我在我的Web应用程序中具有我的功能,其中的管理员帐户可以将验证代码设置为以下代码。现在,当执行该操作时,我似乎无法弄清楚它给我一个错误“您没有执行此操作错误的权限”的原因是什么。 -403禁止。如果您想知道我也提供的FE。谢谢。希望有帮助。
<button ng-click="main.verifyCompany(company,true)" ng-show="company.is_verified" class="btn btn-primary btn-sm">
<i class="fas fa-thumbs-up"></i> Approve
</button>
me.verifyCompany = function (company, verify) {
if (verify) {
var message = "Do you really want to activate job posting and other features for this business account?. Doing so will send an email notification."
} else {
var message = "Deactivate posting for this account?."
}
confirmSweet.ask(message).then(function (response) {
if (response) {
var filter = {}
filter.id = company.id
filter.verify = verify
AdminService.verify_company(me, filter).then(function (response) {
if (response.status == "200") {
console.log("Response", response.status)
me.get_companies()
}
})
}
});
}
class VerifyCompany(APIView):
authentication_classes = (TokenAuthentication,)
permission_classes = (IsAuthenticated,IsCompany,IsAdmin,)
def get(self, request,company_id):
data = request.data
verify = request.GET["verify"]
verify = True if verify == "true" else False
company_ins = Company.objects.get(id=company_id)
company_ins.is_verified = verify
company_ins.save()
data = {}
data["email"] = company_ins.user.email
print("Ang response data")
if verify:
email_ins = Email()
c_task.delay(email_ins.verification_business_success, data)
return Response("Company status has been updated.", status=status.HTTP_200_OK)
答案 0 :(得分:1)
通常,当权限检查失败时,将返回“ 403 Forbidden”或“ 401 Unauthorized”。 那么在这种情况下,您应该检查
Token permissions列表例如, 假设用户是 John 并且您已在“查看”中设置了以下权限
permission_classes = (IsAuthenticated,IsCompany,IsAdmin,)
然后john必须是用户类型company和admin