我遇到一个问题,Django Rest Framework 的自定义权限系统将我的自定义权限方法视为类方法或静态方法。
在权限方法中遇到断点时:
def has_permission(self, request, view=None):
self
是请求的实例而不是权限类的实例request
是视图的实例我是否配置错误?
我用作默认权限的
IsEmailVerified
权限已经按预期工作了一个月,但是当以编程方式添加自定义权限时,我收到错误。
File "/app/api/permissions.py", line 50, in has_permission
user = request.user
^^^^^^^^^^^^
AttributeError: 'ExampleViewSet' object has no attribute 'user'
设置.py:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'api.authentication.TokenAuthentication',
),
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
'api.permissions.IsEmailVerifiedPermission',
),
. . .
}
权限.py
class IsEmailVerifiedPermission(BasePermission):
def has_permission(self, request, view=None):
return request.user.email_verified
def has_object_permission(self, request, view=None, obj=None):
return request.user.email_verified
class UserCreated(BasePermission):
def has_permission(self, request, view=None):
# While debugging the parameters don't line up:
# self is an instance of request
# request is an instance of view
# and I had to put view=None because it was crashing with missing parameter errors
def has_object_permission(self, request, view=None, obj=None):
# See above issue
class CanGloballyEdit(BasePermission):
def has_permission(self, request, view=None):
# See above issue
def has_object_permission(self, request, view=None, obj=None):
# See above issue
视图/example.py
class ExampleViewSet(viewsets.GenericViewSet):
serializer_class = ExampleSerializer
def get_permissions(self):
default_permissions = super(viewsets.GenericViewSet, self).get_permissions()
if self.action == 'list':
return [CanGloballyEdit] + default_permissions
if self.action == 'retrieve':
return [UserCreated] + default_permissions
if self.action in ('update', 'partial_update'):
return [UserCreated | CanGloballyEdit] + default_permissions
return default_permissions
在@Carcigenicate 的帮助下,我们意识到我需要为此场景提供权限类实例。
class ExampleViewSet(viewsets.GenericViewSet):
serializer_class = ExampleSerializer
def get_permissions(self):
default_permissions = super(viewsets.GenericViewSet, self).get_permissions()
if self.action == 'list':
return [CanGloballyEdit()] + default_permissions
if self.action == 'retrieve':
return [UserCreated()] + default_permissions
if self.action in ('update', 'partial_update'):
return [(UserCreated | CanGloballyEdit)()] + default_permissions
return default_permissions