您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
此仓库已存档。您可以查看文件和克隆,但不能推送或创建工单/合并请求。

123456789101112131415161718192021222324252627282930313233343536373839404142434445
  1. from rest_framework import permissions
  2. def has_permission(self, request, view):
  3. if request.user.is_authenticated:
  4. try:
  5. employee = request.user.employee
  6. return employee is not None and employee.role is not None
  7. except Employee.DoesNotExist:
  8. return False
  9. return False
  10. from .models import Employee
  11. class EmployeeAPIPermission(permissions.BasePermission):
  12. def has_permission(self, request, view):
  13. if request.method in permissions.SAFE_METHODS:
  14. return True # Allow GET requests for all users
  15. user = request.user
  16. if user.is_authenticated and user.role:
  17. role_name = user.role.name
  18. if role_name == 'Admin':
  19. return True # Allow CRUD operations for Admin role
  20. elif role_name == 'Employee' and request.method in ['GET', 'PUT']:
  21. return True # Allow GET and PUT requests for Employee role
  22. return False
  23. from rest_framework import permissions
  24. class GoogleAuthenticatedPermission(permissions.BasePermission):
  25. def has_permission(self, request, view):
  26. # Check if the user is authenticated
  27. if not request.user.is_authenticated:
  28. return False
  29. # Check if the user is authenticated with a Google account
  30. if 'email' not in request.session:
  31. return False
  32. # Perform additional checks if needed
  33. # For example, verify the email in request.session with the email from id_token_data
  34. return True