Add utility methods for views

resolwe/flow/views/utils.py

@@ -1,6 +1,6 @@
 """Resolwe views utils."""
 
-from rest_framework import exceptions
+from rest_framework import exceptions, permissions
 
 from resolwe.flow.models import Collection
 from resolwe.permissions.models import Permission
@@ -20,3 +20,35 @@ def get_collection_for_user(collection_id, user):
             raise exceptions.NotFound()
 
     return collection
+
+
+class IsStaffOrTargetUser(permissions.BasePermission):
+    """Permission class for user endpoint."""
+
+    def has_permission(self, request, view):
+        """Check if user has permission."""
+        return True
+
+    def has_object_permission(self, request, view, obj):
+        """Check if user has object permission."""
+        return request.user.is_staff or obj == request.user
+
+
+class IsSuperuserOrReadOnly(permissions.BasePermission):
+    """Superuser has permissions, otherwise only safe methods are allowed."""
+
+    def has_permission(self, request, view):
+        """Check if user has permission."""
+        return request.method in permissions.SAFE_METHODS or (
+            request.user and request.user.is_superuser
+        )
+
+
+class IsStaffOrReadOnly(permissions.BasePermission):
+    """Staff user has permissions, otherwise only safe methods are allowed."""
+
+    def has_permission(self, request, view):
+        """Check if user has permission."""
+        return request.method in permissions.SAFE_METHODS or (
+            request.user and request.user.is_staff
+        )