Coverage for backend/django/Economics/shared/access.py: 100%
10 statements
« prev ^ index » next coverage.py v7.10.7, created at 2026-06-23 21:51 +0000
1from rest_framework.exceptions import PermissionDenied
3from core.managers import has_flowsheet_write_access
4from core.validation import get_current_flowsheet
7def _has_write_access(user) -> bool:
8 """Return whether the active request user can mutate the current flowsheet."""
9 context = get_current_flowsheet() or {}
10 flowsheet_id = context.get("flowsheet")
11 return flowsheet_id is not None and has_flowsheet_write_access(user, int(flowsheet_id))
14def _require_write_access(user) -> None:
15 """Custom economics actions mutate backend-owned rows, so they must opt into write checks."""
16 if not _has_write_access(user):
17 raise PermissionDenied("This flowsheet is shared with read-only access.")