amirfeqhi /
DjangoProfile
| Total Complexity | 4 |
| Total Lines | 24 |
| Duplicated Lines | 0 % |
| Changes | 0 | ||
| 1 | from rest_framework import permissions |
||
| 2 | |||
| 3 | |||
| 4 | class UpdateOwnProfile(permissions.BasePermission): |
||
| 5 | """Allow users update their own profiles.""" |
||
| 6 | |||
| 7 | def has_object_permission(self, request, view, obj): |
||
| 8 | """Check user is trying to edit their own profile.""" |
||
| 9 | |||
| 10 | if request.method in permissions.SAFE_METHODS: |
||
| 11 | return True |
||
| 12 | return obj.id == request.user.id |
||
| 13 | |||
| 14 | |||
| 15 | class PostOwnStatus(permissions.BasePermission): |
||
| 16 | """Allow users update their own status.""" |
||
| 17 | |||
| 18 | def has_object_permission(self, request, view, obj): |
||
| 19 | """Check user is trying to update their own status.""" |
||
| 20 | |||
| 21 | if request.method in permissions.SAFE_METHODS: |
||
| 22 | return True |
||
| 23 | return obj.user_profile.id == request.user.id |
||
| 24 |
