def get_permissions(self):
if self.request.method == 'GET':
return IsAuthenticated(),
elif self.request.user.role == 1:
return IsAuthenticated(),
else:
return IsAdminUser(),
def get_permissions(self):
"""Получение прав для действий."""
if self.action in ["update", "partial_update", "destroy"]:
return [IsAuthenticated(), IsOwner()] or [IsAdmin()]
elif self.action in ["create", "add_to_favourites", "remove_from_favorites"]:
return [IsAuthenticated()]
return []
def get_permissions(self):
if self.request.method == 'GET':
# check user is in group 1 (User)
if User.objects.filter(username=self.request.user.username,
groups=(1, )):
return IsAuthenticated(), IsOwner(),
return AllowAny(),
elif self.request.method == 'PUT':
# check user is in group 1 (User)
if User.objects.filter(username=self.request.user.username,
groups=(1, )):
return IsAuthenticated(), IsOwner(),
# check user is in group 2 (Manager)
elif User.objects.filter(username=self.request.user.username,
groups=(2, )):
return IsAuthenticated(),
# admin rights
return IsAdminUser(),
elif self.request.method == "DELETE":
# check user is in group 2 (Manager)
if User.objects.filter(username=self.request.user.username,
groups=(2, )):
return IsAuthenticated(),
# admin rights
return IsAdminUser(),
def get_permissions(self):
try:
return [IsAuthenticated()] + [permission() for permission in \
self.permission_classes_by_action[self.action]]
except KeyError:
return [IsAuthenticated()] + [permission() for permission in \
self.permission_classes]
def get_permissions(self):
if self.action == 'create':
return [
IsAuthenticated(),
]
elif self.action == 'destroy':
return [IsAuthenticated(), IsAdminUser()]
def get_permissions(self):
if self.action == 'retrieve':
return [IsAuthenticated()]
elif self.action == 'create':
return [AllowAny()]
elif self.action == 'updata' or 'destory':
return [IsAuthenticated()]
return [AllowAny()]
def get_permissions(self):
"""Получение прав для действий."""
if self.action == "create":
return [IsAuthenticated()]
elif self.action in ["partial_update", "update", 'destroy']:
return [IsAuthenticated(), IsAdminUser()]
else:
return super(OrderViewSet, self).get_permissions()
def get_permissions(self):
if self.request.user.is_anonymous:
return IsAuthenticated(),
if self.request.user.is_admin:
return IsAuthenticated(),
return IsAdminUser(),
def get_permissions(self):
if self.action in [
'retrieve', 'list', 'update', 'partial_update', 'destroy'
]:
return [IsAuthenticated(), IsAdminOrOwner()]
elif self.action == 'create':
return [IsAuthenticated()]
return []
def get_permissions(self):
if self.request.method == "GET":
return (IsAuthenticated(),)
elif self.request.method == "PUT":
# return (IsAuthenticated(), IsEventCreatorOrUserCanInvite(), IsEvedatetime.fromtimestamp(int("1284101485"))ntCreatorOrUserCanModifyEvent(),)
return (IsAuthenticated(), IsEventCreatorOrUserCanInviteOrModify(),)
elif self.request.method == "DELETE":
return (IsAuthenticated(), IsEventCreator(),)
def get_permissions(self):
if self.action == "create":
return [IsAuthenticated()]
if self.action == "destroy":
return [IsAuthenticated(), IsModerator()]
if self.action in {"update", "partial_update"}:
return [IsAuthenticated(), IsModeratorOrCreator()]
return super().get_permissions()
def get_permissions(self):
# AllowAny() / IsAuthenticated() generate an object instance
# not AllowAny / IsAuthenticated, this is just a class name
if self.action == 'create':
return [IsAuthenticated()]
if self.action in ['destroy', 'update']:
return [IsAuthenticated(), IsObjectOwner()]
return [AllowAny()]
def get_permissions(self):
if self.action == 'list':
return [
IsAuthenticated(),
]
return [
IsAuthenticated(),
]
def get_permissions(self):
if self.action in ['list']:
return [IsAdminUser()]
elif self.action in ['list_mine', 'create']:
return [IsAuthenticated()]
elif self.action in ['update', 'partial_update', 'delete']:
return [IsAuthenticated(), IsOwnerOrAdmin()]
return super(ContentViewSet, self).get_permissions()
def get_permissions(self):
if self.action in ['update', 'partial_update', 'destroy']:
return [IsAdminUser()]
elif self.action in ['create']:
return [IsAuthenticated()]
elif self.action in ['retrieve']:
return [IsOwner()]
elif self.action in ['list']:
return [IsAuthenticated()]
def get_permissions(self):
"""Получение прав для действий."""
if self.action == 'create':
return [
IsAuthenticated(),
]
if self.action in ["destroy", "update", "partial_update"]:
return [IsAuthenticated(), IsAdminOrOwner()]
return []
def get_permissions(self):
# To instantiate an object, parens are needed
# AllowAny() / IsAuthenticated()
# not just class names like AllowAny / IsAuthenticated
if self.action == 'create':
return [IsAuthenticated()]
if self.action in ['update', 'destroy']:
return [IsAuthenticated(), IsObjectOwner()]
return [AllowAny()]
def get_permissions(self):
# 注意要加用 AllowAny() / IsAuthenticated() 实例化出对象
# 而不是 AllowAny / IsAuthenticated 这样只是一个类名
if self.action == 'create':
return [IsAuthenticated()]
if self.action in ['update', 'destroy']:
# note: you need to verify you have login firstly
return [IsAuthenticated(), IsObjectOwner()]
return [AllowAny()]
def get_permissions(self):
if self.action == "create":
return [IsAuthenticated()]
if self.action in ["update", "destroy"]:
return [IsAuthenticated(), IsObjectOwner()]
return [AllowAny()]
def get_permissions(self):
if self.action == "create":
return []
elif self.action == "retrieve":
return [
IsAuthenticated(),
]
return [
IsAuthenticated(),
]
def get_permissions(self):
if self.action == 'list':
return [
IsAuthenticated(),
IsQuanLyTaiChinh(),
]
return [
IsAuthenticated(),
IsQuanLyTaiChinh(),
]
def get_permissions(self):
if self.action == "retrieve":
return [IsAuthenticated(), ElectricityFeesIsSelf()]
if self.action == "list":
return [IsAuthenticated()]
if self.action == "recharge_admin":
return [IsAuthenticated(), UserIsSuperUser()]
if self.action == "change_note":
return [IsAuthenticated(), UserIsSuperUser()]
return []
