How to set permission for own method?

A

Andrey Kovalchuk2017-09-11 14:52:47

Django

Andrey Kovalchuk, 2017-09-11 14:52:47

Good, community.
There are two methods:

def list(self, request, *args, **kwargs):
        pass

def manager_objects(self, request, *args, **kwargs):
        pass

Both of these methods are called by GET

url('^objects/(?P<user_id>\d+)$', MySuperView.as_view({'get': 'manager_objects'}), name='get_my_objects')
url(r'^all_objects/$', MySuperView.as_view({'get': 'list'})),

You need a different permission for each of them. IsAuthenticated on all_objects and AllowAny on all_objects. How to do this - I have no idea. I know how to split by http-methods, POST, GET, etc., but how within the framework of one method - xs.
Names and variables have been changed, any coincidence is accidental.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Anton Kuzmichev, 2017-09-11
@Assargin

In your special case, you can apply decoration directly in urls.py, as shown here , only the decorator will be permission_required
But in general, such an approach - to cram everything into one view and put some logic in urls.py - would be rejected :)