Python rest_framework.permissions.IsAdminUser() Examples

The following are 10 code examples of rest_framework.permissions.IsAdminUser(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module rest_framework.permissions , or try the search function .
Example #1
Source File: user.py    From DCRM with GNU Affero General Public License v3.0 4 votes vote down vote up
def get_permissions(self):
        if self.action == 'list' or self.action == 'retrieve':
            permission_classes = [permissions.IsAuthenticated]
        else:
            permission_classes = [permissions.IsAdminUser]
        return [permission() for permission in permission_classes] 
Example #2
Source File: group.py    From DCRM with GNU Affero General Public License v3.0 4 votes vote down vote up
def get_permissions(self):
        if self.action == 'list' or self.action == 'retrieve':
            permission_classes = [permissions.IsAuthenticated]
        else:
            permission_classes = [permissions.IsAdminUser]
        return [permission() for permission in permission_classes] 
Example #3
Source File: setting.py    From DCRM with GNU Affero General Public License v3.0 4 votes vote down vote up
def get_permissions(self):
        if self.action == 'partial_update' or self.action == 'update':
            permission_classes = [permissions.IsAdminUser]
        elif self.action == 'list' or self.action == 'retrieve':
            permission_classes = [permissions.IsAuthenticated]
        else:
            permission_classes = [DenyAny]
        return [permission() for permission in permission_classes] 
Example #4
Source File: site.py    From DCRM with GNU Affero General Public License v3.0 4 votes vote down vote up
def get_permissions(self):
        if self.action == 'partial_update' or self.action == 'update':
            permission_classes = [permissions.IsAdminUser]
        elif self.action == 'list' or self.action == 'retrieve':
            permission_classes = [permissions.IsAuthenticated]
        else:
            permission_classes = [DenyAny]
        return [permission() for permission in permission_classes] 
Example #5
Source File: fermentables.py    From BrewCenterAPI with GNU General Public License v3.0 4 votes vote down vote up
def get_permissions(self):
        """Define custom permissions for different methods"""

        # at minimum require users to be authenticated
        self.permission_classes = [IsAuthenticated]
        # for PUT requests require users to be admins
        if self.request.method == 'PUT':
            self.permission_classes.append(IsAdminUser)

        return super(viewsets.ViewSet, self).get_permissions() 
Example #6
Source File: fermentables.py    From BrewCenterAPI with GNU General Public License v3.0 4 votes vote down vote up
def get_permissions(self):
        """Define custom permissions for different methods"""

        # at minimum require users to be authenticated
        self.permission_classes = [IsAuthenticated]
        # for PUT requests require users to be admins
        if self.request.method == 'PUT':
            self.permission_classes.append(IsAdminUser)

        return super(viewsets.ViewSet, self).get_permissions() 
Example #7
Source File: rest_api.py    From scirius with GNU General Public License v3.0 4 votes vote down vote up
def get_permissions(self):
        if self.request.method == 'GET':
            permission_classes = [IsAuthenticated, ]
        else:
            permission_classes = [IsAdminUser, ]

        return [permission() for permission in permission_classes] 
Example #8
Source File: views.py    From openag-device-software with GNU General Public License v3.0 4 votes vote down vote up
def create(self, request: Request) -> Response:
        """Creates a recipe."""
        self.logger.debug("Creating recipe")

        # Initialize permission classes
        permission_classes = [IsAuthenticated, IsAdminUser]

        # Get recipe json
        try:
            request_dict = request.data.dict()
            recipe_json = request_dict["json"]
        except KeyError as e:
            message = "Unable to create recipe, {} is required".format(e)
            return Response({"message": message}, 400)

        # Get recipe manager
        app_config = apps.get_app_config(APP_NAME)
        recipe_manager = app_config.coordinator.recipe

        # Create recipe
        message, status = recipe_manager.create_recipe(recipe_json)

        # Build response
        response = {"message": message}

        # Return response
        self.logger.debug("Returning response: {}".format(response))
        return Response(response, status) 
Example #9
Source File: permissions.py    From doccano with MIT License 4 votes vote down vote up
def has_permission(self, request, view):
        if request.method in SAFE_METHODS:
            return True

        return IsAdminUser().has_permission(request, view) 
Example #10
Source File: test_viewsets.py    From drf-haystack with MIT License 4 votes vote down vote up
def test_viewset_get_queryset_with_IsAdminUser_permission(self):
        from rest_framework.permissions import IsAdminUser
        setattr(self.view, "permission_classes", (IsAdminUser,))

        request = factory.get(path="/", data="", content_type="application/json")
        force_authenticate(request, user=self.user)
        response = self.view.as_view(actions={"get": "list"})(request)
        self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)

        force_authenticate(request, user=self.admin_user)
        response = self.view.as_view(actions={"get": "list"})(request)
        self.assertEqual(response.status_code, status.HTTP_200_OK)