HiPhone_BE/core/permissions.py

12 lines
360 B
Python
Raw Normal View History

2023-05-03 13:14:54 +09:00
from rest_framework.permissions import BasePermission, SAFE_METHODS
class IsAuthorOrReadOnly(BasePermission):
def has_object_permission(self, request, view, obj):
return bool(
request.method in SAFE_METHODS
or request.user
and request.user.is_authenticated
and obj.author == request.user
)