18 lines
596 B
Python
18 lines
596 B
Python
from rest_framework.permissions import BasePermission, SAFE_METHODS
|
|
|
|
class IsAuthorOrReadOnly(BasePermission):
|
|
"""
|
|
Pozwala edytować tylko własny wpis/komentarz.
|
|
"""
|
|
def has_object_permission(self, request, view, obj):
|
|
if request.method in SAFE_METHODS:
|
|
return True
|
|
return obj.author == request.user
|
|
|
|
class IsEditorOrAdmin(BasePermission):
|
|
"""
|
|
Pozwala publikować treści tylko edytorom lub adminom.
|
|
"""
|
|
def has_permission(self, request, view):
|
|
return request.user.is_authenticated and request.user.role in ['admin', 'editor']
|