HiPhone_BE/core/permissions.py

21 lines
592 B
Python
Raw Normal View History

2023-05-03 13:14:54 +09:00
from rest_framework.permissions import BasePermission, SAFE_METHODS
class IsAuthorOrReadOnly(BasePermission):
def has_object_permission(self, request, view, obj):
return bool(
request.method in SAFE_METHODS
or request.user
and request.user.is_authenticated
and obj.author == request.user
)
2023-05-17 16:10:25 +09:00
class IsAdminUserOrReadOnly(BasePermission):
def has_permission(self, request, view):
return bool(
request.method in SAFE_METHODS
or request.user
and request.user.is_staff
)