| 1234567891011121314151617181920212223242526272829303132333435 |
- # coding=utf-8
- from rest_framework import permissions
- from apps.customer.models import Customer
- class IsCustomer(permissions.BasePermission):
- def has_permission(self, request, view):
- if not request.user or not request.user.is_authenticated:
- return False
- if not request.user.is_customer():
- return False
- customer = Customer.objects.filter(user_id=request.user.id).first()
- if not customer:
- return False
- request.customer = customer
- return True
- class IsEmployee(permissions.BasePermission):
- def has_permission(self, request, view):
- if not request.user or not request.user.is_authenticated:
- return False
- return request.user.is_employee()
- class AnyOne(permissions.BasePermission):
- '''都有权限,只是如果是customer的话可以获取到customer'''
- def has_permission(self, request, view):
- customer = None
- if request.user and request.user.is_authenticated and request.user.is_customer():
- customer = Customer.objects.filter(user_id=request.user.id).first()
- request.customer = customer
- return True
|
