geonode.base.api.permissions ============================ .. py:module:: geonode.base.api.permissions Attributes ---------- .. autoapisummary:: geonode.base.api.permissions.logger Classes ------- .. autoapisummary:: geonode.base.api.permissions.IsSelf geonode.base.api.permissions.IsSelfOrReadOnly geonode.base.api.permissions.IsSelfOrAdmin geonode.base.api.permissions.IsSelfOrAdminOrReadOnly geonode.base.api.permissions.IsSelfOrAdminOrAuthenticatedReadOnly geonode.base.api.permissions.IsOwnerOrAdmin geonode.base.api.permissions.IsOwnerOrReadOnly geonode.base.api.permissions.IsManagerEditOrAdmin geonode.base.api.permissions.ResourceBasePermissionsFilter geonode.base.api.permissions.UserHasPerms Module Contents --------------- .. py:data:: logger .. py:class:: IsSelf Bases: :py:obj:`rest_framework.permissions.BasePermission` Grant permission only if the current instance is the request user. Used to allow users to edit their own account, nothing to others (even superusers). .. py:method:: has_permission(request, view) Always return False here. The fine-grained permissions are handled in has_object_permission(). .. py:method:: has_object_permission(request, view, obj) .. py:class:: IsSelfOrReadOnly Bases: :py:obj:`IsSelf` Grant permissions if instance *IS* the request user, or read-only. Used to allow users to edit their own account, and others to read. .. py:method:: has_object_permission(request, view, obj) .. py:class:: IsSelfOrAdmin Bases: :py:obj:`IsSelf` Grant R/W to self and superusers/staff members. Deny others. .. py:method:: has_permission(request, view) Always return False here. The fine-grained permissions are handled in has_object_permission(). .. py:method:: has_object_permission(request, view, obj) .. py:class:: IsSelfOrAdminOrReadOnly Bases: :py:obj:`IsSelfOrAdmin` Grant R/W to self and superusers/staff members, R/O to others. .. py:method:: has_permission(request, view) Always return False here. The fine-grained permissions are handled in has_object_permission(). .. py:method:: has_object_permission(request, view, obj) .. py:class:: IsSelfOrAdminOrAuthenticatedReadOnly Bases: :py:obj:`IsSelfOrAdmin` Grant R/W to self and superusers/staff members, R/O to auth. .. py:method:: has_object_permission(request, view, obj) .. py:class:: IsOwnerOrAdmin Bases: :py:obj:`rest_framework.permissions.BasePermission` Object-level permission to only allow admin and owners of an object to edit it. Assumes the model instance has an `owner` attribute. .. py:method:: has_object_permission(request, view, obj) .. py:class:: IsOwnerOrReadOnly Bases: :py:obj:`IsOwnerOrAdmin` Object-level permission to only allow owners of an object to edit it. Assumes the model instance has an `owner` attribute. .. py:method:: has_object_permission(request, view, obj) .. py:class:: IsManagerEditOrAdmin Bases: :py:obj:`rest_framework.permissions.BasePermission` Object-level permission to only allow admin and managers to edit a group. .. py:method:: has_permission(request, view) .. py:method:: has_object_permission(request, view, obj) .. py:class:: ResourceBasePermissionsFilter Bases: :py:obj:`rest_framework.filters.BaseFilterBackend` A filter backend that limits results to those where the requesting user has read object level permissions. .. py:method:: filter_queryset(request, queryset, view) .. py:class:: UserHasPerms(perms_dict={}) Bases: :py:obj:`rest_framework.permissions.DjangoModelPermissions` .. py:attribute:: perms_map .. py:attribute:: perms_dict .. py:method:: __call__() .. py:method:: has_permission(request, view)