Python rest_framework.permissions.IsAuthenticated() Examples

The following are 30 code examples of rest_framework.permissions.IsAuthenticated(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module rest_framework.permissions , or try the search function .
Example #1
Source File: initialize.py    From cmdb with GNU Lesser General Public License v3.0 6 votes vote down vote up
def add_viewset(table):
    data_index = table.name
    record_data_index = "{}.".format(table.name)
    deleted_data_index = "{}..".format(table.name)

    def retrieve(self, request, *args, **kwargs):
        try:
            res = es.search(index=record_data_index, doc_type="record-data", body={"query": {"term": {"S-data-id": kwargs["pk"]}}}, sort="S-update-time:desc")
        except NotFoundError as exc:
            raise exceptions.NotFound("Document {} was not found in Type data of Index {}".format(kwargs["pk"], record_data_index))
        except TransportError as exc:
            return Response([])
        return Response(res["hits"])
    viewset = type(table.name, (mixins.RetrieveModelMixin, viewsets.GenericViewSet), dict(
        permission_classes=(permissions.IsAuthenticated, ), retrieve=retrieve))
    setattr(views, table.name, viewset)
    return viewset 
Example #2
Source File: api_views.py    From djangochannel with BSD 3-Clause "New" or "Revised" License 6 votes vote down vote up
def get(self, request):
        """Get"""
        quest = Question.objects.filter(test_id=request.GET.get("pk", None)).order_by("-id")
        counter = CompleteQuestion().get_counter(request.user, request.GET.get("pk", None))
        serializer = QuestionSerializer(quest, many=True)
        return JsonResponse(serializer.data, safe=False)


# class QuestionsInTest(BlankGetAPIView):
#     """
#     Вывод вопросов в отдельном тесте,
#     параметр: pk, значение: id теста, вопросы которого нужны
#     """
#     permission_classes = [permissions.IsAuthenticated]
#     model = Question
#     serializer = QuestionSerializer
#     filter_name = 'test_id'
#     order_params = 'id' 
Example #3
Source File: test_errors.py    From drf-json-api with MIT License 6 votes vote down vote up
def test_auth_required(rf):
    class RestrictedPersonViewSet(PersonViewSet):
        permission_classes = [IsAuthenticated]

    data = dump_json({"people": {"name": "Jason Api"}})

    request = rf.post(
        reverse("person-list"), data=data,
        content_type="application/vnd.api+json")
    view = RestrictedPersonViewSet.as_view({'post': 'create'})
    response = view(request)
    response.render()

    assert response.status_code == 403, response.content
    assert not models.Person.objects.exists()

    results = {
        "errors": [{
            "status": "403",
            "title": "Authentication credentials were not provided."
        }]
    }
    assert response.content == dump_json(results) 
Example #4
Source File: views.py    From website with MIT License 5 votes vote down vote up
def get_permissions(self):
        if self.action == 'list':
            return []
        elif self.action =='retrieve':
            return []
        else:
            return [IsAuthenticated(),IsOwnerOrReadOnly()] 
Example #5
Source File: views.py    From iguana with Creative Commons Attribution Share Alike 4.0 International 5 votes vote down vote up
def get_permissions(self):
        if self.action in ('list', 'retrieve', 'create'):
            return [permissions.IsAuthenticated(), UserIsMemberInProject()]
        if self.action in ('update', 'partial_update', 'destroy'):
            return [permissions.IsAuthenticated(), UserIsOwnerOrManager()]
        return [permissions.IsAuthenticated(), UserIsOwnerOrManager()] 
Example #6
Source File: test_payment_method.py    From silver with Apache License 2.0 5 votes vote down vote up
def test_permissions(self):
        self.assertEqual(PaymentMethodList.permission_classes,
                         (permissions.IsAuthenticated,))
        self.assertEqual(PaymentMethodDetail.permission_classes,
                         (permissions.IsAuthenticated,)) 
Example #7
Source File: views.py    From Dailyfresh-B2C with Apache License 2.0 5 votes vote down vote up
def get_serializer_class(self):
        if self.action == "retrieve":
            return UserDetailSerializer
        elif self.action == "create":
            return UserRegSerializer

        return UserDetailSerializer

    # permission_classes = (permissions.IsAuthenticated, ) 
Example #8
Source File: views.py    From Dailyfresh-B2C with Apache License 2.0 5 votes vote down vote up
def get_permissions(self):
        if self.action == "retrieve":
            return [permissions.IsAuthenticated()]
        elif self.action == "create":
            return []

        return [] 
Example #9
Source File: views.py    From website with MIT License 5 votes vote down vote up
def get_permissions(self):
        if self.action == 'list':
            return []
        elif self.action == 'retrieve':
            return []
        else:
            return [IsAuthenticated(), IsOwnerOr()] 
Example #10
Source File: views.py    From website with MIT License 5 votes vote down vote up
def get_permissions(self):
        if self.action == 'list':
            return []
        elif self.action == 'retrieve':
            return []
        else:
            return [IsAuthenticated(), IsOwnerOr()] 
Example #11
Source File: views.py    From website with MIT License 5 votes vote down vote up
def get_permissions(self):
        if self.action == 'list':
            return []
        elif self.action == 'retrieve':
            return []
        else:
            return [IsAuthenticated(), IsOwnerOrReadOnly()] 
Example #12
Source File: views.py    From website with MIT License 5 votes vote down vote up
def get_permissions(self):
        if self.action=='destroy':
            return [IsAuthenticated()]
        else:
            return [] 
Example #13
Source File: views.py    From iguana with Creative Commons Attribution Share Alike 4.0 International 5 votes vote down vote up
def get_permissions(self):
        if self.action in ('list', 'retrieve', 'create'):
            return [permissions.IsAuthenticated(), UserIsMemberInProject()]
        if self.action in ('update', 'partial_update', 'destroy'):
            return [permissions.IsAuthenticated(), UserIsOwnerOrManager()]
        return [permissions.IsAuthenticated(), UserIsOwnerOrManager()] 
Example #14
Source File: views.py    From website with MIT License 5 votes vote down vote up
def get_permissions(self):
        if self.action == 'list':
            return []
        elif self.action == 'retrieve':
            return []
        else:
            return [IsAuthenticated(),IsOwnerOrReadOnly()] 
Example #15
Source File: views.py    From timestrap with BSD 2-Clause "Simplified" License 5 votes vote down vote up
def get_permissions(self):
        # Prevent rest_framework from checking for the "view" perm.
        return (permissions.IsAuthenticated(),) 
Example #16
Source File: views.py    From timestrap with BSD 2-Clause "Simplified" License 5 votes vote down vote up
def get_permissions(self):
        # Prevent rest_framework from checking for the "view" perm.
        return (permissions.IsAuthenticated(),) 
Example #17
Source File: user.py    From train-ai-with-django-swagger-jwt with Apache License 2.0 5 votes vote down vote up
def get_permissions(self):
        if self.request.method == 'POST':
            return (permissions.AllowAny(),)
        elif self.request.method == 'GET':
            return (permissions.IsAuthenticated(),)
        elif self.request.method == 'PUT':
            return (permissions.IsAuthenticated(),)
        elif self.request.method == 'DELETE':
            return (permissions.IsAuthenticated(),)

        return (permissions.IsAuthenticated(),)
    # end of get_permissions 
Example #18
Source File: ml.py    From train-ai-with-django-swagger-jwt with Apache License 2.0 5 votes vote down vote up
def get_permissions(self):
        if self.request.method == 'POST':
            return (permissions.IsAuthenticated(),)
        elif self.request.method == 'GET':
            return (permissions.IsAuthenticated(),)
        elif self.request.method == 'PUT':
            return (permissions.IsAuthenticated(),)
        elif self.request.method == 'DELETE':
            return (permissions.IsAuthenticated(),)

        return (permissions.IsAuthenticated(),)
    # end of get_permissions 
Example #19
Source File: ml.py    From train-ai-with-django-swagger-jwt with Apache License 2.0 5 votes vote down vote up
def get_permissions(self):
        if self.request.method == 'POST':
            return (permissions.IsAuthenticated(),)
        elif self.request.method == 'GET':
            return (permissions.IsAuthenticated(),)
        elif self.request.method == 'PUT':
            return (permissions.IsAuthenticated(),)
        elif self.request.method == 'DELETE':
            return (permissions.IsAuthenticated(),)

        return (permissions.IsAuthenticated(),)
    # end of get_permissions 
Example #20
Source File: ml.py    From train-ai-with-django-swagger-jwt with Apache License 2.0 5 votes vote down vote up
def get_permissions(self):
        if self.request.method == 'POST':
            return (permissions.IsAuthenticated(),)
        elif self.request.method == 'GET':
            return (permissions.IsAuthenticated(),)
        elif self.request.method == 'PUT':
            return (permissions.IsAuthenticated(),)
        elif self.request.method == 'DELETE':
            return (permissions.IsAuthenticated(),)

        return (permissions.IsAuthenticated(),)
    # end of get_permissions 
Example #21
Source File: test_viewsets.py    From drf-haystack with MIT License 5 votes vote down vote up
def test_viewset_get_queryset_with_IsAuthenticated_permission(self):
        from rest_framework.permissions import IsAuthenticated
        setattr(self.view, "permission_classes", (IsAuthenticated, ))

        request = factory.get(path="/", data="", content_type="application/json")
        response = self.view.as_view(actions={"get": "list"})(request)
        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

        force_authenticate(request, user=self.user)
        response = self.view.as_view(actions={"get": "list"})(request)
        self.assertEqual(response.status_code, status.HTTP_200_OK) 
Example #22
Source File: views.py    From opencraft with GNU Affero General Public License v3.0 5 votes vote down vote up
def get_permissions(self):
        """
        Instantiates and returns the list of permissions that this view requires.
        """
        if self.action == "create":
            # Allow any user to create an account, but limit other actions to logged-in users.
            permission_classes = [AllowAny]
        else:
            permission_classes = [IsAuthenticated]
        return [permission() for permission in permission_classes] 
Example #23
Source File: rides.py    From cride-platzi with MIT License 5 votes vote down vote up
def get_permissions(self):
        """Assign permission based on action."""
        permissions = [IsAuthenticated, IsActiveCircleMember]
        if self.action in ['update', 'partial_update', 'finish']:
            permissions.append(IsRideOwner)
        if self.action == 'join':
            permissions.append(IsNotRideOwner)
        return [p() for p in permissions] 
Example #24
Source File: memberships.py    From cride-platzi with MIT License 5 votes vote down vote up
def get_permissions(self):
        """Assign permissions based on action."""
        permissions = [IsAuthenticated]
        if self.action != 'create':
            permissions.append(IsActiveCircleMember)
        if self.action == 'invitations':
            permissions.append(IsSelfMember)
        return [p() for p in permissions] 
Example #25
Source File: circles.py    From cride-platzi with MIT License 5 votes vote down vote up
def get_permissions(self):
        """Assign permissions based on action."""
        permissions = [IsAuthenticated]
        if self.action in ['update', 'partial_update']:
            permissions.append(IsCircleAdmin)
        return [permission() for permission in permissions] 
Example #26
Source File: api.py    From karrot-backend with GNU Affero General Public License v3.0 5 votes vote down vote up
def get_permissions(self):
        if self.action == 'image':
            permission_classes = ()
        elif self.action in ('list', 'retrieve', 'conversation'):
            permission_classes = (IsAuthenticated, )
        else:
            permission_classes = (IsAuthenticated, IsOfferUser)
        return [permission() for permission in permission_classes] 
Example #27
Source File: api_views.py    From django-aws-template with MIT License 5 votes vote down vote up
def get_permissions(self):

        if self.request.method in permissions.SAFE_METHODS:
            return (permissions.IsAuthenticated(),)

        if self.request.method == 'POST':
            return (permissions.AllowAny(),)

        return (permissions.IsAuthenticated(), IsAccountOwner(),) 
Example #28
Source File: test_authentication.py    From openwisp-users with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
def test_bearer_authentication(self):
        @api_view(['GET'])
        @permission_classes([IsAuthenticated])
        @authentication_classes([BearerAuthentication])
        def my_view(request):
            return Response({})

        request = self.factory.get('/')
        response = my_view(request)
        self.assertEqual(response.status_code, 401)

        token = self._obtain_auth_token()
        request = self.factory.get('/', HTTP_AUTHORIZATION=f'Bearer {token}')
        response = my_view(request)
        self.assertEqual(response.status_code, 200) 
Example #29
Source File: views.py    From opencraft with GNU Affero General Public License v3.0 5 votes vote down vote up
def get_permissions(self):
        """
        Instantiates and returns the list of permissions that this view requires.
        """
        if self.action == "validate":
            # Allow validating instance configuration without an account
            permission_classes = [AllowAny]
        else:
            permission_classes = [IsAuthenticated]
        return [permission() for permission in permission_classes] 
Example #30
Source File: views.py    From CTF_AWD_Platform with MIT License 5 votes vote down vote up
def get_permissions(self):
        if self.action == 'create':
            return []
        elif self.action == 'update':
            return [permissions.IsAuthenticated()]
        return [permissions.IsAuthenticated()]