-
Notifications
You must be signed in to change notification settings - Fork 159
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #134 from django-oscar/feature/update-line-attribu…
…te-options Functionality to update line attribute options
- Loading branch information
Showing
13 changed files
with
192 additions
and
88 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
<?xml version="1.0" encoding="utf-8"?> | ||
<django-objects version="1.0"> | ||
<object model="catalogue.option" pk="1"> | ||
<field name="name" type="CharField">Color</field> | ||
<field name="code" type="SlugField">color</field> | ||
<field name="type" type="CharField">Required</field> | ||
</object> | ||
</django-objects> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,36 +1,27 @@ | ||
from oscarapi.basket.operations import request_contains_basket, request_contains_line | ||
from rest_framework.permissions import BasePermission, IsAuthenticated | ||
|
||
from oscarapi.basket.operations import request_allows_access_to | ||
|
||
|
||
class HasUser(BasePermission): | ||
"Only anonymous and authenticated users can access this resource." | ||
def has_permission(self, request, view): | ||
return request.user | ||
|
||
|
||
class IsAdminUserOrRequestContainsBasket(HasUser): | ||
""" | ||
Permission class that checks if a request contains a basket. | ||
""" | ||
|
||
def has_object_permission(self, request, view, obj): | ||
return request_contains_basket(request, obj) or request.user.is_staff | ||
|
||
|
||
class IsAdminUserOrRequestContainsLine(BasePermission): | ||
class IsAdminUserOrRequestAllowsAccessTo(BasePermission): | ||
""" | ||
Permission class that checks if a request contains the basket this line | ||
belongs to. | ||
Permission class that checks if a request allows access to a basket. | ||
""" | ||
def has_object_permission(self, request, view, obj): | ||
return request_contains_line(request, obj) or request.user.is_staff | ||
return request_allows_access_to(request, obj) or request.user.is_staff | ||
|
||
|
||
class IsOwner(IsAuthenticated): | ||
""" | ||
Permission that checks if this object has a foreign key pointing to the | ||
authenticated user of this request | ||
""" | ||
|
||
def has_object_permission(self, request, view, obj): | ||
return obj.user == request.user |
Oops, something went wrong.