Commit 6deb29e7 authored by Calum Mackervoy's avatar Calum Mackervoy

error messages explaining why permission denied

parent 1a18bab0
Pipeline #6979 passed with stage
in 27 seconds
from djangoldp.permissions import LDPPermissions
from rest_framework.exceptions import PermissionDenied
# auxiliary function tests user is an admin for specified project
......@@ -38,10 +39,10 @@ class ProjectPermissions(LDPPermissions):
# other members can perform GET only
if request.method != 'GET':
return False
raise PermissionDenied(detail='You must be an admin to perform this action')
if not Member.objects.filter(user=request.user, project=obj).exists():
return False
raise PermissionDenied(detail='You must be a member of this project to perform this action')
return super().has_object_permission(request, view, obj)
......@@ -61,7 +62,10 @@ class ProjectMemberPermissions(LDPPermissions):
# only admins can add new members to a project
if request.method == 'POST':
obj = Model.resolve_id(request._request.path)
return is_user_admin_of_project(request.user, obj.project)
if is_user_admin_of_project(request.user, obj.project):
return True
raise PermissionDenied(detail='You must be an admin to perform this action')
return super().has_permission(request, view)
......@@ -76,11 +80,12 @@ class ProjectMemberPermissions(LDPPermissions):
# I cannot remove myself if I am the last admin
if ==
if obj.project.get_admins().count() == 1:
return False
raise PermissionDenied(detail='To leave this project, you must first set up a new administrator'
' through the project panel')
# I cannot remove another admin
elif obj.is_admin:
return False
raise PermissionDenied(detail='You cannot remove another admin')
return True
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment