seahub/api2/permissions.py

"""
Provides a set of pluggable permission policies.
"""

from rest_framework.permissions import BasePermission

from seaserv import check_permission

SAFE_METHODS = ['GET', 'HEAD', 'OPTIONS']

class IsRepoWritable(BasePermission):
    """
    Allows access only for users who has write permission to the repo.
    """

    def has_permission(self, request, view, obj=None):
        if request.method in SAFE_METHODS:
            return True

        repo_id = view.kwargs.get('repo_id', '')
        user = request.user.username if request.user else ''

        if user and check_permission(repo_id, user) == 'rw':
            return True
        return False
[api2] Added repowritable permission 2012-12-19 08:39:50 +00:00			`"""`
			`Provides a set of pluggable permission policies.`
			`"""`

			`from rest_framework.permissions import BasePermission`

			`from seaserv import check_permission`

Added RESTful file/dir api 2012-12-23 14:27:16 +00:00			`SAFE_METHODS = ['GET', 'HEAD', 'OPTIONS']`

[api2] Added repowritable permission 2012-12-19 08:39:50 +00:00			`class IsRepoWritable(BasePermission):`
			`"""`
			`Allows access only for users who has write permission to the repo.`
			`"""`

			`def has_permission(self, request, view, obj=None):`
Added RESTful file/dir api 2012-12-23 14:27:16 +00:00			`if request.method in SAFE_METHODS:`
			`return True`

[api2] Added repowritable permission 2012-12-19 08:39:50 +00:00			`repo_id = view.kwargs.get('repo_id', '')`
			`user = request.user.username if request.user else ''`

			`if user and check_permission(repo_id, user) == 'rw':`
			`return True`
			`return False`