mirror of
https://github.com/makeplane/plane
synced 2024-06-14 14:31:34 +00:00
f12b7ef923
* refactor: segregate urls in urls.py * refactor: remove all people endpoint * refactor: update file asset endpoint with slug and remove unused imports in issue * fix: remove people endpoint from __init__ * refactor: update permission logic to handle GET requests * feat: add url for sign up endpoint in urls * refactor: update the permission layer
86 lines
2.8 KiB
Python
86 lines
2.8 KiB
Python
# Third Party imports
|
|
from rest_framework.permissions import BasePermission, SAFE_METHODS
|
|
|
|
# Module import
|
|
from plane.db.models import WorkspaceMember, ProjectMember
|
|
|
|
|
|
class ProjectBasePermission(BasePermission):
|
|
def has_permission(self, request, view):
|
|
|
|
if request.user.is_anonymous:
|
|
return False
|
|
|
|
## Safe Methods -> Handle the filtering logic in queryset
|
|
if request.method in SAFE_METHODS:
|
|
return WorkspaceMember.objects.filter(
|
|
workspace__slug=view.workspace_slug, member=request.user
|
|
).exists()
|
|
|
|
## Only workspace owners or admins can create the projects
|
|
if request.method == "POST":
|
|
return WorkspaceMember.objects.filter(
|
|
workspace__slug=view.workspace_slug,
|
|
member=request.user,
|
|
role__in=[15, 20],
|
|
).exists()
|
|
|
|
## Only Project Admins can update project attributes
|
|
return ProjectMember.objects.filter(
|
|
workspace__slug=view.workspace_slug,
|
|
member=request.user,
|
|
role=20,
|
|
project_id=view.project_id,
|
|
).exists()
|
|
|
|
|
|
class ProjectMemberPermission(BasePermission):
|
|
def has_permission(self, request, view):
|
|
|
|
if request.user.is_anonymous:
|
|
return False
|
|
|
|
## Safe Methods -> Handle the filtering logic in queryset
|
|
if request.method in SAFE_METHODS:
|
|
return ProjectMember.objects.filter(
|
|
workspace=view.workspace, member=request.user
|
|
).exists()
|
|
## Only workspace owners or admins can create the projects
|
|
if request.method == "POST":
|
|
return WorkspaceMember.objects.filter(
|
|
workspace__slug=view.workspace_slug,
|
|
member=request.user,
|
|
role__in=[15, 20],
|
|
).exists()
|
|
|
|
## Only Project Admins can update project attributes
|
|
return ProjectMember.objects.filter(
|
|
workspace__slug=view.workspace_slug,
|
|
member=request.user,
|
|
role__in=[15, 20],
|
|
project_id=view.project_id,
|
|
).exists()
|
|
|
|
|
|
class ProjectEntityPermission(BasePermission):
|
|
def has_permission(self, request, view):
|
|
|
|
if request.user.is_anonymous:
|
|
return False
|
|
|
|
## Safe Methods -> Handle the filtering logic in queryset
|
|
if request.method in SAFE_METHODS:
|
|
return ProjectMember.objects.filter(
|
|
workspace=view.workspace,
|
|
member=request.user,
|
|
project_id=view.project_id,
|
|
).exists()
|
|
|
|
## Only project members or admins can create and edit the project attributes
|
|
return ProjectMember.objects.filter(
|
|
workspace__slug=view.workspace_slug,
|
|
member=request.user,
|
|
role__in=[15, 20],
|
|
project_id=view.project_id,
|
|
).exists()
|