def get_permissions(self): if self.request.method in permissions.SAFE_METHODS: return (permissions.AllowAny(), ) if self.request.method == "POST": return (permissions.IsAdminUser(), ) return (permissions.IsAuthenticated(), )
def get_permissions(self): # Prevent rest_framework from checking for the "view" perm. return (permissions.IsAuthenticated(), )
def has_permission(self, request, view): perms = [HasAPIKey(), permissions.IsAuthenticated()] return any(perm.has_permission(request, view) for perm in perms)
def get_permissions(self): return [permissions.IsAuthenticated(), IsOwnerOrReadOnly()]
def get_permissions(self): if self.action == 'create': return [ permissions.IsAuthenticated(), ] return []
def get_permissions(self): if self.action in ('list', 'retrieve', 'create'): return [permissions.IsAuthenticated(), UserIsMemberInProject()] if self.action in ('update', 'partial_update', 'destroy'): return [permissions.IsAuthenticated(), UserIsOwnerOrManager()] return [permissions.IsAuthenticated(), UserIsOwnerOrManager()]
def get_permissions(self): perms = [permissions.IsAuthenticated()] return perms
def get_permissions(self): return (permissions.IsAuthenticated(), IsCommentOwner())
def get_permissions(self): if self.action in ("create", "retrieve", "list"): return [] return [permissions.IsAuthenticated()]
def get_permissions(self): if self.request.method == "GET": return [permissions.IsAuthenticated()] else: return [permissions.IsAuthenticated(), IsLeaderOrSuperUser()]
def get_permissions(self): ''' response = requests.get(myurl, headers={'Authorization': 'Token {}'.format(mytoken)}) ''' return (permissions.IsAuthenticated()),
def get_permissions(self): if self.request.method in ['PUT', 'DELETE']: return [permissions.IsAdminUser()] return [permissions.IsAuthenticated()]
def get_permissions(self): if self.action == 'retrieve': return [permissions.IsAuthenticated()] elif self.action == 'create': return [permissions.AllowAny()] return [permissions.AllowAny()]
def get_permissions(self): # viewset ==> self.action. if self.request.method == "POST": return (permissions.IsAuthenticated(), ModelPermission()) else: return (permissions.IsAuthenticated(), )
def get_permissions(self): permission_classes = super().get_permissions() permission_classes.append(permissions.IsAuthenticated()) return permission_classes
def get_permissions(self): # allow non-authenticated user to create via POST return (permissions.AllowAny() if self.request.method == 'POST' else permissions.IsAuthenticated()),
def has_permission(self, request, view): is_authenticated = permissions.IsAuthenticated().has_permission( request, view) has_scope_if_needed = WeakTokenHasReadWriteScope().has_permission( request, view) return (is_authenticated and has_scope_if_needed)
def get_permissions(self): if self.action == "retrieve" or self.action == 'update' or self.action == 'partial_update': return [permissions.IsAuthenticated()] elif self.action == "create": return [] return []
def get_permissions(self): # incomplete implementation here; see also #post(). perms = [permissions.IsAuthenticated(), ] return perms
def get_permissions(self): if self.action in ('create', 'destroy', 'update', 'partial_update'): return [permissions.IsAuthenticated()] return []
def get_permissions(self): if self.action == "retrieve": return [permissions.IsAuthenticated()] elif self.action == "create": return [] return []
def get_permissions(self): return (permissions.IsAuthenticated(), IsAccountAdmin(),)
def get_permissions(self): return (permissions.IsAuthenticated(), )
def has_permission(self, request, view): if request.method in permissions.SAFE_METHODS: return permissions.IsAuthenticated().has_permission(request, view) return permissions.IsAdminUser().has_permission(request, view)
def get_permissions(self): # if self.action == "list" or self.action == "retrieve": # return [] return [ permissions.IsAuthenticated(), ]
def get_permissions(self): if self.request.method == 'POST': return (permissions.IsAuthenticated(), ) return list()
def get_permissions(self): if self.request.method in permissions.SAFE_METHODS: return (permissions.AllowAny(),) return (permissions.IsAuthenticated(), IsAuthorOfPost(),)
def get_permissions(self): return super().get_permissions() + [ drf_permissions.IsAuthenticated(), permissions.RestrictUnsafeOnCloudDeployments() ]
def get_permissions(self): if (self.request.method == 'GET'): return [permissions.AllowAny()] return [permissions.IsAuthenticated()]
def get_permissions(self): if self.action in ['list', 'retrieve']: return [permissions.AllowAny()] return [permissions.IsAuthenticated()]