ahmed/Learning-Management-System
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Learning-Management-System/lms/app/permissions.py
AN 2adf87af1d u
2025-01-14 14:04:31 +00:00

38 lines
1 KiB
Python
Raw Blame History

from rest_framework.permissions import IsAuthenticated, BasePermission, SAFE_METHODS
import logging
logger = logging.getLogger(__name__)
class IsOwnerOrReadOnly(BasePermission):
def has_object_permission(self, request, view, obj):
if request.method in SAFE_METHODS:
return True
view_name = view.__class__.__name__
match view_name:
case "CourseViewSet":
return obj.owner == request.user
case "ModuleViewSet":
return obj.created_by == request.user
case "LessonViewSet":
return obj.created_by == request.user
class IsAdmin(BasePermission):
"""
Custom permission to allow access only to users with role 'instructor'.
"""
def has_permission(self, request, view):
# Ensure the user is authenticated and has a role of 'instructor'
return request.user.is_authenticated and request.user.role == 'admin'
Reference in a new issue View git blame Copy permalink