Use view permission for GET requests in DRF
This commit is contained in:
parent
245e946fc2
commit
d1d7161fd7
10
cmsmanage/drf_permissions.py
Normal file
10
cmsmanage/drf_permissions.py
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
import copy
|
||||||
|
|
||||||
|
from rest_framework.permissions import DjangoModelPermissions
|
||||||
|
|
||||||
|
|
||||||
|
class DjangoModelPermissionsWithView(DjangoModelPermissions):
|
||||||
|
def __init__(self):
|
||||||
|
super().__init__()
|
||||||
|
self.perms_map = copy.deepcopy(self.perms_map)
|
||||||
|
self.perms_map["GET"] = ["%(app_label)s.view_%(model_name)s"]
|
@ -100,7 +100,9 @@ WIKI_URL = "https://wiki.claremontmakerspace.org"
|
|||||||
# Django Rest Framework
|
# Django Rest Framework
|
||||||
REST_FRAMEWORK = {
|
REST_FRAMEWORK = {
|
||||||
# Use Django's standard `django.contrib.auth` permissions
|
# Use Django's standard `django.contrib.auth` permissions
|
||||||
"DEFAULT_PERMISSION_CLASSES": ["rest_framework.permissions.DjangoModelPermissions"],
|
"DEFAULT_PERMISSION_CLASSES": [
|
||||||
|
"cmsmanage.drf_permissions.DjangoModelPermissionsWithView"
|
||||||
|
],
|
||||||
"DEFAULT_AUTHENTICATION_CLASSES": [
|
"DEFAULT_AUTHENTICATION_CLASSES": [
|
||||||
"rest_framework.authentication.SessionAuthentication",
|
"rest_framework.authentication.SessionAuthentication",
|
||||||
"rest_framework.authentication.TokenAuthentication",
|
"rest_framework.authentication.TokenAuthentication",
|
||||||
|
Loading…
Reference in New Issue
Block a user