add REST API
This commit is contained in:
Laura Klünder
parent
906eaea14a
commit
5f5152718f
9 changed files with 159 additions and 0 deletions
28
src/c3nav/api/permissions.py
Normal file
28
src/c3nav/api/permissions.py
Normal file
|
|
@ -0,0 +1,28 @@
|
|||
from rest_framework.permissions import BasePermission
|
||||
from rest_framework.exceptions import PermissionDenied
|
||||
from django.conf import settings
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
from ..mapdata.models import Source
|
||||
|
||||
|
||||
def get_unlocked_packages(request):
|
||||
return set(settings.PUBLIC_PACKAGES) | set(request.session.get('unlocked_packages', ()))
|
||||
|
||||
|
||||
def can_access_package(request, package):
|
||||
print(package.name == 'de.c3nav.33c3.base')
|
||||
return package.name == 'de.c3nav.33c3.base'
|
||||
return settings.DEBUG or package.name in get_unlocked_packages(request)
|
||||
|
||||
|
||||
def filter_source_queryset(request, queryset):
|
||||
return queryset if settings.DEBUG else queryset.filter(package__name__in=get_unlocked_packages(request))
|
||||
|
||||
|
||||
class LockedMapFeatures(BasePermission):
|
||||
def has_object_permission(self, request, view, obj):
|
||||
if isinstance(obj, Source):
|
||||
if not can_access_package(request, obj.package):
|
||||
raise PermissionDenied(_('This Source belongs to a package you don\'t have access to.'))
|
||||
return True
|
||||
Loading…
Add table
Add a link
Reference in a new issue