Initial commit: standalone Django accounting API with admin JWT authorization
Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
11
accounting/permissions.py
Normal file
11
accounting/permissions.py
Normal file
@@ -0,0 +1,11 @@
|
||||
from rest_framework.permissions import BasePermission
|
||||
|
||||
|
||||
class IsAdminAccount(BasePermission):
|
||||
"""Allows access only to authenticated staff/superuser accounts."""
|
||||
|
||||
message = 'دسترسی غیرمجاز. فقط مدیران میتوانند به این بخش دسترسی داشته باشند.'
|
||||
|
||||
def has_permission(self, request, view):
|
||||
user = request.user
|
||||
return bool(user and user.is_authenticated and (user.is_staff or user.is_superuser))
|
||||
Reference in New Issue
Block a user