fixed typo
This commit is contained in:
parent
5ce9a808aa
commit
cde0cc0dd6
2 changed files with 20 additions and 20 deletions
|
|
@ -25,31 +25,31 @@ class ModelSerializerContrains(serializers.ModelSerializer):
|
||||||
|
|
||||||
def create(self, validated_data):
|
def create(self, validated_data):
|
||||||
# get the fields that this user can modify
|
# get the fields that this user can modify
|
||||||
field_contrains = self.Meta.model.user_fields_contrains(self.context["request"].user)
|
field_contrains = self.Meta.model.user_fields_contraints(self.context["request"].user)
|
||||||
|
|
||||||
# for every constrains
|
# for every constraints
|
||||||
for field, constrains in field_contrains.items():
|
for field, constraints in field_contrains.items():
|
||||||
# check if the value is in the constrains.
|
# check if the value is in the constraints.
|
||||||
value = validated_data.get(field)
|
value = validated_data.get(field)
|
||||||
if value is not None and value not in constrains:
|
if value is not None and value not in constraints:
|
||||||
raise PermissionDenied(f"You are not allowed to use this value for the field {field}.")
|
raise PermissionDenied(f"You are not allowed to use this value for the field {field}.")
|
||||||
|
|
||||||
return super().create(validated_data)
|
return super().create(validated_data)
|
||||||
|
|
||||||
def update(self, instance, validated_data):
|
def update(self, instance, validated_data):
|
||||||
# get the fields that this user can modify
|
# get the fields that this user can modify
|
||||||
field_contrains = self.Meta.model.user_fields_contrains(self.context["request"].user)
|
field_contrains = self.Meta.model.user_fields_contraints(self.context["request"].user)
|
||||||
|
|
||||||
# for every constrains
|
# for every constraints
|
||||||
for field, constrains in field_contrains.items():
|
for field, constraints in field_contrains.items():
|
||||||
# check if the value of the request is in the constrains.
|
# check if the value of the request is in the constraints.
|
||||||
value = validated_data.get(field)
|
value = validated_data.get(field)
|
||||||
if value is not None and value not in constrains:
|
if value is not None and value not in constraints:
|
||||||
raise PermissionDenied(f"You are not allowed to use this value for the field {field}.")
|
raise PermissionDenied(f"You are not allowed to use this value for the field {field}.")
|
||||||
|
|
||||||
# check if the value of the already existing instance is in the constrains.
|
# check if the value of the already existing instance is in the constraints.
|
||||||
value = getattr(instance, field, None)
|
value = getattr(instance, field, None)
|
||||||
if value is not None and value not in constrains:
|
if value is not None and value not in constraints:
|
||||||
raise PermissionDenied(f"You are not allowed to use this value for the field {field}.")
|
raise PermissionDenied(f"You are not allowed to use this value for the field {field}.")
|
||||||
|
|
||||||
# check that the user is managing the department
|
# check that the user is managing the department
|
||||||
|
|
|
||||||
|
|
@ -30,7 +30,7 @@ class ModelPermissionHelper:
|
||||||
return user.is_superuser
|
return user.is_superuser
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def user_fields_contrains(cls, user: "User") -> dict[str, QuerySet]:
|
def user_fields_contraints(cls, user: "User") -> dict[str, QuerySet]:
|
||||||
"""
|
"""
|
||||||
Return the list of fields in that model that the user can modify
|
Return the list of fields in that model that the user can modify
|
||||||
"""
|
"""
|
||||||
|
|
@ -232,7 +232,7 @@ class StudentGroup(models.Model, ModelPermissionHelper):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def user_fields_contrains(cls, user: "User") -> dict[str, QuerySet]:
|
def user_fields_contraints(cls, user: "User") -> dict[str, QuerySet]:
|
||||||
# if the user is admin, no contrains
|
# if the user is admin, no contrains
|
||||||
if user.is_superuser:
|
if user.is_superuser:
|
||||||
return {}
|
return {}
|
||||||
|
|
@ -315,7 +315,7 @@ class TeachingUnit(models.Model, ModelPermissionHelper):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def user_fields_contrains(cls, user: "User") -> dict[str, QuerySet]:
|
def user_fields_contraints(cls, user: "User") -> dict[str, QuerySet]:
|
||||||
# if the user is admin, no contrains
|
# if the user is admin, no contrains
|
||||||
if user.is_superuser:
|
if user.is_superuser:
|
||||||
return {}
|
return {}
|
||||||
|
|
@ -386,7 +386,7 @@ class StudentCard(models.Model, ModelPermissionHelper):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def user_fields_contrains(cls, user: "User") -> dict[str, QuerySet]:
|
def user_fields_contraints(cls, user: "User") -> dict[str, QuerySet]:
|
||||||
# if the user is admin, no contrains
|
# if the user is admin, no contrains
|
||||||
if user.is_superuser:
|
if user.is_superuser:
|
||||||
return {}
|
return {}
|
||||||
|
|
@ -480,7 +480,7 @@ class TeachingSession(models.Model, ModelPermissionHelper):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def user_fields_contrains(cls, user: "User") -> dict[str, QuerySet]:
|
def user_fields_contraints(cls, user: "User") -> dict[str, QuerySet]:
|
||||||
# if the user is admin, no contrains
|
# if the user is admin, no contrains
|
||||||
if user.is_superuser:
|
if user.is_superuser:
|
||||||
return {}
|
return {}
|
||||||
|
|
@ -611,7 +611,7 @@ class Attendance(models.Model, ModelPermissionHelper):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def user_fields_contrains(cls, user: "User") -> dict[str, QuerySet]:
|
def user_fields_contraints(cls, user: "User") -> dict[str, QuerySet]:
|
||||||
# if the user is admin, no contrains
|
# if the user is admin, no contrains
|
||||||
if user.is_superuser:
|
if user.is_superuser:
|
||||||
return {}
|
return {}
|
||||||
|
|
@ -751,7 +751,7 @@ class Absence(models.Model, ModelPermissionHelper):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def user_fields_contrains(cls, user: "User") -> dict[str, QuerySet]:
|
def user_fields_contraints(cls, user: "User") -> dict[str, QuerySet]:
|
||||||
# if the user is admin, no contrains
|
# if the user is admin, no contrains
|
||||||
if user.is_superuser:
|
if user.is_superuser:
|
||||||
return {}
|
return {}
|
||||||
|
|
@ -831,7 +831,7 @@ class AbsenceAttachment(models.Model, ModelPermissionHelper):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def user_fields_contrains(cls, user: "User") -> dict[str, QuerySet]:
|
def user_fields_contraints(cls, user: "User") -> dict[str, QuerySet]:
|
||||||
# if the user is admin, no contrains
|
# if the user is admin, no contrains
|
||||||
if user.is_superuser:
|
if user.is_superuser:
|
||||||
return {}
|
return {}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue