def get_permissions(self): if self.request.method == 'GET': return IsAuthenticated(), elif self.request.user.role == 1: return IsAuthenticated(), else: return IsAdminUser(),
def get_permissions(self): """Получение прав для действий.""" if self.action in ["update", "partial_update", "destroy"]: return [IsAuthenticated(), IsOwner()] or [IsAdmin()] elif self.action in ["create", "add_to_favourites", "remove_from_favorites"]: return [IsAuthenticated()] return []
def get_permissions(self): if self.request.method == 'GET': # check user is in group 1 (User) if User.objects.filter(username=self.request.user.username, groups=(1, )): return IsAuthenticated(), IsOwner(), return AllowAny(), elif self.request.method == 'PUT': # check user is in group 1 (User) if User.objects.filter(username=self.request.user.username, groups=(1, )): return IsAuthenticated(), IsOwner(), # check user is in group 2 (Manager) elif User.objects.filter(username=self.request.user.username, groups=(2, )): return IsAuthenticated(), # admin rights return IsAdminUser(), elif self.request.method == "DELETE": # check user is in group 2 (Manager) if User.objects.filter(username=self.request.user.username, groups=(2, )): return IsAuthenticated(), # admin rights return IsAdminUser(),
def get_permissions(self): try: return [IsAuthenticated()] + [permission() for permission in \ self.permission_classes_by_action[self.action]] except KeyError: return [IsAuthenticated()] + [permission() for permission in \ self.permission_classes]
def get_permissions(self): if self.action == 'create': return [ IsAuthenticated(), ] elif self.action == 'destroy': return [IsAuthenticated(), IsAdminUser()]
def get_permissions(self): if self.action == 'retrieve': return [IsAuthenticated()] elif self.action == 'create': return [AllowAny()] elif self.action == 'updata' or 'destory': return [IsAuthenticated()] return [AllowAny()]
def get_permissions(self): """Получение прав для действий.""" if self.action == "create": return [IsAuthenticated()] elif self.action in ["partial_update", "update", 'destroy']: return [IsAuthenticated(), IsAdminUser()] else: return super(OrderViewSet, self).get_permissions()
def get_permissions(self): if self.request.user.is_anonymous: return IsAuthenticated(), if self.request.user.is_admin: return IsAuthenticated(), return IsAdminUser(),
def get_permissions(self): if self.action in [ 'retrieve', 'list', 'update', 'partial_update', 'destroy' ]: return [IsAuthenticated(), IsAdminOrOwner()] elif self.action == 'create': return [IsAuthenticated()] return []
def get_permissions(self): if self.request.method == "GET": return (IsAuthenticated(),) elif self.request.method == "PUT": # return (IsAuthenticated(), IsEventCreatorOrUserCanInvite(), IsEvedatetime.fromtimestamp(int("1284101485"))ntCreatorOrUserCanModifyEvent(),) return (IsAuthenticated(), IsEventCreatorOrUserCanInviteOrModify(),) elif self.request.method == "DELETE": return (IsAuthenticated(), IsEventCreator(),)
def get_permissions(self): if self.action == "create": return [IsAuthenticated()] if self.action == "destroy": return [IsAuthenticated(), IsModerator()] if self.action in {"update", "partial_update"}: return [IsAuthenticated(), IsModeratorOrCreator()] return super().get_permissions()
def get_permissions(self): # AllowAny() / IsAuthenticated() generate an object instance # not AllowAny / IsAuthenticated, this is just a class name if self.action == 'create': return [IsAuthenticated()] if self.action in ['destroy', 'update']: return [IsAuthenticated(), IsObjectOwner()] return [AllowAny()]
def get_permissions(self): if self.action == 'list': return [ IsAuthenticated(), ] return [ IsAuthenticated(), ]
def get_permissions(self): if self.action in ['list']: return [IsAdminUser()] elif self.action in ['list_mine', 'create']: return [IsAuthenticated()] elif self.action in ['update', 'partial_update', 'delete']: return [IsAuthenticated(), IsOwnerOrAdmin()] return super(ContentViewSet, self).get_permissions()
def get_permissions(self): if self.action in ['update', 'partial_update', 'destroy']: return [IsAdminUser()] elif self.action in ['create']: return [IsAuthenticated()] elif self.action in ['retrieve']: return [IsOwner()] elif self.action in ['list']: return [IsAuthenticated()]
def get_permissions(self): """Получение прав для действий.""" if self.action == 'create': return [ IsAuthenticated(), ] if self.action in ["destroy", "update", "partial_update"]: return [IsAuthenticated(), IsAdminOrOwner()] return []
def get_permissions(self): # To instantiate an object, parens are needed # AllowAny() / IsAuthenticated() # not just class names like AllowAny / IsAuthenticated if self.action == 'create': return [IsAuthenticated()] if self.action in ['update', 'destroy']: return [IsAuthenticated(), IsObjectOwner()] return [AllowAny()]
def get_permissions(self): # 注意要加用 AllowAny() / IsAuthenticated() 实例化出对象 # 而不是 AllowAny / IsAuthenticated 这样只是一个类名 if self.action == 'create': return [IsAuthenticated()] if self.action in ['update', 'destroy']: # note: you need to verify you have login firstly return [IsAuthenticated(), IsObjectOwner()] return [AllowAny()]
def get_permissions(self): if self.action == "create": return [IsAuthenticated()] if self.action in ["update", "destroy"]: return [IsAuthenticated(), IsObjectOwner()] return [AllowAny()]
def get_permissions(self): if self.action == "create": return [] elif self.action == "retrieve": return [ IsAuthenticated(), ] return [ IsAuthenticated(), ]
def get_permissions(self): if self.action == 'list': return [ IsAuthenticated(), IsQuanLyTaiChinh(), ] return [ IsAuthenticated(), IsQuanLyTaiChinh(), ]
def get_permissions(self): if self.action == "retrieve": return [IsAuthenticated(), ElectricityFeesIsSelf()] if self.action == "list": return [IsAuthenticated()] if self.action == "recharge_admin": return [IsAuthenticated(), UserIsSuperUser()] if self.action == "change_note": return [IsAuthenticated(), UserIsSuperUser()] return []