def get(self, request, company_id):
"""
Handling GET method.
:args
request: Request to View.
company_id: id of company to be returned.
:return: HttpResponse with company fields and values by id.
If user is not superuser and tries to get acces into foreign company
returns HttpResponseBadRequest with 'Permission denied' massage.
"""
company_id = int(company_id)
if (not request.user.is_superuser) and (company_id !=
request.user.adviseruser.id_company.id):
return HttpResponseBadRequest("Permission denied")
data = {"company" : model_to_dict(Company.get_company(company_id)),
"users" : Company.get_company(company_id).get_users()}
return HttpResponse(json.dumps(data))
评论列表
文章目录
