from rest_framework.exceptions import PermissionDenied def admin_only(request): if not request.user.is_staff: raise PermissionDenied('You do not have permission to access this page.') else: # continue with the request
from rest_framework.views import APIView from rest_framework.exceptions import PermissionDenied class PrivateView(APIView): def get(self, request): if not request.user.is_authenticated: raise PermissionDenied('You must be logged in to access this page.') else: # continue with the requestIn this example, the PrivateView class checks if the user making the request is authenticated. If they are not, a PermissionDenied exception is raised with an error message.