23 lines
808 B
Python
23 lines
808 B
Python
from rest_framework import permissions
|
|
from apps.workspaces.models import WorkspaceMembership
|
|
|
|
|
|
class IsClientWorkspaceMember(permissions.BasePermission):
|
|
"""
|
|
Allows access only to users who are active members of the workspace associated with the client.
|
|
"""
|
|
message = "شما عضو فضای کاری این مشتری نیستید."
|
|
|
|
def has_object_permission(self, request, view, obj):
|
|
"""
|
|
Validates if the user exists in the workspace memberships for the requested client's workspace.
|
|
"""
|
|
if not request.user.is_authenticated:
|
|
return False
|
|
|
|
return WorkspaceMembership.objects.filter(
|
|
workspace=obj.workspace,
|
|
user=request.user,
|
|
is_active=True
|
|
).exists()
|