_object_permission(self, request, view, obj):
from ifbcat_api import business_logic
return business_logic.is_user_manager(
request.user) or (isinstance(obj, get_user_model()) and
business_logic.can_edit_user(request.user, obj))
def get_queryset(self, request):
qs = super().get_queryset(request)
if not request.user.is_superuser and not business_logic.is_user_manager(
None, request=request):
qs = qs.filter(user=request.user)
return qs
def has_permission(self, request, view):
from ifbcat_api import business_logic
return business_logic.is_user_manager(request.user)