api: allow @permission_required with no object permission

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-03-29 17:28:28 +02:00
parent a9db538c63
commit 5d37012075

View file

@ -1,13 +1,13 @@
"""API Decorators""" """API Decorators"""
from functools import wraps from functools import wraps
from typing import Callable from typing import Callable, Optional
from rest_framework.request import Request from rest_framework.request import Request
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework.viewsets import ModelViewSet from rest_framework.viewsets import ModelViewSet
def permission_required(perm: str, *other_perms: str): def permission_required(perm: Optional[str] = None, *other_perms: str):
"""Check permissions for a single custom action""" """Check permissions for a single custom action"""
def wrapper_outter(func: Callable): def wrapper_outter(func: Callable):
@ -15,9 +15,10 @@ def permission_required(perm: str, *other_perms: str):
@wraps(func) @wraps(func)
def wrapper(self: ModelViewSet, request: Request, *args, **kwargs) -> Response: def wrapper(self: ModelViewSet, request: Request, *args, **kwargs) -> Response:
obj = self.get_object() if perm:
if not request.user.has_perm(perm, obj): obj = self.get_object()
return self.permission_denied(request) if not request.user.has_perm(perm, obj):
return self.permission_denied(request)
for other_perm in other_perms: for other_perm in other_perms:
if not request.user.has_perm(other_perm): if not request.user.has_perm(other_perm):
return self.permission_denied(request) return self.permission_denied(request)