| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 |
- from ipaddress import IPv4Address, IPv4Network
- from rest_framework import permissions
- class IsOwner(permissions.BasePermission):
- """
- Custom permission to only allow owners of an object to view or edit it.
- """
- def has_object_permission(self, request, view, obj):
- return obj.owner == request.user
- class IsDomainOwner(permissions.BasePermission):
- """
- Custom permission to only allow owners of a domain to view or edit an object owned by that domain.
- """
- def has_object_permission(self, request, view, obj):
- return obj.domain.owner == request.user
- class IsVPNClient(permissions.BasePermission):
- """
- Permission that requires that the user is accessing using an IP from the VPN net.
- """
- message = 'Inadmissible client IP.'
- def has_permission(self, request, view):
- ip = IPv4Address(request.META.get('REMOTE_ADDR'))
- return ip in IPv4Network('10.8.0.0/24')
- class ManageTokensPermission(permissions.BasePermission):
- def has_permission(self, request, view):
- return request.auth.perm_manage_tokens
- class WithinDomainLimitOnPOST(permissions.BasePermission):
- """
- Permission that requires that the user still has domain limit quota available, if the request is using POST.
- """
- message = 'Domain limit exceeded. Please contact support to create additional domains.'
- def has_permission(self, request, view):
- if request.method != 'POST':
- return True
- return request.user.limit_domains is None or request.user.domains.count() < request.user.limit_domains
|
