minor: permissions update

2021-02-22 14:49:11 +00:00 · 2021-02-22 14:49:11 +00:00 · 026e13eb59
commit 026e13eb59
parent e6b20e2bbc
3 changed files with 23 additions and 37 deletions
--- a/djangoldp_notification/migrations/0011_auto_20210218_1145.py
+++ b/djangoldp_notification/migrations/0011_auto_20210218_1145.py
@ -0,0 +1,21 @@
+# Generated by Django 2.2.18 on 2021-02-18 10:45
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('djangoldp_notification', '0010_notificationsetting'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='notification',
+            options={'default_permissions': ['add', 'change', 'delete', 'view', 'control'], 'ordering': ['-date']},
+        ),
+        migrations.AlterModelOptions(
+            name='subscription',
+            options={'default_permissions': ['add', 'change', 'delete', 'view', 'control']},
+        ),
+    ]
--- a/djangoldp_notification/permissions.py
+++ b/djangoldp_notification/permissions.py
@ -8,41 +8,6 @@ from rest_framework.reverse import reverse
 class InboxPermissions(LDPPermissions):
    filter_backends = [InboxFilterBackend]

-    def has_permission(self, request, view):
-        from djangoldp.models import Model
-
-        if self.is_a_container(request._request.path):
-            try:
-                """
-                If on nested field we use users permissions
-                """
-                obj = Model.resolve_parent(request.path)
-                model = view.parent_model
-
-                """
-                If still on nested field and request is post (/users/X/inbox/) we use notification permissions
-                """
-                if view.parent_model != view.model and request.method == 'POST':
-                    obj = None
-                    model = view.model
-            except:
-                """
-                Not on nested field we use notification permissions
-                """
-                obj = None
-                model = view.model
-        else:
-            obj = Model.resolve_id(request._request.path)
-            model = view.model
-
-        perms = self.get_permissions(request.method, model)
-
-        for perm in perms:
-            if not perm.split('.')[1].split('_')[0] in self.user_permissions(request.user, model, obj):
-                return False
-
-        return True
-

 class SubscriptionsPermissions(LDPPermissions):
    filter_backends = [SubscriptionsFilterBackend]
--- a/setup.cfg
+++ b/setup.cfg
@ -10,8 +10,8 @@ license = MIT
 [options]
 packages = find:
 install_requires =
-    djangoldp~=2.0.0
-    djangoldp_account~=2.0
+    djangoldp~=2.1.0
+    djangoldp_account~=2.1

 [options.extras_require]
 include_package_data = True