def change_rights(self, request, pk):
"""
Used to change a member's rights.
Only administrators can change member's rights.
Only super-administrator can change admin's rights.
If the super-administrator right is requested, then it must come from the current
super-administrator whose thus, losing his status.
If succeeded, returns HTTP_200_OK with the updated GroupMember object
"""
user = request.user
member = self.get_or_404(pk)
rights_serializer, rights = SigmaViewSet.get_deserialized(GroupMemberRightsSerializer, request.data)
if not GroupMember.model.can_change_rights(user, member, rights):
raise PermissionDenied()
if rights.is_super_administrator:
pass # TODO : de-superadminer le gars qui file ses droits
member_serializer, member = self.get_deserialized(rights, member, partial=True)
member_serializer.save()
return Response(member_serializer.data, status=status.HTTP_200_OK)
评论列表
文章目录
