akvo.rsr.project_role_auth module

class akvo.rsr.project_role_auth.ProjectRolePermissionBackend

Bases: BaseBackend

authenticate(request, **kwargs)

has_perm(user, perm, obj=None)

akvo.rsr.project_role_auth.can_own_model(permission: str, obj: Model) → bool

A simplistic check whether object ownership is important for the permission check

Just like the rest of this permission system, this method shouldn’t exist. It’s extremely simplistic in that it ignores predicate logic and just checks if “is_own”

is in the predicate.

It would just take too much time to write another hack like User.parse_permission_expression This might go wrong for complicated predicates.

akvo.rsr.project_role_auth.groups_from_permission(permission)