Total Complexity | 4 |
Total Lines | 24 |
Duplicated Lines | 0 % |
Changes | 0 |
1 | from rest_framework import permissions |
||
2 | |||
3 | |||
4 | class UpdateOwnProfile(permissions.BasePermission): |
||
5 | """Allow users update their own profiles.""" |
||
6 | |||
7 | def has_object_permission(self, request, view, obj): |
||
8 | """Check user is trying to edit their own profile.""" |
||
9 | |||
10 | if request.method in permissions.SAFE_METHODS: |
||
11 | return True |
||
12 | return obj.id == request.user.id |
||
13 | |||
14 | |||
15 | class PostOwnStatus(permissions.BasePermission): |
||
16 | """Allow users update their own status.""" |
||
17 | |||
18 | def has_object_permission(self, request, view, obj): |
||
19 | """Check user is trying to update their own status.""" |
||
20 | |||
21 | if request.method in permissions.SAFE_METHODS: |
||
22 | return True |
||
23 | return obj.user_profile.id == request.user.id |
||
24 |