PROD.2024/Pulse-API
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e17bef4122dc142074d1dbac6ebecee64f4f3548
Pulse-API/solution/pulse/api/posts/permissions.py
T
ITQ 79f0aaaaa6 Hotfix before deadline
2024-03-04 23:21:51 +03:00

36 lines
993 B
Python
Raw Blame History

from rest_framework import status
from rest_framework.exceptions import APIException
from rest_framework.permissions import BasePermission
class CustomForbidden(APIException):
status_code = status.HTTP_404_NOT_FOUND
default_detail = "You dont have access to view this post."
class CanAccessPost(BasePermission):
def has_object_permission(self, request, view, obj):
if (
obj.author.isPublic
or obj.author.check_for_friendship(request.user)
or obj.author == request.user
):
return True
raise CustomForbidden
class CanAccessFeed(BasePermission):
message = "You do not have permission to access this feed."
status_code = status.HTTP_404_NOT_FOUND
def has_object_permission(self, request, view, obj):
if (
obj.isPublic
or obj.check_for_friendship(request.user)
or obj == request.user
):
return True
raise CustomForbidden
Reference in New Issue View Git Blame Copy Permalink