/
incident.py
51 lines (41 loc) · 1.76 KB
/
incident.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
from rest_framework.exceptions import PermissionDenied
from rest_framework.request import Request
from sentry import features
from sentry.api.bases.organization import OrganizationEndpoint, OrganizationPermission
from sentry.api.exceptions import ResourceDoesNotExist
from sentry.incidents.models.incident import Incident
class IncidentPermission(OrganizationPermission):
scope_map = {
"GET": [
"org:read",
"org:write",
"org:admin",
"project:read",
"project:write",
"project:admin",
],
"POST": ["org:write", "org:admin", "project:read", "project:write", "project:admin"],
"PUT": ["org:write", "org:admin", "project:read", "project:write", "project:admin"],
"DELETE": ["org:write", "org:admin", "project:read", "project:write", "project:admin"],
}
class IncidentEndpoint(OrganizationEndpoint):
def convert_args(self, request: Request, incident_identifier, *args, **kwargs):
args, kwargs = super().convert_args(request, *args, **kwargs)
organization = kwargs["organization"]
if not features.has("organizations:incidents", organization, actor=request.user):
raise ResourceDoesNotExist
if not incident_identifier.isdigit():
raise ResourceDoesNotExist
try:
incident = kwargs["incident"] = Incident.objects.get(
organization=organization, identifier=incident_identifier
)
except Incident.DoesNotExist:
raise ResourceDoesNotExist
if not any(
project
for project in incident.projects.all()
if request.access.has_project_access(project)
):
raise PermissionDenied
return args, kwargs