mirror of
https://github.com/makeplane/plane
synced 2024-06-14 14:31:34 +00:00
894e26116b
* refactor: setup multiple select related * chore: upgrade sentry sdk to latest version * refactor: update module and cycle views to increase performance * refactor: remove pagination and make the response simillar to paginated API * fix: update staging to DEBUG True for all logging * refactor: update the query count print statement * refactor: my issues endpoint to remove n+1 * refactor: optimize queries for workspace and project * fix: project member endpoint * fix: revert back workspace members * refactor: update base file to remove workspace and project query and update permission layer accordingly * refactor: update read_only fields in read serializers * fix: read only serializers * chore: update drf package * revert: drf version upgrade * revert: read only fields update * revert: update serializer to old state * chore: update drf to latest version * refactor: update dispatch to display method as well * refactor: optimize cycle and module issue queries * refactor: optimize module endpoint and issue list endpoint * refactor: update prefetch related in modules and cycles * refactor: create permission mapping in permission file
56 lines
1.5 KiB
Python
56 lines
1.5 KiB
Python
# Third Party imports
|
|
from rest_framework.permissions import BasePermission, SAFE_METHODS
|
|
|
|
# Module imports
|
|
from plane.db.models import WorkspaceMember
|
|
|
|
|
|
|
|
# Permission Mappings
|
|
Owner = 20
|
|
Admin = 15
|
|
Member = 10
|
|
Guest = 5
|
|
|
|
|
|
# TODO: Move the below logic to python match - python v3.10
|
|
class WorkSpaceBasePermission(BasePermission):
|
|
def has_permission(self, request, view):
|
|
# allow anyone to create a workspace
|
|
if request.user.is_anonymous:
|
|
return False
|
|
|
|
if request.method == "POST":
|
|
return True
|
|
|
|
## Safe Methods
|
|
if request.method in SAFE_METHODS:
|
|
return True
|
|
|
|
# allow only admins and owners to update the workspace settings
|
|
if request.method in ["PUT", "PATCH"]:
|
|
return WorkspaceMember.objects.filter(
|
|
member=request.user,
|
|
workspace__slug=view.workspace_slug,
|
|
role__in=[Owner, Admin],
|
|
).exists()
|
|
|
|
# allow only owner to delete the workspace
|
|
if request.method == "DELETE":
|
|
return WorkspaceMember.objects.filter(
|
|
member=request.user, workspace__slug=view.workspace_slug, role=Owner
|
|
).exists()
|
|
|
|
|
|
class WorkSpaceAdminPermission(BasePermission):
|
|
def has_permission(self, request, view):
|
|
|
|
if request.user.is_anonymous:
|
|
return False
|
|
|
|
return WorkspaceMember.objects.filter(
|
|
member=request.user,
|
|
workspace__slug=view.workspace_slug,
|
|
role__in=[Owner, Admin],
|
|
).exists()
|