mirror of
https://github.com/bookwyrm-social/bookwyrm.git
synced 2024-11-27 12:01:14 +00:00
Adds model function to check perms
This commit is contained in:
parent
0f57a43bfb
commit
ab31798931
1 changed files with 27 additions and 0 deletions
|
@ -1,6 +1,8 @@
|
|||
""" base model with default fields """
|
||||
import base64
|
||||
from Crypto import Random
|
||||
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.db import models
|
||||
from django.dispatch import receiver
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
|
@ -78,6 +80,31 @@ class BookWyrmModel(models.Model):
|
|||
return True
|
||||
return False
|
||||
|
||||
def raise_not_editable(self, viewer):
|
||||
"""does this user have permission to edit this object? liable to be overwritten
|
||||
by models that inherit this base model class"""
|
||||
if not hasattr(self, "user"):
|
||||
return
|
||||
|
||||
# generally moderators shouldn't be able to edit other people's stuff
|
||||
if self.user == viewer:
|
||||
return
|
||||
|
||||
raise PermissionDenied
|
||||
|
||||
def raise_not_deletable(self, viewer):
|
||||
"""does this user have permission to delete this object? liable to be
|
||||
overwritten by models that inherit this base model class"""
|
||||
if not hasattr(self, "user"):
|
||||
return
|
||||
|
||||
# but generally moderators can delete other people's stuff
|
||||
if self.user == viewer or viewer.has_perm("moderate_post"):
|
||||
return
|
||||
|
||||
raise PermissionDenied
|
||||
|
||||
|
||||
|
||||
@receiver(models.signals.post_save)
|
||||
# pylint: disable=unused-argument
|
||||
|
|
Loading…
Reference in a new issue