Include a IsSuperUser within the permissions.py

[robotichead]

Before I start, I have read the following tickets;

• Misleading IsAdminUser signature #6497
• Suggestion for the IsAdminUser permission class naming #1701
• permissions.IsAdminUser is not valid #88

And I do agree with the outcome of these tickets. tldr;

I think it's close enough to be clear. We've not had the ticket raised before, and that class has been in place for a long time now.

We have a specific case where we only want super users to access a certain API node. We don't want "is_staff" users to access it, only "is_superusers". The fix for us at the moment is the following code;

class IsSuperUser(BasePermission):
    """
    Allows access only to super users.
    """

    def has_permission(self, request, view):
        return bool(request.user and request.user.is_superuser)

This has clearly been copied from-

django-rest-framework/rest_framework/permissions.py

Line 154 in 2ae8c11

class IsAdminUser(BasePermission):

- and modified.

Should a permission like this be included within the Django-Rest-Framework, or are we a special case?

Thank you :)

[browniebroke]

Seems slightly niche to me, and the implementation is pretty simple if one needs to implement it themselves. One the other hand, it's so simple that it's tempting to add.

At first glance, I'm on the fence... Feels a bit wrong to encourage exposing super-users / staff distinction in the APIs. I'll think about it more.