Commit efc46b4b authored by Jean-Baptiste Pasquier's avatar Jean-Baptiste Pasquier

Merge branch 'permissions-error-messages' into 'master'

Error messages explaining why permission denied

See merge request !28
parents 1a18bab0 30ebf5bc
Pipeline #6986 passed with stage
in 27 seconds
from djangoldp.permissions import LDPPermissions
from rest_framework.exceptions import PermissionDenied
# auxiliary function tests user is an admin for specified project
......@@ -38,10 +39,10 @@ class ProjectPermissions(LDPPermissions):
# other members can perform GET only
if request.method != 'GET':
return False
raise PermissionDenied(detail='You must be an admin to perform this action')
if not Member.objects.filter(user=request.user, project=obj).exists():
return False
raise PermissionDenied(detail='You must be a member of this project to perform this action')
return super().has_object_permission(request, view, obj)
......@@ -61,7 +62,10 @@ class ProjectMemberPermissions(LDPPermissions):
# only admins can add new members to a project
if request.method == 'POST':
obj = Model.resolve_id(request._request.path)
return is_user_admin_of_project(request.user, obj.project)
if is_user_admin_of_project(request.user, obj.project):
return True
else:
raise PermissionDenied(detail='You must be an admin to perform this action')
return super().has_permission(request, view)
......@@ -76,11 +80,12 @@ class ProjectMemberPermissions(LDPPermissions):
# I cannot remove myself if I am the last admin
if obj.pk == request.user.pk:
if obj.project.get_admins().count() == 1:
return False
raise PermissionDenied(detail='To leave this project, you must first set up a new administrator'
' through the project panel')
# I cannot remove another admin
elif obj.is_admin:
return False
raise PermissionDenied(detail='You cannot remove another admin')
return True
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment