questionnaire.permissions 源代码
from rest_framework import permissions
__all__ = [
'IsTextOwnerOrAsker',
'IsSheetOwnerOrAsker',
'IsSurveyOwnerOrReadOnly',
'IsQuestionOwnerOrReadOnly',
'IsChoiceOwnerOrReadOnly',
]
def check_owner_or_asker(request, owner, asker):
return request.user.is_staff or request.user == owner or request.user == asker
[文档]
class IsTextOwnerOrAsker(permissions.BasePermission):
[文档]
def has_object_permission(self, request, view, obj):
owner = obj.answersheet.creator
asker = obj.question.survey.creator
return check_owner_or_asker(request, owner, asker)
[文档]
class IsSheetOwnerOrAsker(permissions.BasePermission):
[文档]
def has_object_permission(self, request, view, obj):
owner = obj.creator
asker = obj.survey.creator
return check_owner_or_asker(request, owner, asker)
def check_owner_or_read_only(request, owner):
return (request.user.is_staff
or request.method in permissions.SAFE_METHODS
or request.user == owner)
[文档]
class IsSurveyOwnerOrReadOnly(permissions.BasePermission):
[文档]
def has_object_permission(self, request, view, obj):
owner = obj.creator
return check_owner_or_read_only(request, owner)
[文档]
class IsQuestionOwnerOrReadOnly(permissions.BasePermission):
[文档]
def has_object_permission(self, request, view, obj):
owner = obj.survey.creator
return check_owner_or_read_only(request, owner)
[文档]
class IsChoiceOwnerOrReadOnly(permissions.BasePermission):
[文档]
def has_object_permission(self, request, view, obj):
owner = obj.question.survey.creator
return check_owner_or_read_only(request, owner)
