This is an Authorization class for Tastypie v0.9.11 (v0.9.12 changes how Authorization works).
DjangoAuthorization checks specific permissions — add_model
, change_model
, delete_model
, etc. If you don't need that level of permissions checking, this might be useful. It just makes sure the User is logged in. It's equivalent to the login_required
decorator.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | from tastypie.authorization import Authorization
class LoginRequiredAuthorization(Authorization):
"""
Equivalent to Django's login_required decorator
Be careful with this; it will allow DELETE and everything else.
"""
def is_authorized(self, request, object=None):
# GET is always allowed
if request.method == 'GET':
return True
return request.user.is_authenticated()
# Use like this in a ModelResource
class MyResource(ModelResource):
class Meta:
authorization = LoginRequiredAuthorization()
allowed_methods = ['get', 'post', ...] # pay attention to what you allow
|
More like this
- Template tag - list punctuation for a list of items by shapiromatron 10 months, 4 weeks ago
- JSONRequestMiddleware adds a .json() method to your HttpRequests by cdcarter 11 months ago
- Serializer factory with Django Rest Framework by julio 1 year, 5 months ago
- Image compression before saving the new model / work with JPG, PNG by Schleidens 1 year, 6 months ago
- Help text hyperlinks by sa2812 1 year, 7 months ago
Comments
Please login first before commenting.