fishy/Dynavera
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Dynavera/apps/accounts/permissions.py
Viswamedha Nalabotu ddae68b433 Added common permission classes and validator methods
2026-03-08 12:20:13 +00:00

37 lines
1.3 KiB
Python
Raw Blame History

from rest_framework.permissions import BasePermission
from apps.accounts.models import Organization
def get_organization_from_object(obj):
if isinstance(obj, Organization):
return obj
organization = getattr(obj, 'organization', None)
if isinstance(organization, Organization):
return organization
role = getattr(obj, 'role', None)
organization = getattr(role, 'organization', None)
if isinstance(organization, Organization):
return organization
return None
def can_manage_organization(user, organization):
if organization is None:
return False
is_owner = organization.owner.id == user.id
is_member_manager = bool(user.is_manager) and organization.members.filter(id=user.id).exists()
return is_owner or is_member_manager
class IsOrganizationOwnerOrMember(BasePermission):
def has_object_permission(self, request, view, obj):
if not isinstance(obj, Organization):
return False
return request.user.is_member_of(obj) or request.user.is_owner_of(obj)
class CanManageOrganization(BasePermission):
def has_object_permission(self, request, view, obj):
organization = get_organization_from_object(obj)
return can_manage_organization(request.user, organization)
Reference in a new issue View git blame Copy permalink