jodhus/spradio-server-django
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Don't include the DJ for create/modify permissions.

Browse source
This commit is contained in:
Josh Washburne 2018-04-03 16:23:48 -04:00
parent 1d6a2662c3
commit 5bcf6c72d9
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
savepointradio/api/permissions.py
View file

@ -18,7 +18,9 @@ class IsAdminOrReadOnly(permissions.BasePermission):
if request.method in permissions.SAFE_METHODS: if request.method in permissions.SAFE_METHODS:
return True return True
else: else:
return request.user.is_authenticated and request.user.is_staff return (request.user.is_authenticated and
request.user.is_staff and
not request.user.is_dj)
class IsAdminOwnerOrReadOnly(permissions.BasePermission): class IsAdminOwnerOrReadOnly(permissions.BasePermission):
@ -29,7 +31,9 @@ class IsAdminOwnerOrReadOnly(permissions.BasePermission):
return True return True
else: else:
if request.user.is_authenticated: if request.user.is_authenticated:
return request.user.is_staff or request.user == obj.user return (request.user.is_staff or
request.user == obj.user and
not request.user.is_dj)
else: else:
return False return False