feat: implement pagination, add activity types and stats views; update category management and localization

2025-01-17 16:50:01 -05:00
parent 2b78021155
commit 5b4092ba6c
19 changed files with 1548 additions and 1534 deletions
--- a/backend/server/adventures/permissions.py
+++ b/backend/server/adventures/permissions.py
@@ -61,6 +61,10 @@ class IsOwnerOrSharedWithFullAccess(permissions.BasePermission):
    """

    def has_object_permission(self, request, view, obj):
+        
+        # Allow GET only for a public object
+        if request.method in permissions.SAFE_METHODS and obj.is_public:
+            return True
        # Check if the object has a collection
        if hasattr(obj, 'collection') and obj.collection:
            # Allow all actions for shared users
@@ -71,27 +75,5 @@ class IsOwnerOrSharedWithFullAccess(permissions.BasePermission):
        if request.method in permissions.SAFE_METHODS:
            return True

-        # Allow all actions for the owner
-        return obj.user_id == request.user
-
-class IsPublicOrOwnerOrSharedWithFullAccess(permissions.BasePermission):
-    """
-    Custom permission to allow:
-    - Read-only access for public objects
-    - Full access for shared users
-    - Full access for owners
-    """
-
-    def has_object_permission(self, request, view, obj):
-        # Allow read-only access for public objects
-        if obj.is_public and request.method in permissions.SAFE_METHODS:
-            return True
-
-        # Check if the object has a collection
-        if hasattr(obj, 'collection') and obj.collection:
-            # Allow all actions for shared users
-            if request.user in obj.collection.shared_with.all():
-                return True
-
        # Allow all actions for the owner
        return obj.user_id == request.user