_}dg|%dZddlmZddlmZdZGddZGddeZGd d eZGd d Z Gd dZ GddZ Gddee Z Gdde ZGddeZGddeZGddeZGddeZGddeZGd d!eZGd"d#eZd$S)%z2 Provides a set of pluggable permission policies. )Http404) exceptions)GETHEADOPTIONSc,eZdZdZdZdZdZdZdS)OperationHolderMixinc.tt||SN OperandHolderANDselfothers Y/var/www/surfInsights/venv3-11/lib/python3.11/site-packages/rest_framework/permissions.py__and__zOperationHolderMixin.__and__ sS$...c.tt||Sr r ORrs r__or__zOperationHolderMixin.__or__sRu---rc.tt||Sr r rs r__rand__zOperationHolderMixin.__rand__sS%...rc.tt||Sr rrs r__ror__zOperationHolderMixin.__ror__sR---rc,tt|Sr )SingleOperandHolderNOTrs r __invert__zOperationHolderMixin.__invert__s"3---rN)__name__ __module__ __qualname__rrrrr!rrr r s_///...///........rr ceZdZdZdZdS)rc"||_||_dSr )operator_class op1_class)rr(r)s r__init__zSingleOperandHolder.__init__s,"rcF|j|i|}||Sr )r)r()rargskwargsop1s r__call__zSingleOperandHolder.__call__!s,dnd-f--""3'''rN)r"r#r$r*r/r%rrrrs2###(((((rrc&eZdZdZdZdZdZdS)r c0||_||_||_dSr )r(r) op2_class)rr(r)r2s rr*zOperandHolder.__init__'s,""rcb|j|i|}|j|i|}|||Sr )r)r2r()rr,r-r.op2s rr/zOperandHolder.__call__,sDdnd-f--dnd-f--""3,,,rct|to/|j|jko|j|jko|j|jkSr ) isinstancer r(r)r2rs r__eq__zOperandHolder.__eq__1sK um , , .  5#7 7 . Neo - . Neo -  rcDt|j|j|jfSr )hashr(r)r2r s r__hash__zOperandHolder.__hash__9sT($.$.IJJJrN)r"r#r$r*r/r7r:r%rrr r &sU### ---    KKKKKrr c eZdZdZdZdZdS)rc"||_||_dSr r.r4rr.r4s rr*z AND.__init__>rcn|j||o|j||Sr r.has_permissionr4rrequestviews rrBzAND.has_permissionB6 H # #GT 2 2 3 H # #GT 2 2 rcr|j|||o|j|||Sr )r.has_object_permissionr4rrDrEobjs rrHzAND.has_object_permissionHs: H * *7D# > > ? H * *7D# > > rNr"r#r$r*rBrHr%rrrr=sA        rrc eZdZdZdZdZdS)rc"||_||_dSr r=r>s rr*z OR.__init__Pr?rcn|j||p|j||Sr rArCs rrBzOR.has_permissionTrFrc|j||o|j|||p6|j||o|j|||Sr )r.rBrHr4rIs rrHzOR.has_object_permissionZsr H # #GT 2 2 C..wcBB  H # #GT 2 2 C..wcBB  rNrKr%rrrrOsA        rrc eZdZdZdZdZdS)rc||_dSr )r.)rr.s rr*z NOT.__init__es rc:|j|| Sr )r.rBrCs rrBzNOT.has_permissionhs8**7D9999rc<|j||| Sr )r.rHrIs rrHzNOT.has_object_permissionks811'4EEEErNrKr%rrrrdsF:::FFFFFrrceZdZdS)BasePermissionMetaclassN)r"r#r$r%rrrUrUosDrrUceZdZdZdZdZdS)BasePermissionzH A base class from which all permission classes should inherit. cdSzL Return `True` if permission is granted, `False` otherwise. Tr%rCs rrBzBasePermission.has_permissionx trcdSrYr%rIs rrHz$BasePermission.has_object_permission~rZrN)r"r#r$__doc__rBrHr%rrrWrWss< rrW) metaclassceZdZdZdZdS)AllowAnyz Allow any access. This isn't strictly required, since you could use an empty permission_classes list, but it's useful because it makes the intention more explicit. cdS)NTr%rCs rrBzAllowAny.has_permissionstrNr"r#r$r\rBr%rrr_r_s-rr_ceZdZdZdZdS)IsAuthenticatedz4 Allows access only to authenticated users. cBt|jo |jjSr )booluseris_authenticatedrCs rrBzIsAuthenticated.has_permissionsGLBW\%BCCCrNrar%rrrcrcs2DDDDDrrcceZdZdZdZdS) IsAdminUserz, Allows access only to admin users. cBt|jo |jjSr )rerfis_staffrCs rrBzIsAdminUser.has_permissionsGL:W\%:;;;rNrar%rrriris-<<<<zCDjangoModelPermissions.get_required_permissions..AAA$v AAAr_metar}r~ perms_maprMethodNotAllowedrro model_clsr-s @rget_required_permissionsz/DjangoModelPermissions.get_required_permissionssb #2#/4    ' '-f55 5AAAA$.*@AAAArc>t|ds8t|dd'Jd|jjt|dr?|}|'Jd|jj|S|jS)N get_querysetquerysetz[Cannot apply {} on a view that does not set `.queryset` or have a `.get_queryset()` method.z{}.get_queryset() returned None)hasattrgetattrformat __class__r"rr)rrErs r _querysetz DjangoModelPermissions._querysetst^,, *tZ..:: > &( ) );:: 4 ( ( ((**H''1889PQQ(''O}rc|jr|jjs |jrdSt|ddrdS||}||j|j}|j|S)NF_ignore_model_permissionsT) rfrgauthenticated_users_onlyrrrromodel has_perms)rrDrErpermss rrBz%DjangoModelPermissions.has_permissions| |, 151N 5 44e < < 4>>$''--gnhnMM|%%e,,,rN) r"r#r$r\rrrrrBr%rrrrrrs  34567889I $ B B B    - - - - -rrrceZdZdZdZdS)$DjangoModelPermissionsOrAnonReadOnlyzj Similar to DjangoModelPermissions, except that anonymous users are allowed read-only access. FN)r"r#r$r\rr%rrrrs" %rrc:eZdZdZgggdgdgdgdgdZdZdZdS) DjangoObjectPermissionsa The request is authenticated using Django's object-level permissions. It requires an object-permissions-enabled backend, such as Django Guardian. It ensures that the user is authenticated, and has the appropriate `add`/`change`/`delete` permissions on the object using .has_perms. This permission can only be applied against view classes that provide a `.queryset` attribute. rsrtrurvc|jj|jjd||jvrt j|fd|j|DS)Nr|cg|]}|zSr%r%rs rrzKDjangoObjectPermissions.get_required_object_permissions..rrrrs @rget_required_object_permissionsz7DjangoObjectPermissions.get_required_object_permissionss`"2#/4    ' '-f55 5AAAA$.*@AAAArcB||}|j}|j}||j|}|||sJ|jt vrt|d|}|||stdSdS)NrFT)rrrfrrorrpr) rrDrErJrrrfr read_permss rrHz-DjangoObjectPermissions.has_object_permission!s>>$''N |44W^YOO~~eS))  ~-- ==eYOOJ>>*c22  5trN)r"r#r$r\rrrHr%rrrrsn  34567889I B B BrrN)r\ django.httprrest_frameworkrrpr rr rrrtyperUrWr_rcrirmrrrrr%rrrs %%%%%%) ........"(((((.(((KKKKK(KKK.        $        *FFFFFFFF     2D   6$     ~   DDDDDnDDD<<<<<.<<<          F-F-F-F-F-^F-F-F-R%%%%%+A%%%99999499999r