#!/usr/bin/env python
# vim: set fileencoding=utf-8 :
###############################################################################
# #
# Copyright (c) 2016 Idiap Research Institute, http://www.idiap.ch/ #
# Contact: beat.support@idiap.ch #
# #
# This file is part of the beat.web module of the BEAT platform. #
# #
# Commercial License Usage #
# Licensees holding valid commercial BEAT licenses may use this file in #
# accordance with the terms contained in a written agreement between you #
# and Idiap. For further information contact tto@idiap.ch #
# #
# Alternatively, this file may be used under the terms of the GNU Affero #
# Public License version 3 as published by the Free Software and appearing #
# in the file LICENSE.AGPL included in the packaging of this file. #
# The BEAT platform is distributed in the hope that it will be useful, but #
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY #
# or FITNESS FOR A PARTICULAR PURPOSE. #
# #
# You should have received a copy of the GNU Affero Public License along #
# with the BEAT platform. If not, see http://www.gnu.org/licenses/. #
# #
###############################################################################
from rest_framework import permissions
from .models import Report
#----------------------------------------------------------
[docs]class IsAuthor(permissions.BasePermission):
"""
The logged in user should also be the author
"""
[docs] def has_object_permission(self, request, view, obj):
return obj.author == request.user
#----------------------------------------------------------
[docs]class IsEditable(permissions.BasePermission):
"""
Object level permission that returns true if the
given object has the Report.EDITABLE status
"""
message = 'This report is read-only'
[docs] def has_object_permission(self, request, view, obj):
return obj.status == Report.EDITABLE
#----------------------------------------------------------
[docs]class IsLocked(permissions.BasePermission):
"""
Object level permission that returns true if the
given object status is not Report.EDITABLE
"""
message = 'This report is not locked'
[docs] def has_object_permission(self, request, view, obj):
return obj.status == Report.LOCKED
#----------------------------------------------------------
[docs]class IsPublished(permissions.BasePermission):
"""
Object level permission that returns true if the
given object status is Report.PUBLISHED
"""
message = 'This report is not published'
[docs] def has_object_permission(self, request, view, obj):
return obj.status == Report.PUBLISHED
#----------------------------------------------------------
[docs]class IsAuthorOrPublished(permissions.BasePermission):
"""
The logged in user should also be the author or
the report must be published
"""
[docs] def has_object_permission(self, request, view, obj):
if (obj.author== request.user) or (obj.status == Report.PUBLISHED):
return True
return False
#----------------------------------------------------------
[docs]class IsAuthorOrAccessible(permissions.BasePermission):
"""
The logged in user should also be the author or
the report must be published
"""
[docs] def has_object_permission(self, request, view, obj):
if (obj.author== request.user) or (obj.status != Report.EDITABLE):
return True
return False
#----------------------------------------------------------
[docs]class IsAccessibleOutside(permissions.BasePermission):
"""
The logged in user should also be the author or
the report must be published
"""
[docs] def has_object_permission(self, request, view, obj):
return True