我在views.py中有以下内容,
from webapi.models import members
from rest_framework import permissions
from webapi.serializers import MemberSerializer
from rest_framework import generics
class MemberList(generics.ListAPIView):
queryset = members.objects.all()
serializer_class = MemberSerializer
permission_class = (permissions.IsAuthenticated,)
class MemberCreate(generics.CreateAPIView):
queryset = members.objects.all()
serializer_class = MemberSerializer
permission_class = (permissions.IsAdminUser,)
def perform_create(self, serializer):
serializer.save(owner=self.request.user)
在上面的IsAuthenticated工作正常,但是当我对MemberCreate类使用“permissions.IsAdminUser”时,它也允许管理员用户也不能创建项目。
根据问题“Django rest_framework IsAdminUser not behaving”我甚至尝试在settings.py中添加以下内容,但仍未覆盖,
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
)
}
无论是否在settings.py中添加或不添加REST_FRAMEWORK,IsAdminUser权限都不起作用。
答案 0 :(得分:3)
问题在于permission_class
它将是
permission_classes = (permissions.IsAdminUser, )
# ^^^^^