From c958fa90801a05e1ac8532030d9ea2b9155923ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bodor=20M=C3=A1t=C3=A9?= <bmate711@gmail.com>
Date: Thu, 25 Jan 2018 18:15:23 +0100
Subject: [PATCH] update homework permissions and views
---
src/homework/permissions.py | 13 ++++++++-----
src/homework/views.py | 4 ++--
2 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/src/homework/permissions.py b/src/homework/permissions.py
index 762faed..7fab2c9 100644
--- a/src/homework/permissions.py
+++ b/src/homework/permissions.py
@@ -29,9 +29,12 @@ class IsAuthenticatedOrReadOnly(BasePermission):
class IsStaffOrReadOnlyForAuthenticated(BasePermission):
-
- def has_object_permission(self, request, view, obj):
- return (request.user.is_staff or
- request.method in SAFE_METHODS and
- request.user.is_authenticated
+ """
+ The request is authenticated as a staff, or is a read-only request for authenticated.
+ """
+ def has_permission(self, request, view):
+ return (
+ request.user.is_staff or
+ request.method in SAFE_METHODS and
+ request.user.is_authenticated
)
diff --git a/src/homework/views.py b/src/homework/views.py
index 2d0344b..005d453 100644
--- a/src/homework/views.py
+++ b/src/homework/views.py
@@ -11,13 +11,13 @@ from rest_framework import status
class TasksViewSet(viewsets.ModelViewSet):
serializer_class = serializers.TaskSerializer
queryset = models.Task.objects.all()
- permission_classes = (permissions.IsStaffOrReadOnly, )
+ permission_classes = (permissions.IsStaffOrReadOnlyForAuthenticated, )
class SolutionViewSet(viewsets.ModelViewSet):
serializer_class = serializers.SolutionSerializer
queryset = models.Solution.objects.all()
- permission_classes = (permissions.SolutionPermission, )
+ permission_classes = (permissions.IsStaffOrReadOnlyForAuthenticated, )
def create(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
--
GitLab