我有一个PackageKit: Applications/MyApp.app relocated to
Users/me/Projects/MyApp/Builds/MacOSX/build/Release/MyApp.app
APIView:
AmodelCreateAPIView我们所知道的class AmodelCreateAPIView(CreateAPIView):
serializer_class = AmodelSerializer
permission_classes = [TokenHasReadWriteScope, TokenHasScope]
queryset = Amodel.objects.all()
列表关系是permission_classes,我怎样才能让他们成为and?
答案 0 :(得分:1)
您可以按以下方式覆盖check_permissions()方法
尝试一下
class AmodelCreateAPIView(CreateAPIView):
serializer_class = AmodelSerializer
permission_classes = [TokenHasReadWriteScope, TokenHasScope]
queryset = Amodel.objects.all()
def check_permissions(self, request):
if not any(permission.has_permission(request, self) for permission in self.get_permissions()):
self.permission_denied(
request, message="some message"
)
Orginal Souce code of check_permissions()如
def check_permissions(self, request): """ Check if the request should be permitted. Raises an appropriate exception if the request is not permitted. """ for permission in self.get_permissions(): if not permission.has_permission(request, self): self.permission_denied( request, message=getattr(permission, 'message', None) )
答案 1 :(得分:0)
一种可能的方法是创建名为
的第三个权限类TokenHasReadWriteORTokenHasScope
并在权限类中处理它。您可以从已经获得的两个类中继承并实现“或”逻辑。
这与DRF实现某些权限的方式类似-例如 IsAuthenticatedOrReadOnly