我们从Python开源项目中,提取了以下26个代码示例,用于说明如何使用rest_framework.permissions.IsAuthenticated()。
def get_permissions(self): request = self.get_serializer_context()['request'] if self.action == 'create': self.permission_classes = (permissions.IsAuthenticated,) if self.action == 'partial_update': self.permission_classes = (permissions.IsAuthenticated, organization_permissions.OwnsOrIsOrganizationMember) if self.action == 'retrieve': self.permission_classes = () if self.action in ['invite_user', 'revoke_invite']: self.permission_classes = (permissions.IsAuthenticated, organization_permissions.OwnsOrIsOrganizationMember) if self.action == 'join': self.permission_classes = (permissions.IsAuthenticated, organization_permissions.IsInvitedToOrganization) if self.action == 'leave': self.permission_classes = (permissions.IsAuthenticated, organization_permissions.IsOrganizationMember) if self.action == 'remove_member': self.permission_classes = (permissions.IsAuthenticated, organization_permissions.OwnsOrganization) if self.action in ['bookmark', 'unbookmark', 'bookmarked']: self.permission_classes = self.get_bookmark_permissions() return super(OrganizationResourceViewSet, self).get_permissions()
def get_permissions(self): request = self.get_serializer_context()['request'] if self.action in ['list', 'partial_update']: self.permission_classes = (permissions.IsAuthenticated, ProjectApplyPermission) if self.action == 'apply': if int(get_channel_setting(request.channel, "UNAUTHENTICATED_APPLY")[0]): self.permission_classes = () else: self.permission_classes = (permissions.IsAuthenticated, ) if self.action == 'unapply': self.permission_classes = (permissions.IsAuthenticated, ) return super(ApplyResourceViewSet, self).get_permissions()
def test_permission_classes(patching, View): view = mock_view(View) current_app = patching( 'thorn.django.rest_framework.views.current_app') app = current_app() app.settings.THORN_DRF_PERMISSION_CLASSES = None assert view.permission_classes == (IsAuthenticated,) app.settings.THORN_DRF_PERMISSION_CLASSES = (303, 808) assert view.permission_classes == (303, 808)
def _permission_classes(view): perms = current_app().settings.THORN_DRF_PERMISSION_CLASSES return perms if perms is not None else (IsAuthenticated,)
def get_permissions(self): if self.request.method == 'POST': self.permission_classes = [permissions.IsAuthenticated] return super(TenantListView, self).get_permissions()
def get_bookmark_permissions(self): return (permissions.IsAuthenticated, )
def get_permissions(self): request = self.get_serializer_context()['request'] if self.action == 'create': if int(get_channel_setting(request.channel, "CAN_CREATE_PROJECTS_IN_ANY_ORGANIZATION")[0]): self.permission_classes = (permissions.IsAuthenticated, ) else: self.permission_classes = (permissions.IsAuthenticated, ProjectCreateOwnsOrIsOrganizationMember) if self.action == 'partial_update': self.permission_classes = (permissions.IsAuthenticated, ProjectRetrieveOwnsOrIsOrganizationMember) if self.action == 'retrieve': self.permission_classes = () if self.action == 'manageable': self.permission_classes = (permissions.IsAuthenticated, ) if self.action == 'close': self.permission_classes = (permissions.IsAuthenticated, ProjectRetrieveOwnsOrIsOrganizationMember) if self.action in ['bookmark', 'unbookmark', 'bookmarked']: self.permission_classes = self.get_bookmark_permissions() if self.action == 'export_applied_users': self.permission_classes = (permissions.IsAuthenticated, ProjectRetrieveOwnsOrIsOrganizationMember) return super(ProjectResourceViewSet, self).get_permissions()
def get_permissions(self): request = self.get_serializer_context()['request'] if self.action == 'create': self.permission_classes = [] elif self.action in ['current_user']: self.permission_classes = [permissions.IsAuthenticated, ] return super(UserResourceViewSet, self).get_permissions()
def get_permissions(self): if self.action in ('create',): self.permission_classes = [IsAuthenticated] return [permission() for permission in self.permission_classes] # [GET] api/shares/
def test_attrs(self): self.assertIsInstance(self.view, mixins.CreateModelMixin) self.assertIsInstance(self.view, mixins.ListModelMixin) self.assertIsInstance(self.view, mixins.UpdateModelMixin) self.assertIsInstance(self.view, mixins.RetrieveModelMixin) self.assertIsInstance(self.view, mixins.DestroyModelMixin) self.assertIsInstance(self.view, viewsets.GenericViewSet) self.assertEqual(self.view.permission_classes, (IsAuthenticated,)) self.assertEqual(self.view.serializer_class, CoinSerializer) self.assertSequenceEqual( self.view.filter_backends, (filters.DjangoFilterBackend, BitFilter)) self.assertEqual(self.view.filter_class, CoinFilter)
def get_permissions(self): """Define custom permissions for different methods""" # at minimum require users to be authenticated self.permission_classes = [IsAuthenticated] # for PUT requests require users to be admins if self.request.method == 'PUT': self.permission_classes.append(IsAdminUser) return super(viewsets.ViewSet, self).get_permissions()
def get_permissions(self): if self.request.method in permissions.SAFE_METHODS: return (permissions.AllowAny(),) if self.request.method == 'POST': return (permissions.AllowAny(),) return (permissions.IsAuthenticated(),IsAccountOwner(),)
def get_permissions(self): if self.request.method in permissions.SAFE_METHODS: return (permissions.AllowAny(),) return (permissions.IsAuthenticated(), IsAuthor(),)
def get_queryset(self): user_id = self.kwargs['userid'] sorting = self.request.query_params.get('sorting', None) if sorting == 'upvotes': return Comment.sorted_objects.upvotes().filter(author=user_id) elif sorting == 'newest': return Comment.sorted_objects.newest().filter(author=user_id) else: return Comment.sorted_objects.upvotes().filter(author=user_id) # class PostUpvoteViewSet(viewsets.ModelViewSet): # queryset = PostUpvote.objects.all() # serializer_class = PostUpvoteSerializer # # def get_permissions(self): # if self.request.method in permissions.SAFE_METHODS: # return (permissions.AllowAny(),) # return (permissions.IsAuthenticated(), IsOwner(),) # # def perform_create(self, serializer): # instance = serializer.save(voter=self.request.user) # return super(PostUpvoteViewSet, self).perform_create(serializer) # # # class CommentUpvoteViewSet(viewsets.ModelViewSet): # queryset = PostUpvote.objects.all() # serializer_class = CommentUpvoteSerializer # # def get_permissions(self): # if self.request.method in permissions.SAFE_METHODS: # return (permissions.AllowAny(),) # return (permissions.IsAuthenticated(), IsOwner(),) # # def perform_create(self, serializer): # instance = serializer.save(voter=self.request.user) # return super(PostUpvoteViewSet, self).perform_create(serializer)
def wrap_as_django_rest_framework_view(cls, *args, **kwargs): view = cls.as_view(*args, **kwargs) view = permission_classes((IsAuthenticated,))(view) view = authentication_classes(cls.get_view_authentication_classes())(view) view = api_view(['POST', 'GET'])(view) return view
def get_permissions(self): # Prevent rest_framework from checking for the "view" perm. return (permissions.IsAuthenticated(),)
def get_permissions(self): if self.action == 'retrieve': self.permission_classes = (permissions.IsAuthenticated, IsUser) return super(UserViewSet, self).get_permissions()
def as_view(cls, *args, **kwargs): view = super(DRFAuthenticatedGraphQLView, cls).as_view(*args, **kwargs) view = permission_classes((IsAuthenticated,))(view) view = authentication_classes(api_settings.DEFAULT_AUTHENTICATION_CLASSES)(view) view = api_view(['GET', 'POST'])(view) return view
def get_permissions(self): request = self.get_serializer_context()["request"] if self.action == "list": self.permission_classes = () if self.action in ["appoint", "unappoint", "appointments"]: self.permission_classes = (permissions.IsAuthenticated, ) return super(MeetingViewSet, self).get_permissions()
def get_permissions(self): if self.action == 'list' or self.action == 'create': return [permissions.IsAuthenticated(), ] if self.action == 'retrieve': return [permissions.IsAuthenticated(), UserIsMemberInProject()] if self.action in ('update', 'partial_update', 'destroy'): return [permissions.IsAuthenticated(), UserIsManagerInProject()] return [permissions.IsAuthenticated(), UserIsManagerInProject()]
def get_permissions(self): if self.action in ('list', 'retrieve', 'create'): return [permissions.IsAuthenticated(), UserIsMemberInProject()] if self.action in ('update', 'partial_update', 'destroy'): return [permissions.IsAuthenticated(), UserIsOwnerOrManager()] return [permissions.IsAuthenticated(), UserIsOwnerOrManager()]
def has_permission(self, request, view): if request.method in SAFE_METHODS and get_session_visitor_email(request): return True return IsAuthenticated().has_permission(request, view)
