Commit 45db9a66 authored by Samuel GAIST's avatar Samuel GAIST
Browse files

[common][mixins] Remove permission related mixins

parent 2bea7add
......@@ -25,8 +25,6 @@
# #
###############################################################################
from rest_framework import permissions
from .permissions import IsAuthor
class CommonContextMixin(object):
"""
......@@ -34,16 +32,17 @@ class CommonContextMixin(object):
request user in the serializer context
optionnaly the request object format
"""
def get_serializer_context(self):
context = super(CommonContextMixin, self).get_serializer_context()
context['user'] = self.request.user
context["user"] = self.request.user
object_format = self.request.GET.get('object_format', None)
object_format = self.request.GET.get("object_format", None)
if object_format is not None:
if object_format not in ['json', 'string']:
object_format = 'json'
if object_format not in ["json", "string"]:
object_format = "json"
context['object_format'] = object_format
context["object_format"] = object_format
return context
......@@ -53,52 +52,27 @@ class SerializerFieldsMixin(object):
Apply this mixin to any view or viewset to get the
list of fields to return
"""
def get_serializer_fields(self, request, allow_sharing=False, exclude_fields=[]):
# Process the query string
fields = None
query_params = request.query_params
if 'fields' in query_params:
fields = query_params['fields'].split(',')
if "fields" in query_params:
fields = query_params["fields"].split(",")
else:
fields = self.get_serializer_class().Meta.default_fields
if 'include_fields' in query_params:
include_fields = query_params['include_fields'].split(',')
if "include_fields" in query_params:
include_fields = query_params["include_fields"].split(",")
fields.extend(include_fields)
if not(allow_sharing):
exclude_fields = ['sharing'] + exclude_fields
if not (allow_sharing):
exclude_fields = ["sharing"] + exclude_fields
if request.user.is_anonymous():
exclude_fields = ['is_owner'] + exclude_fields
exclude_fields = ["is_owner"] + exclude_fields
fields = [field for field in fields if field not in exclude_fields]
return fields
class IsAuthorOrReadOnlyMixin(object):
"""
Apply this mixin to any view or viewset. Allows read for
all and modification only by author
"""
def get_permissions(self):
if self.request.method == 'GET':
self.permission_classes = [permissions.AllowAny]
else:
self.permission_classes = [permissions.IsAuthenticated, IsAuthor]
return super(IsAuthorOrReadOnlyMixin, self).get_permissions()
class IsAdminOrReadOnlyMixin(object):
"""
Apply this mixin to any view or viewset. Allows read for
all and modification only by admin
"""
def get_permissions(self):
if self.request.method == 'GET':
self.permission_classes = [permissions.AllowAny]
else:
self.permission_classes = [permissions.IsAuthenticated, permissions.IsAdminUser]
return super(IsAdminOrReadOnlyMixin, self).get_permissions()
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment