Use view permission for GET requests in DRF
This commit is contained in:
parent
245e946fc2
commit
d1d7161fd7
10
cmsmanage/drf_permissions.py
Normal file
10
cmsmanage/drf_permissions.py
Normal file
@ -0,0 +1,10 @@
|
||||
import copy
|
||||
|
||||
from rest_framework.permissions import DjangoModelPermissions
|
||||
|
||||
|
||||
class DjangoModelPermissionsWithView(DjangoModelPermissions):
|
||||
def __init__(self):
|
||||
super().__init__()
|
||||
self.perms_map = copy.deepcopy(self.perms_map)
|
||||
self.perms_map["GET"] = ["%(app_label)s.view_%(model_name)s"]
|
@ -100,7 +100,9 @@ WIKI_URL = "https://wiki.claremontmakerspace.org"
|
||||
# Django Rest Framework
|
||||
REST_FRAMEWORK = {
|
||||
# Use Django's standard `django.contrib.auth` permissions
|
||||
"DEFAULT_PERMISSION_CLASSES": ["rest_framework.permissions.DjangoModelPermissions"],
|
||||
"DEFAULT_PERMISSION_CLASSES": [
|
||||
"cmsmanage.drf_permissions.DjangoModelPermissionsWithView"
|
||||
],
|
||||
"DEFAULT_AUTHENTICATION_CLASSES": [
|
||||
"rest_framework.authentication.SessionAuthentication",
|
||||
"rest_framework.authentication.TokenAuthentication",
|
||||
|
Loading…
Reference in New Issue
Block a user