[#140657435] [#40] [Green] Add unpushed ._. updated permission file, hehe

df6b650b · Zamil Majdy · 9bc0926d · df6b650b
Commit df6b650b authored May 04, 2017 by Zamil Majdy
--- a/core/lib/permissions.py
+++ b/core/lib/permissions.py
 from rest_framework import permissions
-from rest_framework.exceptions import APIException
+from rest_framework.exceptions import PermissionDenied

 from core.models import Company
 from core.models import Student
@@ -16,7 +16,7 @@ def is_admin_or_company(user):
        return True

    if not hasattr(user, "company") or user.company != Company.VERIFIED :
-        raise APIException("This account is not valid company account or has not been verified", 403)
+        raise PermissionDenied("This account is not valid company account or has not been verified")

    return True

@@ -55,9 +55,9 @@ class IsAdminOrStudent(permissions.BasePermission):
        elif hasattr(obj, "student"):
            student = obj.student
        else:
-            raise APIException(
+            raise PermissionDenied(
                "Checking student permission on object {} not associated with Student"
-                    .format(type(obj.__name__)), 403
+                    .format(type(obj.__name__))
            )

        return hasattr(user, "student") and user.student == student
@@ -77,9 +77,9 @@ class IsAdminOrSupervisor(permissions.BasePermission):
        elif hasattr(obj, "supervisor"):
            supervisor = obj.supervisor
        else:
-            raise APIException(
+            raise PermissionDenied(
                "Checking supervisor permission on object {} not associated with Supervisor"
-                    .format(type(obj.__name__)), 403
+                    .format(type(obj.__name__))
            )

        return hasattr(user, "supervisor") and user.supervisor == supervisor
@@ -99,9 +99,9 @@ class IsAdminOrCompany(permissions.BasePermission):
        elif hasattr(obj, "company"):
            company = obj.company
        else:
-            raise APIException(
+            raise PermissionDenied(
                "Checking company permission on object {} not associated with Company"
-                    .format(type(obj.__name__)), 403
+                    .format(type(obj.__name__))
            )

        return hasattr(user, "company") and user.company == company
@@ -123,9 +123,9 @@ class IsAdminOrSupervisorOrCompanyOrSelf(permissions.IsAuthenticated):
            elif hasattr(obj, "student"):
                student = obj.student
            else:
-                raise APIException(
+                raise PermissionDenied(
                    "Checking student permission on object {} not associated with Student"
-                        .format(type(obj.__name__)), 403
+                        .format(type(obj.__name__))
                )
            return hasattr(user, "student") and user.student == student
        return False
@@ -142,6 +142,6 @@ class IsAdminOrVacancyOwner(permissions.BasePermission):
        if isinstance(obj, Application):
            return user.company == obj.vacancy.company
        else:
-            raise APIException(
-                "Checking owner permission on non-application object", 403
+            raise PermissionDenied(
+                "Checking owner permission on non-application object"
            )