Commit 693e1afa5eb0ef9e1977bd802559c1f2db906fa1
1 parent
a9cb7ae511
Exists in
master
off by one
Showing 1 changed file with 1 additions and 1 deletions Inline Diff
flashcards/api.py
View file @
693e1af
| from django.utils.timezone import now | 1 | 1 | from django.utils.timezone import now | |
| from flashcards.models import Flashcard, UserFlashcardQuiz | 2 | 2 | from flashcards.models import Flashcard, UserFlashcardQuiz | |
| from rest_framework.exceptions import PermissionDenied | 3 | 3 | from rest_framework.exceptions import PermissionDenied | |
| from rest_framework.pagination import PageNumberPagination | 4 | 4 | from rest_framework.pagination import PageNumberPagination | |
| from rest_framework.permissions import BasePermission | 5 | 5 | from rest_framework.permissions import BasePermission | |
| 6 | 6 | |||
| mock_no_params = lambda x: None | 7 | 7 | mock_no_params = lambda x: None | |
| 8 | 8 | |||
| 9 | 9 | |||
| class StandardResultsSetPagination(PageNumberPagination): | 10 | 10 | class StandardResultsSetPagination(PageNumberPagination): | |
| page_size = 40 | 11 | 11 | page_size = 40 | |
| page_size_query_param = 'page_size' | 12 | 12 | page_size_query_param = 'page_size' | |
| max_page_size = 1000 | 13 | 13 | max_page_size = 1000 | |
| 14 | 14 | |||
| 15 | 15 | |||
| class UserDetailPermissions(BasePermission): | 16 | 16 | class UserDetailPermissions(BasePermission): | |
| """ | 17 | 17 | """ | |
| Permissions for the user detail view. Anonymous users may only POST. | 18 | 18 | Permissions for the user detail view. Anonymous users may only POST. | |
| """ | 19 | 19 | """ | |
| 20 | 20 | |||
| def has_object_permission(self, request, view, obj): | 21 | 21 | def has_object_permission(self, request, view, obj): | |
| if request.method == 'POST': | 22 | 22 | if request.method == 'POST': | |
| return True | 23 | 23 | return True | |
| return request.user.is_authenticated() | 24 | 24 | return request.user.is_authenticated() | |
| 25 | 25 | |||
| 26 | 26 | |||
| class IsEnrolledInAssociatedSection(BasePermission): | 27 | 27 | class IsEnrolledInAssociatedSection(BasePermission): | |
| def has_object_permission(self, request, view, obj): | 28 | 28 | def has_object_permission(self, request, view, obj): | |
| if obj is None: | 29 | 29 | if obj is None: | |
| return True | 30 | 30 | return True | |
| assert type(obj) is Flashcard | 31 | 31 | assert type(obj) is Flashcard | |
| return request.user.is_in_section(obj.section) | 32 | 32 | return request.user.is_in_section(obj.section) | |
| 33 | 33 | |||
| 34 | 34 | |||
| class IsFlashcardReviewer(BasePermission): | 35 | 35 | class IsFlashcardReviewer(BasePermission): | |
| def has_object_permission(self, request, view, obj): | 36 | 36 | def has_object_permission(self, request, view, obj): | |
| if obj is None: | 37 | 37 | if obj is None: | |
| return True | 38 | 38 | return True | |
| assert type(obj) is UserFlashcardQuiz | 39 | 39 | assert type(obj) is UserFlashcardQuiz | |
| return request.user == obj.user_flashcard.user | 40 | 40 | return request.user == obj.user_flashcard.user | |
| 41 | 41 |