OpenSlides/openslides/agenda/access_permissions.py
Norman Jäckel 132c6e81ec Forwarding JSON instead of Django model instances to autoupdate loop.
- Used raw SQL for createing default projector during inital migration.
- Removed default_password and hidden agenda items from autoupdate data for some users.
- Removed old get_collection_and_id_from_url() function.
2016-03-06 14:24:53 +01:00

34 lines
949 B
Python

from ..utils.access_permissions import BaseAccessPermissions
class ItemAccessPermissions(BaseAccessPermissions):
"""
Access permissions container for Item and ItemViewSet.
"""
def can_retrieve(self, user):
"""
Returns True if the user has read access model instances.
"""
return user.has_perm('agenda.can_see')
def get_serializer_class(self, user=None):
"""
Returns serializer class.
"""
from .serializers import ItemSerializer
return ItemSerializer
def get_restricted_data(self, full_data, user):
"""
Returns the restricted serialized data for the instance prepared
for the user.
"""
if (self.can_retrieve(user) and
(not full_data['is_hidden'] or
user.has_perm('agenda.can_see_hidden_items'))):
data = full_data
else:
data = None
return data