Python rest_framework.exceptions.MethodNotAllowed() Examples

The following are 15 code examples of rest_framework.exceptions.MethodNotAllowed(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module rest_framework.exceptions , or try the search function .
Example #1
Source File: consumers.py    From djangochannelsrestframework with MIT License 6 votes vote down vote up
def handle_action(self, action: str, request_id: str, **kwargs):
        """
        run the action.
        """
        try:
            await self.check_permissions(action, **kwargs)

            if action not in self.available_actions:
                raise MethodNotAllowed(method=action)

            method_name = self.available_actions[action]
            method = getattr(self, method_name)

            reply = partial(self.reply, action=action, request_id=request_id)

            # the @action decorator will wrap non-async action into async ones.

            response = await method(request_id=request_id, action=action, **kwargs)

            if isinstance(response, tuple):
                data, status = response
                await reply(data=data, status=status)

        except Exception as exc:
            await self.handle_exception(exc, action=action, request_id=request_id) 
Example #2
Source File: consumers.py    From djangochannelsrestframework with MIT License 6 votes vote down vote up
def handle_action(self, action: str, request_id: str, **kwargs):
        """
        run the action.
        """
        try:
            await self.check_permissions(action, **kwargs)

            if action not in self.actions:
                raise MethodNotAllowed(method=action)

            content, status = await self.call_view(action=action, **kwargs)

            await self.reply(
                action=action, request_id=request_id, data=content, status=status
            )

        except Exception as exc:
            await self.handle_exception(exc, action=action, request_id=request_id) 
Example #3
Source File: views.py    From django-rest-framework-json-api with BSD 2-Clause "Simplified" License 6 votes vote down vote up
def post(self, request, *args, **kwargs):
        related_instance_or_manager = self.get_related_instance()

        if isinstance(related_instance_or_manager, Manager):
            related_model_class = related_instance_or_manager.model
            serializer = self.get_serializer(
                data=request.data, model_class=related_model_class, many=True
            )
            serializer.is_valid(raise_exception=True)
            if frozenset(serializer.validated_data) <= frozenset(related_instance_or_manager.all()):
                return Response(status=204)
            related_instance_or_manager.add(*serializer.validated_data)
        else:
            raise MethodNotAllowed('POST')
        result_serializer = self._instantiate_serializer(related_instance_or_manager)
        return Response(result_serializer.data) 
Example #4
Source File: views.py    From django-rest-framework-json-api with BSD 2-Clause "Simplified" License 6 votes vote down vote up
def delete(self, request, *args, **kwargs):
        related_instance_or_manager = self.get_related_instance()

        if isinstance(related_instance_or_manager, Manager):
            related_model_class = related_instance_or_manager.model
            serializer = self.get_serializer(
                data=request.data, model_class=related_model_class, many=True
            )
            serializer.is_valid(raise_exception=True)
            objects = related_instance_or_manager.all()
            if frozenset(serializer.validated_data).isdisjoint(frozenset(objects)):
                return Response(status=204)
            try:
                related_instance_or_manager.remove(*serializer.validated_data)
            except AttributeError:
                raise Conflict(
                    'This object cannot be removed from this relationship without being '
                    'added to another'
                )
        else:
            raise MethodNotAllowed('DELETE')
        result_serializer = self._instantiate_serializer(related_instance_or_manager)
        return Response(result_serializer.data) 
Example #5
Source File: uploaders.py    From django-drf-filepond with BSD 3-Clause "New" or "Revised" License 6 votes vote down vote up
def get_uploader(cls, request):
        # Process the request to identify if it's a standard upload request
        # or a request that is related to a chunked upload. Return the right
        # kind of uploader to handle this.
        if request.method == 'PATCH':
            return FilepondChunkedFileUploader()
        if request.method == 'HEAD':
            return FilepondChunkedFileUploader()
        elif request.method == 'POST':
            file_obj = cls._get_file_obj(request)
            if (file_obj == '{}' and
                    request.META.get('HTTP_UPLOAD_LENGTH', None)):

                    LOG.debug('Returning CHUNKED uploader to handle '
                              'upload request... ')
                    return FilepondChunkedFileUploader()
        else:
            raise MethodNotAllowed('%s is an invalid method type'
                                   % (request.method))

        # If we didn't identify the need for a chunked uploader in any of the
        # above tests, treat this as a standard upload
        LOG.debug('Returning STANDARD uploader to handle upload request... ')
        return FilepondStandardFileUploader() 
Example #6
Source File: permissions.py    From kpi with GNU Affero General Public License v3.0 6 votes vote down vote up
def get_required_permissions(self, method):
        """
        Given a model and an HTTP method, return the list of permission
        codes that the user is required to have.

        :param method: str. e.g. Mostly keys of `perms_map`
        :return:
        """
        app_label = self.APP_LABEL

        kwargs = {
            'app_label': app_label,
            'model_name': self.MODEL_NAME
        }

        try:
            perm_list = self.perms_map[method]
        except KeyError:
            raise exceptions.MethodNotAllowed(method)

        perms = [perm % kwargs for perm in perm_list]
        # Because `ObjectPermissionMixin.get_perms()` returns codenames only, remove the
        # `app_label` prefix before returning
        return [perm.replace("{}.".format(app_label), "") for perm in perms] 
Example #7
Source File: object_permission.py    From kpi with GNU Affero General Public License v3.0 6 votes vote down vote up
def perform_destroy(self, instance):
        # Only directly-applied permissions may be modified; forbid deleting
        # permissions inherited from ancestors
        if instance.inherited:
            raise exceptions.MethodNotAllowed(
                self.request.method,
                detail='Cannot delete inherited permissions.'
            )
        # Make sure the requesting user has the share_ permission on
        # the affected object
        with transaction.atomic():
            affected_object = instance.content_object
            codename = instance.permission.codename
            if not ObjectPermissionHelper.user_can_share(affected_object,
                                                         self.request.user,
                                                         codename):
                raise exceptions.PermissionDenied()
            instance.content_object.remove_perm(
                instance.user,
                instance.permission.codename
            ) 
Example #8
Source File: test_uploaders_base.py    From django-drf-filepond with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
def test_get_uploader_get_req(self):
        self.request.method = 'GET'
        with self.assertRaisesMessage(MethodNotAllowed,
                                      'GET is an invalid method type'):
            FilepondFileUploader.get_uploader(self.request) 
Example #9
Source File: decorators.py    From GloboNetworkAPI with Apache License 2.0 5 votes vote down vote up
def raise_exception_treat(func):
    @functools.wraps(func)
    def inner(self, request, *args, **kwargs):
        try:
            return func(self, request, *args, **kwargs)
        except ValidationError, error:
            log.error(error)
            raise rest_exceptions.ValidationExceptionJson(error)
        except (exceptions_api.APIException, exceptions_api.AuthenticationFailed,
                exceptions_api.MethodNotAllowed, exceptions_api.NotAcceptable,
                exceptions_api.NotAuthenticated, exceptions_api.ParseError,
                exceptions_api.PermissionDenied, exceptions_api.Throttled,
                exceptions_api.UnsupportedMediaType, rest_exceptions.ValidationAPIException), error:
            log.error(error)
            raise error 
Example #10
Source File: permissions.py    From adhocracy4 with GNU Affero General Public License v3.0 5 votes vote down vote up
def get_rule(self, request, model_cls, method_map):
        template = getattr(method_map, request.method)

        if not template:
            raise exceptions.MethodNotAllowed(request.method)

        return template.format(
            app_label=model_cls._meta.app_label,
            model_name=model_cls._meta.model_name
        ) 
Example #11
Source File: permissions.py    From kpi with GNU Affero General Public License v3.0 5 votes vote down vote up
def has_permission(self, request, view):
        if not request.user:
            return False
        elif request.user.is_superuser:
            return True

        parent_object = self._get_parent_object(view)

        user = request.user
        if user.is_anonymous:
            user = get_anonymous_user()

        user_permissions = self._get_user_permissions(parent_object, user)
        view_permissions = self.get_required_permissions("GET")
        can_view = set(view_permissions).issubset(user_permissions)

        try:
            required_permissions = self.get_required_permissions(request.method)
        except exceptions.MethodNotAllowed as e:
            # Only reveal the HTTP 405 if the user has view access
            if can_view:
                raise e
            else:
                raise Http404

        has_perm = set(required_permissions).issubset(user_permissions)

        if has_perm:
            # Access granted!
            return True

        if not has_perm and can_view:
            # If users are allowed to view, we want to show them HTTP 403
            return False

        # Don't reveal the existence of this object to users who do not have
        # permission to view it
        raise Http404 
Example #12
Source File: permissions.py    From Dailyfresh-B2C with Apache License 2.0 5 votes vote down vote up
def get_required_permissions(self, method, model_cls):
        """
        Given a model and an HTTP method, return the list of permission
        codes that the user is required to have.
        """
        kwargs = {
            'app_label': model_cls._meta.app_label,
            'model_name': model_cls._meta.model_name
        }

        if method not in self.perms_map:
            raise exceptions.MethodNotAllowed(method)

        return [perm % kwargs for perm in self.perms_map[method]] 
Example #13
Source File: permissions.py    From Dailyfresh-B2C with Apache License 2.0 5 votes vote down vote up
def get_required_object_permissions(self, method, model_cls):
        kwargs = {
            'app_label': model_cls._meta.app_label,
            'model_name': model_cls._meta.model_name
        }

        if method not in self.perms_map:
            raise exceptions.MethodNotAllowed(method)

        return [perm % kwargs for perm in self.perms_map[method]] 
Example #14
Source File: views.py    From Dailyfresh-B2C with Apache License 2.0 5 votes vote down vote up
def http_method_not_allowed(self, request, *args, **kwargs):
        """
        If `request.method` does not correspond to a handler method,
        determine what kind of exception to raise.
        """
        raise exceptions.MethodNotAllowed(request.method) 
Example #15
Source File: json_validate.py    From GloboNetworkAPI with Apache License 2.0 4 votes vote down vote up
def raise_json_validate(info=None):
    def raise_json_validate_inner(func):
        @wraps(func)
        def inner(self, request, *args, **kwargs):

            try:
                return func(self, request, *args, **kwargs)

            except ValidationError, error:

                msg = list()

                if error.flatten():
                    for pointer, reasons in error.flatten().items():
                        valor = resolve(
                            error[1], pointer) if pointer != '#/' else ''
                        msg.append({
                            'error_pointer': pointer,
                            'received_value': valor,
                            'error_reasons': list(reasons)
                        })
                else:
                    msg.append({
                        'error_pointer': error[0],
                        'received_value': None,
                        'error_reasons': list(error[1])
                    })
                res = {
                    'errors': msg
                }
                if info:
                    protocol = 'https' if request.is_secure() else 'http'
                    res['spec'] = '%s://%s/api/v3/help/%s/' % (
                        protocol, request.get_host(), info)
                log.error(res)
                raise rest_exceptions.ValidationExceptionJson(res)
            except exceptions_api.AuthenticationFailed, error:
                log.exception(error)
                raise error
            except exceptions_api.MethodNotAllowed, error:
                log.exception(error)
                raise error