stackoom
  简体   繁体   中英

How to write permissions in a viewset with conditional statements in DRF?

 原文  2023-01-22 13:40:20       python/ django/ django-rest-framework/ django-views/ django-permissions

Question

I have a viewset written in DRF:

class MyViewSet(ModelViewSet):
    serializer_class = MySerializer
    queryset = models.MyClass.objects.all()

    def get_serializer_class(self):
        permission = self.request.user.permission
        if permission=='owner' or permission=='admin': 
            return self.serializer_class
        else:
            return OtherSerializer

    def perform_create(self, serializer):
        permission = self.request.user.permission
        if permission=='owner' or permission=='admin': 
            serializer.save() 

        else:
            employee = models.Employee.objects.get(user=self.request.user)
            serializer.save(employee=employee)

Here, I am using the following statements in both get_serializer_class and perform_create which looks like a repetitive code:

permission = self.request.user.permission
        if permission=='owner' or permission=='admin':

Is there any way to write it once and then use it as a permission_class somehow?

1 answers

solution1
 0  2023-01-23 08:27:57

Create a Custom Permission class https://www.django-rest-framework.org/api-guide/permissions/#custom-permissions

from rest_framework.permissions import BasePermission, SAFE_METHODS
    class CustomPermission(BasePermission):
        def has_permission(self, request, view):
            if request.method in SAFE_METHODS:
                return True
            permission = self.request.user.permission
            if permission=='owner' or permission=='admin': 
                return True
            return False

in Views.py

class MyViewSet(ModelViewSet):
    serializer_class = MySerializer
    queryset = models.MyClass.objects.all()
    permission_classes = (CustomPermission,)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to apply permissions on perform_create in ViewSet DRF How to catch a request in a DRF viewset? How to set cookie on DRF viewset? drf viewset : multiple choices How to return custom messages for each functions in a DRF Viewset? How do I specify a custom lookup field for a DRF action on a viewset? DRF ViewSet operation authorization with rules How to write multiple conditional statements for loc dataframe with operators How do I correctly write a for loop with conditional if statements? DRF - Create a Viewset Mixin/Baseclass to inherit a viewset-action
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM