o "7h|%@sdZddlmZddlmZdZGdddZGdddeZGd d d eZGd d d Z Gd ddZ GdddZ Gdddee Z Gddde dZGdddeZGdddeZGdddeZGdddeZGdddeZGd d!d!eZGd"d#d#eZd$S)%z2 Provides a set of pluggable permission policies. )Http404) exceptions)GETHEADOPTIONSc@s4eZdZddZddZddZddZd d Zd S) OperationHolderMixincC tt||SN OperandHolderANDselfotherro/var/www/epreuve.sigeris.cm/public_html/epreuve/venv/lib/python3.10/site-packages/rest_framework/permissions.py__and__  zOperationHolderMixin.__and__cCrr r ORr rrr__or__rzOperationHolderMixin.__or__cC tt||Sr r r rrr__rand__rzOperationHolderMixin.__rand__cCrr rr rrr__ror__rzOperationHolderMixin.__ror__cCs tt|Sr )SingleOperandHolderNOTrrrr __invert__ zOperationHolderMixin.__invert__N)__name__ __module__ __qualname__rrrrrrrrrr s  rc@seZdZddZddZdS)rcC||_||_dSr )operator_class op1_class)rr#r$rrr__init__ zSingleOperandHolder.__init__cOs|j|i|}||Sr )r$r#)rargskwargsop1rrr__call__!s zSingleOperandHolder.__call__N)rr r!r%r*rrrrrs rc@s,eZdZddZddZddZddZd S) r cCs||_||_||_dSr )r#r$ op2_class)rr#r$r+rrrr%'s zOperandHolder.__init__cOs,|j|i|}|j|i|}|||Sr )r$r+r#)rr'r(r)op2rrrr*,s zOperandHolder.__call__cCs.t|to|j|jko|j|jko|j|jkSr ) isinstancer r#r$r+r rrr__eq__1s    zOperandHolder.__eq__cCst|j|j|jfSr )hashr#r$r+rrrr__hash__9szOperandHolder.__hash__N)rr r!r%r*r.r0rrrrr &s  r c@$eZdZddZddZddZdS)r cCr"r r)r,rr)r,rrrr%>r&z AND.__init__cCs|j||o |j||Sr r)has_permissionr,rrequestviewrrrr5B zAND.has_permissioncCs |j|||o|j|||Sr )r)has_object_permissionr,rr7r8objrrrr:HszAND.has_object_permissionNrr r!r%r5r:rrrrr = r c@r1)rcCr"r r2r3rrrr%Pr&z OR.__init__cCs|j||p |j||Sr r4r6rrrr5Tr9zOR.has_permissioncCs<|j||o|j|||p|j||o|j|||Sr )r)r5r:r,r;rrrr:Zs zOR.has_object_permissionNr=rrrrrOr>rc@r1)rcCs ||_dSr )r))rr)rrrr%erz NOT.__init__cCs|j|| Sr )r)r5r6rrrr5hszNOT.has_permissioncCs|j||| Sr )r)r:r;rrrr:kzNOT.has_object_permissionNr=rrrrrds rc@s eZdZdS)BasePermissionMetaclassN)rr r!rrrrr@osr@c@s eZdZdZddZddZdS)BasePermissionzH A base class from which all permission classes should inherit. cCdSzL Return `True` if permission is granted, `False` otherwise. Trr6rrrr5xzBasePermission.has_permissioncCrBrCrr;rrrr:~rDz$BasePermission.has_object_permissionN)rr r!__doc__r5r:rrrrrAss rA) metaclassc@eZdZdZddZdS)AllowAnyz Allow any access. This isn't strictly required, since you could use an empty permission_classes list, but it's useful because it makes the intention more explicit. cCrB)NTrr6rrrr5szAllowAny.has_permissionNrr r!rEr5rrrrrHs rHc@rG)IsAuthenticatedz4 Allows access only to authenticated users. cCt|jo|jjSr )booluseris_authenticatedr6rrrr5r?zIsAuthenticated.has_permissionNrIrrrrrJ rJc@rG) IsAdminUserz, Allows access only to admin users. cCrKr )rLrMis_staffr6rrrr5r?zIsAdminUser.has_permissionNrIrrrrrPrOrPc@rG)IsAuthenticatedOrReadOnlyzL The request is authenticated as a user, or is a read-only request. cCst|jtvp |jo |jjSr )rLmethod SAFE_METHODSrMrNr6rrrr5s  z(IsAuthenticatedOrReadOnly.has_permissionNrIrrrrrRrOrRc@sHeZdZdZgggdgdgdgdgdZdZddZd d Zd d Zd S)DjangoModelPermissionsa} The request is authenticated using `django.contrib.auth` permissions. See: https://docs.djangoproject.com/en/dev/topics/auth/#permissions It ensures that the user is authenticated, and has the appropriate `add`/`change`/`delete` permissions on the model. This permission can only be applied against view classes that provide a `.queryset` attribute. %(app_label)s.add_%(model_name)s#%(app_label)s.change_%(model_name)s#%(app_label)s.delete_%(model_name)srrrPOSTPUTPATCHDELETETc>|jj|jjd||jvrt|fdd|j|DS)z Given a model and an HTTP method, return the list of permission codes that the user is required to have.  app_label model_namecg|]}|qSrr.0permr(rr zCDjangoModelPermissions.get_required_permissions.._metar`ra perms_maprMethodNotAllowedrrS model_clsrrfrget_required_permissionss   z/DjangoModelPermissions.get_required_permissionscCsbt|dst|dddusJd|jjt|dr.|}|dus,Jd|jj|S|jS)N get_querysetquerysetz[Cannot apply {} on a view that does not set `.queryset` or have a `.get_queryset()` method.z{}.get_queryset() returned None)hasattrgetattrformat __class__rrprq)rr8rqrrr _querysets     z DjangoModelPermissions._querysetcCsN|jr |jjs |jr dSt|ddrdS||}||j|j}|j|S)NF_ignore_model_permissionsT) rMrNauthenticated_users_onlyrsrvrorSmodel has_perms)rr7r8rqpermsrrrr5s   z%DjangoModelPermissions.has_permissionN) rr r!rErkrxrorvr5rrrrrUs  rUc@seZdZdZdZdS)$DjangoModelPermissionsOrAnonReadOnlyzj Similar to DjangoModelPermissions, except that anonymous users are allowed read-only access. FN)rr r!rErxrrrrr|sr|c@s<eZdZdZgggdgdgdgdgdZddZdd Zd S) DjangoObjectPermissionsa The request is authenticated using Django's object-level permissions. It requires an object-permissions-enabled backend, such as Django Guardian. It ensures that the user is authenticated, and has the appropriate `add`/`change`/`delete` permissions on the object using .has_perms. This permission can only be applied against view classes that provide a `.queryset` attribute. rVrWrXrYcr^)Nr_crbrrrcrfrrrgrhzKDjangoObjectPermissions.get_required_object_permissions..rirmrrfrget_required_object_permissionss   z7DjangoObjectPermissions.get_required_object_permissionsc Csb||}|j}|j}||j|}|||s/|jtvrt|d|}|||s-tdSdS)NrFT)rvryrMr~rSrzrTr) rr7r8r<rqrnrMr{ read_permsrrrr:!s     z-DjangoObjectPermissions.has_object_permissionN)rr r!rErkr~r:rrrrr}s  r}N)rE django.httprrest_frameworkrrTrrr r rrtyper@rArHrJrPrRrUr|r}rrrrs&        I