funkwhale/api/funkwhale_api/users/permissions.py

from rest_framework.permissions import BasePermission


class HasUserPermission(BasePermission):
    """
    Ensure the request user has the proper permissions.

    Usage:

    class MyView(APIView):
        permission_classes = [HasUserPermission]
        required_permissions = ['federation']
    """

    def has_permission(self, request, view):
        if not hasattr(request, "user") or not request.user:
            return False
        if request.user.is_anonymous:
            return False
        operator = getattr(view, "permission_operator", "and")
        return request.user.has_permissions(
            *view.required_permissions, operator=operator
        )
See #152: added permission fields on user model and corresponding API permission 2018-05-18 16:47:35 +00:00			`from rest_framework.permissions import BasePermission`


			`class HasUserPermission(BasePermission):`
			`"""`
			`Ensure the request user has the proper permissions.`

			`Usage:`

			`class MyView(APIView):`
			`permission_classes = [HasUserPermission]`
			`required_permissions = ['federation']`
			`"""`
Blacked the code 2018-06-09 13:36:16 +00:00
See #152: added permission fields on user model and corresponding API permission 2018-05-18 16:47:35 +00:00			`def has_permission(self, request, view):`
Blacked the code 2018-06-09 13:36:16 +00:00			`if not hasattr(request, "user") or not request.user:`
See #152: added permission fields on user model and corresponding API permission 2018-05-18 16:47:35 +00:00			`return False`
			`if request.user.is_anonymous:`
			`return False`
Blacked the code 2018-06-09 13:36:16 +00:00			`operator = getattr(view, "permission_operator", "and")`
See #230: can now use "or" operator to check permissions 2018-05-24 20:38:26 +00:00			`return request.user.has_permissions(`
Blacked the code 2018-06-09 13:36:16 +00:00			`*view.required_permissions, operator=operator`
			`)`