Exemplo n.º 1
0
 def get_permissions(self):
     if self.request.method == 'DELETE':
         return [IsSuperUser()]
     elif self.request.method == 'POST':
         return [IsSuperUser()]
     else:
         return [IsAuthenticatedOrReadOnly()]
Exemplo n.º 2
0
 def has_permission(self, request, view):
     """Enable the restrived API access mode,
     which only allows authenticated users, or allow readonly access.
     """
     if settings.RESTRICT_API:
         permission = IsAuthenticated()
     else:
         permission = IsAuthenticatedOrReadOnly()
     return permission.has_permission(request, view)
Exemplo n.º 3
0
 def get_permissions(self):
     if self.request.method in (
             'POST',
             'GET',
             'PUT',
     ):
         return [IsAuthenticatedOrReadOnly()]
     elif self.request.method == 'PATCH':
         return [IsModeratorOrAdminOrAuthor()]
     elif self.request.method == 'DELETE':
         return [IsModeratorOrAdmin()]
Exemplo n.º 4
0
 def print_debug_message(self, request):
     print('============ {}: {}'.format(request.method,
                                        request.build_absolute_uri()))
     print('header  --%s--' % request.META.get('HTTP_AUTHORIZATION'))
     print('AllowAny:', AllowAny.has_permission(self, request, view))
     print('IsAuthenticatedOrReadOnly:',
           IsAuthenticatedOrReadOnly.has_permission(self, request, view))
     print('IsAuthenticated:',
           IsAuthenticated.has_permission(self, request, view))
     print('IsAdminUser:'******'request.user', request.user)
     print('request user is auth', request.user.is_authenticated)
     print('request user is staff', request.user.is_staff)
     print('request user is super', request.user.is_superuser)
Exemplo n.º 5
0
 def get_permissions(self):
     if self.action in ['create', 'update', 'destroy']:
         return [IsAdminUser()]
     return [IsAuthenticatedOrReadOnly()]
Exemplo n.º 6
0
 def get_permissions(self):
     return [IsAuthenticatedOrReadOnly()]
Exemplo n.º 7
0
    def get_permissions(self):
        if self.request.method == 'POST' or self.request.GET.get('user', None):
            return [IsAuthenticated()]

        return [IsAuthenticatedOrReadOnly()]
Exemplo n.º 8
0
    def get_permissions(self):

        if self.action == 'create' or self.action == 'update' or self.action == 'partial_update':
            return [IsAuthenticated(), IsOwnerOrReadOnly()]

        return [IsAuthenticatedOrReadOnly()]
Exemplo n.º 9
0
 def get_permissions(self):
     permissions = [IsAuthenticatedOrReadOnly()]
     if self.action in ['update', 'partial_update', 'destroy']:
         permissions += [is_author_or_admin()]
     return permissions
Exemplo n.º 10
0
 def get_permissions(self):
     if self.request.method in ('POST', ) + SAFE_METHODS:
         return [IsAuthenticatedOrReadOnly()]
     return [permission() for permission in self.permission_classes]