open-craft · ChrisChV · Mar 28, 2024
diff --git a/openedx/core/djangoapps/content_tagging/rest_api/v1/serializers.py b/openedx/core/djangoapps/content_tagging/rest_api/v1/serializers.py
@@ -10,6 +10,7 @@
     TaxonomyListQueryParamsSerializer,
     TaxonomySerializer,
 )
+from openedx_tagging.core.tagging.rules import ObjectTagPermissionItem
 
 from organizations.models import Organization
 
@@ -25,6 +26,9 @@ class TaxonomyOrgListQueryParamsSerializer(TaxonomyListQueryParamsSerializer):
         required=False,
     )
     unassigned: fields.Field = serializers.BooleanField(required=False)
+    content_id: fields.Field = serializers.CharField(
+        required=False,
+    )
 
     def validate(self, attrs: dict) -> dict:
         """
@@ -90,6 +94,18 @@ def get_all_orgs(self, obj) -> bool:
                 return True
         return False
 
+    def get_can_tag_object(self, instance) -> bool | None:
+        """
+        Returns True if the current request user may create object tags on this taxonomy and content.
+        """
+        request = self.context.get('request')
+        # We no need to validate. The validation is done on the view.
+        content_id = request.query_params.get('content_id', None)
+
+        perm_name = 'oel_tagging.can_tag_object'
+        perm_object = ObjectTagPermissionItem(taxonomy=instance, object_id=content_id)
+        return self._can(perm_name, perm_object)
+
     class Meta:
         model = TaxonomySerializer.Meta.model
         fields = TaxonomySerializer.Meta.fields + ["orgs", "all_orgs"]