Isolate viewset get permission from model

dfunckt · Dec 22, 2021 · 6cd67cc · 6cd67cc
1 parent 2b79375
commit 6cd67cc
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 4 deletions.
diff --git a/rules/contrib/rest_framework.py b/rules/contrib/rest_framework.py
@@ -1,7 +1,9 @@
 from django.core.exceptions import ImproperlyConfigured, PermissionDenied
 
+from ..viewsets import BaseAutoPermissionMixin
 
-class AutoPermissionViewSetMixin:
+
+class AutoPermissionViewSetMixin(BaseAutoPermissionMixin):
     """
     Enforces object-level permissions in ``rest_framework.viewsets.ViewSet``,
     deriving the permission type from the particular action to be performed..
@@ -70,6 +72,7 @@ def initial(self, *args, **kwargs):
             obj = self.get_object()
 
         # Finally, check permission
-        perm = self.get_queryset().model.get_perm(perm_type)
+        model = self.get_queryset().model
+        perm = self.get_permission_for_model(model, perm_type)
         if not self.request.user.has_perm(perm, obj):
             raise PermissionDenied
diff --git a/rules/contrib/views.py b/rules/contrib/views.py
@@ -12,6 +12,8 @@
 # versions before 1.9. For usage help see Django's docs for 1.9 or later.
 from django.views.generic.edit import BaseCreateView
 
+from ..viewsets import BaseAutoPermissionMixin
+
 LoginRequiredMixin = mixins.LoginRequiredMixin
 UserPassesTestMixin = mixins.UserPassesTestMixin
 
@@ -47,7 +49,7 @@ def has_permission(self):
         return self.request.user.has_perms(perms, obj)
 
 
-class AutoPermissionRequiredMixin(PermissionRequiredMixin):
+class AutoPermissionRequiredMixin(PermissionRequiredMixin, BaseAutoPermissionMixin):
     """
     An extended variant of PermissionRequiredMixin which automatically determines
     the permission to check based on the type of view it's used with.
@@ -119,7 +121,7 @@ def get_permission_required(self):
             model = getattr(self, "model", None)
             if model is None:
                 model = self.get_queryset().model
-            perms.append(model.get_perm(perm_type))
+            perms.append(self.get_permission_for_model(model, perm_type))
 
         # If additional permissions have been defined, consider them as well
         if self.permission_required is not None:

diff --git a/rules/viewsets.py b/rules/viewsets.py
@@ -0,0 +1,5 @@
+# All auto permission mixins (both for DRF and Django views)
+# inherit from this mixin.
+class BaseAutoPermissionMixin:
+    def get_permission_for_model(self, model, perm_type):
+        return model.get_perm(perm_type)