Johnetordoff · February 9, 2024 15:24
diff --git a/gistfile1.txt b/gistfile1.txt
 from rest_framework import (
    exceptions,
    permissions,
 )

 from addon_service.models import (
    ResourceReference,
    UserReference,
 )
 from app.authentication import authenticate_resource


 class UserReferenceIsAuthenticatedBase(permissions.BasePermission):
    """
    A permission class that ensures the user_reference_iri in the session matches
    the iri of the user associated with the user.
    """

    def has_permission(self, request, view):
        user_reference_iri = request.session.get("user_reference_iri")
        referenced_user = self.get_referenced_user(request, view)
        return user_reference_iri == referenced_user.user

    def get_referenced_user(self, request):
        try:
            return UserReference.objects.get(
                user_uri=request.session.get("user_reference_iri")
            )
        except UserReference.DoesNotExist:
            raise exceptions.NotAuthenticated()


 class BaseConfiguredStorageAddonPermission(UserReferenceIsAuthenticatedBase):
    """
    A permission class that ensures the resource_reference_iri in the session matches
    the iri of the user associated with the resource.
    """

    def get_referenced_user(self, request, view):
        if request.method == "POST" and request.data:
            resource = authenticate_resource(
                request=request,
                iri=request.data["authorized_resource"]["id"],
                required_permission="admin",
                create=True,
            )
            
            csa_with_this_resource =  resource.configured_storage_addons.filter(
                base_account__authorized_resource=resource
            )
            return csa_with_this_resource.get(owners__user_uri=request.session['user_reference_uri'])
        ... # other methods maybe class based
	from rest_framework import (
	exceptions,
	permissions,
	)

	from addon_service.models import (
	ResourceReference,
	UserReference,
	)
	from app.authentication import authenticate_resource


	class UserReferenceIsAuthenticatedBase(permissions.BasePermission):
	"""
	A permission class that ensures the user_reference_iri in the session matches
	the iri of the user associated with the user.
	"""

	def has_permission(self, request, view):
	user_reference_iri = request.session.get("user_reference_iri")
	referenced_user = self.get_referenced_user(request, view)
	return user_reference_iri == referenced_user.user

	def get_referenced_user(self, request):
	try:
	return UserReference.objects.get(
	user_uri=request.session.get("user_reference_iri")
	)
	except UserReference.DoesNotExist:
	raise exceptions.NotAuthenticated()


	class BaseConfiguredStorageAddonPermission(UserReferenceIsAuthenticatedBase):
	"""
	A permission class that ensures the resource_reference_iri in the session matches
	the iri of the user associated with the resource.
	"""

	def get_referenced_user(self, request, view):
	if request.method == "POST" and request.data:
	resource = authenticate_resource(
	request=request,
	iri=request.data["authorized_resource"]["id"],
	required_permission="admin",
	create=True,
	)

	csa_with_this_resource = resource.configured_storage_addons.filter(
	base_account__authorized_resource=resource
	)
	return csa_with_this_resource.get(owners__user_uri=request.session['user_reference_uri'])
	... # other methods maybe class based