add permissions

codeforlife/user/permissions/__init__.py

@@ -1,2 +1,6 @@
-from .is_school_member import IsSchoolMember
-from .is_school_teacher import IsSchoolTeacher
+from .in_class import InClass
+from .in_school import InSchool
+from .is_independent import IsIndependent
+from .is_self import IsSelf
+from .is_student import IsStudent
+from .is_teacher import IsTeacher

codeforlife/user/permissions/in_class.py

@@ -0,0 +1,43 @@
+"""
+© Ocado Group
+Created on 12/12/2023 at 15:18:10(+00:00).
+"""
+
+import typing as t
+
+from rest_framework.permissions import BasePermission
+from rest_framework.request import Request
+from rest_framework.views import APIView
+
+from ..models import User
+
+
+class InClass(BasePermission):
+    """Request's user must be in a class."""
+
+    def __init__(self, class_id: t.Optional[str] = None):
+        """Initialize permission.
+
+        Args:
+            class_id: A class' ID. If None, check if user is in any class.
+                Else, check if user is in the specific class.
+        """
+
+        super().__init__()
+        self.class_id = class_id
+
+    def has_permission(self, request: Request, view: APIView):
+        user = request.user
+        if isinstance(user, User):
+            if user.teacher is not None:
+                classes = user.teacher.classes
+                if self.class_id is not None:
+                    classes = classes.filter(id=self.class_id)
+                return classes.exists()
+
+            if user.student is not None:
+                if self.class_id is None:
+                    return True
+                return user.student.klass_id == self.class_id
+
+        return False

codeforlife/user/permissions/in_school.py

@@ -0,0 +1,41 @@
+"""
+© Ocado Group
+Created on 12/12/2023 at 15:18:27(+00:00).
+"""
+
+import typing as t
+
+from rest_framework.permissions import BasePermission
+from rest_framework.request import Request
+from rest_framework.views import APIView
+
+from ..models import User
+
+
+class InSchool(BasePermission):
+    """Request's user must be in a school."""
+
+    def __init__(self, school_id: t.Optional[int] = None):
+        """Initialize permission.
+
+        Args:
+            school_id: A school's ID. If None, check if user is in any school.
+                Else, check if user is in the specific school.
+        """
+
+        super().__init__()
+        self.school_id = school_id
+
+    def has_permission(self, request: Request, view: APIView):
+        def in_school(school_id: int):
+            return self.school_id is None or self.school_id == school_id
+
+        user = request.user
+        return isinstance(user, User) and (
+            (
+                user.teacher is not None
+                and user.teacher.school_id is not None
+                and in_school(user.teacher.school_id)
+            )
+            or (user.student is not None and in_school(user.student.school_id))
+        )

codeforlife/user/permissions/is_independent.py

@@ -0,0 +1,22 @@
+"""
+© Ocado Group
+Created on 12/12/2023 at 13:55:47(+00:00).
+"""
+
+from rest_framework.permissions import BasePermission
+from rest_framework.request import Request
+from rest_framework.views import APIView
+
+from ..models import User
+
+
+class IsIndependent(BasePermission):
+    """Request's user must be independent."""
+
+    def has_permission(self, request: Request, view: APIView):
+        user = request.user
+        return (
+            isinstance(user, User)
+            and user.teacher is None
+            and user.student is None
+        )

codeforlife/user/permissions/is_self.py

@@ -0,0 +1,26 @@
+"""
+© Ocado Group
+Created on 12/12/2023 at 15:08:08(+00:00).
+"""
+
+from rest_framework.permissions import BasePermission
+from rest_framework.request import Request
+from rest_framework.views import APIView
+
+
+class IsSelf(BasePermission):
+    """Request's user must be the selected user."""
+
+    def __init__(self, keyword: str = "pk"):
+        """Initialize permission.
+
+        Args:
+            keyword: The key for the url kwargs that contains the user's primary
+                key.
+        """
+
+        super().__init__()
+        self.keyword = keyword
+
+    def has_permission(self, request: Request, view: APIView):
+        return request.user.pk == view.kwargs[self.keyword]

codeforlife/user/permissions/is_student.py

@@ -0,0 +1,35 @@
+"""
+© Ocado Group
+Created on 12/12/2023 at 13:55:40(+00:00).
+"""
+
+import typing as t
+
+from rest_framework.permissions import BasePermission
+from rest_framework.request import Request
+from rest_framework.views import APIView
+
+from ..models import User
+
+
+class IsStudent(BasePermission):
+    """Request's user must be a student."""
+
+    def __init__(self, student_id: t.Optional[int] = None):
+        """Initialize permission.
+
+        Args:
+            student_id: A student's ID. If passed, the user must be this
+                student.
+        """
+
+        super().__init__()
+        self.student_id = student_id
+
+    def has_permission(self, request: Request, view: APIView):
+        user = request.user
+        return (
+            isinstance(user, User)
+            and user.student_id is not None
+            and (self.student_id is None or user.student_id == self.student_id)
+        )

codeforlife/user/permissions/is_teacher.py

@@ -0,0 +1,35 @@
+"""
+© Ocado Group
+Created on 12/12/2023 at 13:55:22(+00:00).
+"""
+
+import typing as t
+
+from rest_framework.permissions import BasePermission
+from rest_framework.request import Request
+from rest_framework.views import APIView
+
+from ..models import User
+
+
+class IsTeacher(BasePermission):
+    """Request's user must be a teacher."""
+
+    def __init__(self, teacher_id: t.Optional[int] = None):
+        """Initialize permission.
+
+        Args:
+            teacher_id: A teacher's ID. If passed, the user must be this
+                teacher.
+        """
+
+        super().__init__()
+        self.teacher_id = teacher_id
+
+    def has_permission(self, request: Request, view: APIView):
+        user = request.user
+        return (
+            isinstance(user, User)
+            and user.teacher_id is not None
+            and (self.teacher_id is None or user.teacher_id == self.teacher_id)
+        )