Python REST_PERMS Examples

Example #1

File: resources.py Project: SanomaCZ/ella-hub

    def get_schema(self, request, **kwargs):
        """
        Overriding get_schema method because of altering resource schema
        based on user permissions.
        """
        self.method_check(request, allowed=['get'])
        self.is_authenticated(request)
        # self.is_authorized(request)
        self.throttle_check(request)
        self.log_throttled_access(request)
        schema = self.build_schema()

        allowed_methods = []
        res_model = self._meta.object_class

        for request_str, perm_str in REST_PERMS.items():
            if has_model_permission(res_model, request.user, REST_PERMS[request_str]):
                allowed_methods.append(request_str.lower())

        if not allowed_methods:
            return HttpResponseForbidden()

        schema['allowed_detail_http_methods'] = allowed_methods
        schema['allowed_list_http_methods'] = allowed_methods

        return self.create_response(request, schema)

Example #2

File: resources.py Project: SanomaCZ/ella-hub

    def _fill_fields_pemissions(self, bundle):
        resource_model = self._meta.object_class
        user = bundle.request.user

        disabled_fields = []
        read_only_fields = []
        allowed_http_methods = []

        # set allowed_http_methods also
        for request_str, perm_str in REST_PERMS.items():
            if has_model_permission(resource_model, user, REST_PERMS[request_str]):
                allowed_http_methods.append(request_str.lower())

        self._set_cached_field("allowed_http_methods", allowed_http_methods)
        self._set_cached_field("read_only_fields", read_only_fields)
        self._set_cached_field("disabled_fields", tuple(disabled_fields))