def get_permissions(self): if self.request.method in permissions.SAFE_METHODS: return [permissions.AllowAny(), ] return [permissions.IsAdminUser(), ]
def get_permissions(self): if self.request.method in ['HEAD', 'OPTIONS']: return (permissions.AllowAny(), ) return (permissions.IsAuthenticated(), )
def get_permissions(self): if self.request.method in permissions.SAFE_METHODS: return permissions.AllowAny(), return permissions.IsAuthenticated(), IsAuthorOfPost(),
def get_permissions(self): # allow non-authenticated user to create via POST return (permissions.AllowAny() if self.request.method == 'POST' else IsOwnerOrReadOnly()),
def get_permissions(self): if self.action == 'my_info': return [permissions.IsAuthenticated()] elif self.detail and not self.action == 'retrieve': return [(IsUser | permissions.IsAdminUser)()] return [permissions.AllowAny()]
def get_permissions(self): if self.request.method in permissions.SAFE_METHODS: return (permissions.AllowAny(), )
def get_permissions(self): if self.request.method == "POST": return [permissions.AllowAny()] return [permissions.IsAuthenticated()]
def get_permissions(self): if self.action in ['list', 'retrieve', 'stream_video']: return (rest_permissions.AllowAny(), ) if self.action in ['update', 'create']: return (rest_permissions.IsAdminUser(), ) return (permission() for permission in self.permission_classes)
def get_permissions(self): # allow non-authenticated user to create via POST return (permissions.AllowAny() if self.request.method == 'POST' else IsStaffOrTargetUser()),
def get_permissions(self): if self.request.method == 'GET': return [permissions.AllowAny()] else: return [permissions.IsAuthenticated()]
def get_permissions(self): if self.request.method in permissions.SAFE_METHODS: return (permissions.AllowAny(),) return (permissions.IsAuthenticated(), IsOwner(),)
def get_permissions(self): if self.action == 'list': return [permissions.AllowAny()] return [permissions.IsAdminUser()]
def get_permissions(self): if self.action == 'create': return [permissions.AllowAny()] return [permissions.IsAuthenticated()]
def get_permissions(self): if self.action == 'create': return [permission() for permission in self.permission_classes] if self.action == 'update': return (IsOwnerOrReadOnly(), ) return (permissions.AllowAny(), )
def get_permissions(self): current_permissions = super().get_permissions() if self.action in ("retrieve", "list"): return [permissions.AllowAny()] return current_permissions
def get_permissions(self): if self.action == 'create': return [permissions.AllowAny()] return super().get_permissions()
def get_permissions(self): if self.request.method == 'PUT' or self.request.method == 'PATCH': return (UserPermission('can_create_dept'), ) elif self.request.method == 'GET': return (permissions.AllowAny(), ) raise MethodNotAllowed(method=self.request.method)
def get_permissions(self): if self.action in ["list", "retrieve", "search", "filter"]: return [ permissions.AllowAny(), ] return super().get_permissions()
def get_permissions(self): return (permissions.AllowAny(), )
def get_permissions(self): if self.action in ["list" , "retrieve" , "create" , "search", "filter" , "approved" , "card" , "report"]: return [permissions.AllowAny(), ] return super().get_permissions()
def get_permissions(self): if self.action in ['list', 'retrieve']: return [ permissions.AllowAny(), ] return [permissions.IsAuthenticated()]
def get_permissions(self): return (permissions.AllowAny() if self.request.method == 'POST' else IsStaffOrTargetUser()),
def get_permissions(self): if self.request.method in permissions.SAFE_METHODS or self.request.method == "POST": return permissions.AllowAny(), return permissions.IsAuthenticated(), IsAccountOwner(),
def get_permissions(self): if self.action in ('list', 'retrieve', 'get_books'): return (permissions.AllowAny(),) return (permissions.IsAdminUser(),)
def get_permission(self): if self.request.method == 'POST': return (UserPermission('can_add_copy_of_book'), ) elif self.request.method == 'GET': return (permissions.AllowAny(), ) return MethodNotAllowed(method=self.request.method)
def get_permissions(self): if self.action == "list" or self.action == "retrieve": return (permissions.AllowAny(),) if self.action == "destroy": return (permissions.IsAdminUser(),) return (permissions.IsAuthenticated(),)
def get_permissions(self): if self.request.method == 'POST': return (permissions.AllowAny(), ) return (permissions.IsAuthenticated(), )
def get_permissions(self): """覆写,以在不同的请求方法下使用不同的权限认证""" if self.action == "create": return [permissions.IsAuthenticated()] # 登录了才能发帖 return [permissions.AllowAny()] # 登不登录都能看贴
def get_permissions(self): if self.request.method == 'POST': return (permissions.AllowAny(), ) elif self.request.method == 'GET': return (UserPermission('can_get_users'), ) raise MethodNotAllowed(method=self.request.method)
def get_permissions(self): if settings.WALDUR_MARKETPLACE['ANONYMOUS_USER_CAN_VIEW_OFFERINGS']: return [rf_permissions.AllowAny()] else: return super(PublicViewsetMixin, self).get_permissions()