From 47cdc304e852526ff7a1e1766342f596994ae95d Mon Sep 17 00:00:00 2001
From: Samuel Gaist <samuel.gaist@idiap.ch>
Date: Fri, 24 Apr 2020 09:51:46 +0200
Subject: [PATCH] [common][permissions] Implement permissions from various
 mixins

This will allow to remove mixins that where going special
permission management.

Removing these mixins will allow for more flexibility with
regard to permission management.
---
 beat/web/common/permissions.py | 38 ++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/beat/web/common/permissions.py b/beat/web/common/permissions.py
index 6c15d5840..9ca392fe2 100644
--- a/beat/web/common/permissions.py
+++ b/beat/web/common/permissions.py
@@ -50,3 +50,41 @@ class IsAuthor(permissions.IsAuthenticated):
             author_name = kwargs.get("author_name")
             allowed = request.user.username == author_name
         return allowed
+
+
+class IsAuthorOrReadOnly(IsAuthor):
+    """
+    Either allow access if using a read method or
+    check that the user is also the author.
+    """
+
+    def has_permission(self, request, view):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        else:
+            return super().has_permission(request, view)
+
+
+class IsAdminOrReadOnly(permissions.IsAdminUser):
+    """
+    Either allow access if using a read method or
+    check that the user is an admin.
+    """
+
+    def has_permission(self, request, view):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        else:
+            return super().has_permission(request, view)
+
+
+class IsModifiableOrRead(permissions.BasePermission):
+    """
+    Check for modifiable flag if there's a modification that is tried
+    """
+
+    def has_object_permission(self, request, view, obj):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        else:
+            return obj.modifiable()
-- 
GitLab