2021-03-24 11:01:35 +00:00
|
|
|
from rest_framework import permissions
|
|
|
|
|
2023-04-21 09:31:39 +00:00
|
|
|
from rbac.builtin import BuiltinRole
|
2022-07-04 03:29:39 +00:00
|
|
|
from .utils import is_auth_password_time_valid
|
2021-03-24 11:01:35 +00:00
|
|
|
|
|
|
|
|
|
|
|
class IsAuthPasswdTimeValid(permissions.IsAuthenticated):
|
|
|
|
|
|
|
|
def has_permission(self, request, view):
|
|
|
|
return super().has_permission(request, view) \
|
2023-04-21 09:31:39 +00:00
|
|
|
and is_auth_password_time_valid(request.session)
|
|
|
|
|
|
|
|
|
|
|
|
class UserObjectPermission(permissions.BasePermission):
|
|
|
|
|
|
|
|
def has_object_permission(self, request, view, obj):
|
|
|
|
if view.action not in ['update', 'partial_update', 'destroy']:
|
|
|
|
return True
|
|
|
|
|
2023-05-18 11:02:26 +00:00
|
|
|
if not request.user.is_superuser and obj.is_superuser:
|
|
|
|
return False
|
2023-04-21 09:31:39 +00:00
|
|
|
|
2023-05-18 11:02:26 +00:00
|
|
|
return True
|