Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
BasePermission, IsAuthenticated as rf_IsAuthenticated, IsAdminUser, )
""" Permission to make a viewset readonly unless the request user is a member of the DRI group. """
return self.has_permission(request, view)
return True else:
""" Permission that checks that the requester is the owner of the object.
The object must have an owner field that corresponds to a user, or the object must be the user itself. """
# For the user model
""" Permission that checks that the requester is a follower of the object (a list of universities).
The object must have a "followers" field that corresponds to a list of users. """
return obj.followers.filter(pk=request.user.pk).exists()
""" Permission that checks that the object is public.
The object must have a "is_public" field. """
return obj.is_public
""" Permission to prevent the use of the DELETE method. """
return self.has_permission(request, view)
""" Permission to disallow POST request """
return self.has_permission(request, view)
""" Permission to make a viewset read-only. """
""" We absolutely need this one since it is used with "OR". If we don't put it, the IsOwner Or ReadOnly would pass the the has_permission on IsOwner and then the has_object_permission on Read_only. """
|