Fakultas Ilmu Komputer UI

Commit df6b650b authored by Zamil Majdy's avatar Zamil Majdy
Browse files

[#140657435] [#40] [Green] Add unpushed ._. updated permission file, hehe

parent 9bc0926d
from rest_framework import permissions
from rest_framework.exceptions import APIException
from rest_framework.exceptions import PermissionDenied
from core.models import Company
from core.models import Student
......@@ -16,7 +16,7 @@ def is_admin_or_company(user):
return True
if not hasattr(user, "company") or user.company != Company.VERIFIED :
raise APIException("This account is not valid company account or has not been verified", 403)
raise PermissionDenied("This account is not valid company account or has not been verified")
return True
......@@ -55,9 +55,9 @@ class IsAdminOrStudent(permissions.BasePermission):
elif hasattr(obj, "student"):
student = obj.student
else:
raise APIException(
raise PermissionDenied(
"Checking student permission on object {} not associated with Student"
.format(type(obj.__name__)), 403
.format(type(obj.__name__))
)
return hasattr(user, "student") and user.student == student
......@@ -77,9 +77,9 @@ class IsAdminOrSupervisor(permissions.BasePermission):
elif hasattr(obj, "supervisor"):
supervisor = obj.supervisor
else:
raise APIException(
raise PermissionDenied(
"Checking supervisor permission on object {} not associated with Supervisor"
.format(type(obj.__name__)), 403
.format(type(obj.__name__))
)
return hasattr(user, "supervisor") and user.supervisor == supervisor
......@@ -99,9 +99,9 @@ class IsAdminOrCompany(permissions.BasePermission):
elif hasattr(obj, "company"):
company = obj.company
else:
raise APIException(
raise PermissionDenied(
"Checking company permission on object {} not associated with Company"
.format(type(obj.__name__)), 403
.format(type(obj.__name__))
)
return hasattr(user, "company") and user.company == company
......@@ -123,9 +123,9 @@ class IsAdminOrSupervisorOrCompanyOrSelf(permissions.IsAuthenticated):
elif hasattr(obj, "student"):
student = obj.student
else:
raise APIException(
raise PermissionDenied(
"Checking student permission on object {} not associated with Student"
.format(type(obj.__name__)), 403
.format(type(obj.__name__))
)
return hasattr(user, "student") and user.student == student
return False
......@@ -142,6 +142,6 @@ class IsAdminOrVacancyOwner(permissions.BasePermission):
if isinstance(obj, Application):
return user.company == obj.vacancy.company
else:
raise APIException(
"Checking owner permission on non-application object", 403
raise PermissionDenied(
"Checking owner permission on non-application object"
)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment