forked from enviPath/enviPy
41 lines
1.2 KiB
Python
41 lines
1.2 KiB
Python
# decorators.py
|
|
from functools import wraps
|
|
|
|
from django.shortcuts import render
|
|
|
|
from epdb.logic import PackageManager
|
|
|
|
# Map HTTP methods to required permissions
|
|
DEFAULT_METHOD_PERMISSIONS = {
|
|
'GET': 'read',
|
|
'POST': 'write',
|
|
'DELETE': 'write',
|
|
}
|
|
|
|
|
|
def package_permission_required(method_permissions=None):
|
|
if method_permissions is None:
|
|
method_permissions = DEFAULT_METHOD_PERMISSIONS
|
|
|
|
def decorator(view_func):
|
|
@wraps(view_func)
|
|
def _wrapped_view(request, package_uuid, *args, **kwargs):
|
|
from epdb.views import _anonymous_or_real
|
|
user = _anonymous_or_real(request)
|
|
permission_required = method_permissions[request.method]
|
|
|
|
if not PackageManager.has_package_permission(user, package_uuid, permission_required):
|
|
from epdb.views import error
|
|
return error(
|
|
request,
|
|
"Operation failed!",
|
|
f"Couldn't perform the desired operation as {user.username} does not have the required permissions!",
|
|
code=403
|
|
)
|
|
|
|
return view_func(request, package_uuid, *args, **kwargs)
|
|
|
|
return _wrapped_view
|
|
|
|
return decorator
|