为什么我不能检查权限类中的条件?
class ViewUserLeaveRequest(BasePermission):
def has_permission(self, request, view):
id = view.kwargs['id']
user = User.objects.get(id = request.user.id)
print('this is user ', user)
print(id)
print(user.id)
group = list(user.groups.all())
permison = group[0].permissions.all()
if permison.get(name='can view leave request') or user.id == id:
return True
else :
return False
一切都很好,我从kwargs获取ID,并且如果用户组具有True或请求的用户ID等于kwarg中的ID,我想返回can view leave request。 / p>
跟踪路径:
Quit the server with CONTROL-C.
this is user rabin Rabin
26
26
Internal Server Error: /attend/v1/leaveRequestList/26/
Traceback (most recent call last):
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/core/handlers/exception.py", line 35, in inner
response = get_response(request)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/core/handlers/base.py", line 128, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/core/handlers/base.py", line 126, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/lib/python3.6/contextlib.py", line 52, in inner
return func(*args, **kwds)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
return view_func(*args, **kwargs)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/views/generic/base.py", line 69, in view
return self.dispatch(request, *args, **kwargs)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/rest_framework/views.py", line 495, in dispatch
response = self.handle_exception(exc)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/rest_framework/views.py", line 455, in handle_exception
self.raise_uncaught_exception(exc)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/rest_framework/views.py", line 483, in dispatch
self.initial(request, *args, **kwargs)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/rest_framework/views.py", line 401, in initial
self.check_permissions(request)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/rest_framework/views.py", line 334, in check_permissions
if not permission.has_permission(request, self):
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/attendanceregistersystem/attendance/permissions.py", line 77, in has_permission
if permison.get(name='can view leave request') or user.id == id:
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/db/models/query.py", line 403, in get
self.model._meta.object_name
django.contrib.auth.models.DoesNotExist: Permission matching query does not exist.
[21/Jan/2019 17:41:35] "GET /attend/v1/leaveRequestList/26/ HTTP/1.1" 500 129370
编辑:
try:
if permison.get(name='can view leave request') or user.id == id:
return True
except :
return False
我这样做了,但是它给了我"detail": "You do not have permission to perform this action."
如果执行以下操作,由于user.id == id是True,在这种情况下,我俩都都是26,所以我会得到相同的错误
try:
if user.id == id:
return True
except :
return False
编辑:
try:
permison.get(name='can view leave request') or user.id == id
return True
except :
return False
答案 0 :(得分:0)
ViewUserLeaveRequest(BasePermission)类:
a2 %>%
mutate_all(list(y = ~ ./10))
对不起,如果出现缩进错误,希望您能够修复它们