TTMK/web2.0-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added custom permission class to members rest api

Browse Source
This commit is contained in:
henu
2017-02-22 18:02:15 +02:00
parent 4beefd13a4
commit 7b486d640b
3 changed files with 24 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
members/permissions.py
+11
View File
@@ -0,0 +1,11 @@
from rest_framework import permissions
from django.contrib.auth.models import Permission, User
class HasRights(permissions.BasePermission):
message = "You need rights to access this content."
def has_permission(self, request, view):
if request.user.has_perm('members.change_member'):
return True
else:
return False
members/throttles.py
+7
View File
@@ -0,0 +1,7 @@
from rest_framework.throttling import UserRateThrottle
class BurstRateThrottle(UserRateThrottle):
scope = 'burst'
class SustainedRateThrottle(UserRateThrottle):
scope = 'sustained'
members/views.py
+6 -2
View File
@@ -16,6 +16,8 @@ from rest_framework import generics
from rest_framework import generics, status, authentication, exceptions, permissions
from rest_framework.decorators import api_view, permission_classes
from rest_framework.permissions import IsAuthenticated
from members.permissions import HasRights
from members.throttles import BurstRateThrottle, SustainedRateThrottle
# Logger function, you can use the same idea when implementing other loggers to other apps
memberlogger = logging.getLogger(__name__)
@@ -27,13 +29,15 @@ logging.basicConfig(format='[%(levelname)s]%(asctime)s %(message)s', level=setti
class MembersList(generics.ListCreateAPIView):
queryset = Member.objects.all()
serializer_class = MemberSerializer
permission_classes = (permissions.IsAuthenticated, )
permission_classes = (HasRights, permissions.IsAuthenticated, )
throttle_classes = (BurstRateThrottle, SustainedRateThrottle, )
class MemberDetails(generics.RetrieveUpdateDestroyAPIView):
queryset = Member.objects.all()
serializer_class = MemberSerializer
permission_classes = (permissions.IsAuthenticated, )
permission_classes = (HasRights, permissions.IsAuthenticated, )
throttle_classes = (BurstRateThrottle, SustainedRateThrottle, )
########################################
# function to validate reCaptcha