Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- REST_FRAMEWORK = {
- 'DEFAULT_AUTHENTICATION_CLASSES': (
- 'rest_framework.authentication.TokenAuthentication',
- 'rest_framework.authentication.BasicAuthentication',
- 'rest_framework.authentication.SessionAuthentication',
- ),
- }
- class ContactViewSet(viewsets.ModelViewSet):
- queryset = Contact.objects.all()
- serializer_class = ContactSerializer
- permission_classes = (IsAuthenticated,)
- def perform_create(self, serializer):
- serializer.save(user_id=self.request.user)
- class AdminAuthenticationPermission(permissions.BasePermission):
- ADMIN_ONLY_AUTH_CLASSES = [rest_framework.authentication.BasicAuthentication, rest_framework.authentication.SessionAuthentication]
- def has_permission(self, request, view):
- user = request.user
- if user and user.is_authenticated():
- return user.is_superuser or
- not any(isinstance(request._authenticator, x) for x in self.ADMIN_ONLY_AUTH_CLASSES)
- return False
- class ContactViewSet(viewsets.ModelViewSet):
- queryset = Contact.objects.all()
- serializer_class = ContactSerializer
- permission_classes = (IsAuthenticated, AdminAuthenticationPermission,)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement