From bb1bf58a689d1cb151fc2c5287ee0a02a68751e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bodor=20M=C3=A1t=C3=A9?= <bmate711@gmail.com>
Date: Thu, 25 Jan 2018 18:24:26 +0100
Subject: [PATCH] update permissions and views
---
src/homework/permissions.py | 13 +++++++++----
src/homework/views.py | 4 ++--
2 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/src/homework/permissions.py b/src/homework/permissions.py
index 762faed..a8d1ae6 100644
--- a/src/homework/permissions.py
+++ b/src/homework/permissions.py
@@ -30,8 +30,13 @@ class IsAuthenticatedOrReadOnly(BasePermission):
class IsStaffOrReadOnlyForAuthenticated(BasePermission):
- def has_object_permission(self, request, view, obj):
- return (request.user.is_staff or
- request.method in SAFE_METHODS and
- request.user.is_authenticated
+ """
+ The request is authenticated as a staff, or is a read-only request for authenticated.
+ """
+
+ def has_object_permission(self, request, view):
+ return (
+ request.user.is_staff or
+ request.method in SAFE_METHODS and
+ request.user.is_authenticated
)
diff --git a/src/homework/views.py b/src/homework/views.py
index 2d0344b..005d453 100644
--- a/src/homework/views.py
+++ b/src/homework/views.py
@@ -11,13 +11,13 @@ from rest_framework import status
class TasksViewSet(viewsets.ModelViewSet):
serializer_class = serializers.TaskSerializer
queryset = models.Task.objects.all()
- permission_classes = (permissions.IsStaffOrReadOnly, )
+ permission_classes = (permissions.IsStaffOrReadOnlyForAuthenticated, )
class SolutionViewSet(viewsets.ModelViewSet):
serializer_class = serializers.SolutionSerializer
queryset = models.Solution.objects.all()
- permission_classes = (permissions.SolutionPermission, )
+ permission_classes = (permissions.IsStaffOrReadOnlyForAuthenticated, )
def create(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
--
GitLab