from rest_framework import permissions


class LoginExemptPermission(permissions.BasePermission):
    """
    Applies the DRF `IsAuthenticated` permission to all ViewSet actions except
    those defined in the ViewSet attribute `login_exempt_actions`.
    """
    def has_permission(self, request, view):
        if view.action in view.login_exempt_actions:
            return True
        return permissions.IsAuthenticated().has_permission(request, view)