From 359fbef49420c6ed2025adf864634e07f2bb499b Mon Sep 17 00:00:00 2001 From: Nik Date: Fri, 2 Sep 2016 18:52:22 +0300 Subject: [PATCH 1/2] Add settings options to enable/disable permissions check in schema generation --- rest_framework/schemas.py | 10 ++++++---- rest_framework/settings.py | 3 +++ 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/rest_framework/schemas.py b/rest_framework/schemas.py index 1b899450f..2c5d3c5f0 100644 --- a/rest_framework/schemas.py +++ b/rest_framework/schemas.py @@ -9,6 +9,7 @@ from django.utils.encoding import force_text from rest_framework import exceptions, serializers from rest_framework.compat import coreapi, uritemplate, urlparse from rest_framework.request import clone_request +from rest_framework.settings import api_settings from rest_framework.views import APIView @@ -88,10 +89,11 @@ class SchemaGenerator(object): if request is not None: view.request = clone_request(request, method) - try: - view.check_permissions(view.request) - except exceptions.APIException: - continue + if api_settings.SCHEMA_CHECK_PERMISSIONS: + try: + view.check_permissions(view.request) + except exceptions.APIException: + continue else: view.request = None diff --git a/rest_framework/settings.py b/rest_framework/settings.py index 68c7709e8..bb2f2b766 100644 --- a/rest_framework/settings.py +++ b/rest_framework/settings.py @@ -84,6 +84,9 @@ DEFAULTS = { 'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler', 'NON_FIELD_ERRORS_KEY': 'non_field_errors', + # Schema generation + 'SCHEMA_CHECK_PERMISSIONS': True, + # Testing 'TEST_REQUEST_RENDERER_CLASSES': ( 'rest_framework.renderers.MultiPartRenderer', From 0a3e9113012494e4e10a9a89d0ab47d295eef8d0 Mon Sep 17 00:00:00 2001 From: Nik Date: Fri, 2 Sep 2016 20:05:26 +0300 Subject: [PATCH 2/2] Add check_view_permission method in schema generator instead of settings option --- rest_framework/schemas.py | 15 +++++++++------ rest_framework/settings.py | 3 --- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/rest_framework/schemas.py b/rest_framework/schemas.py index 2c5d3c5f0..903891f4b 100644 --- a/rest_framework/schemas.py +++ b/rest_framework/schemas.py @@ -9,7 +9,6 @@ from django.utils.encoding import force_text from rest_framework import exceptions, serializers from rest_framework.compat import coreapi, uritemplate, urlparse from rest_framework.request import clone_request -from rest_framework.settings import api_settings from rest_framework.views import APIView @@ -89,11 +88,8 @@ class SchemaGenerator(object): if request is not None: view.request = clone_request(request, method) - if api_settings.SCHEMA_CHECK_PERMISSIONS: - try: - view.check_permissions(view.request) - except exceptions.APIException: - continue + if not self.check_view_permission(view): + continue else: view.request = None @@ -167,6 +163,13 @@ class SchemaGenerator(object): return True + def check_view_permission(self, view): + try: + view.check_permissions(view.request) + except exceptions.APIException: + return False + return True + def get_allowed_methods(self, callback): """ Return a list of the valid HTTP methods for this endpoint. diff --git a/rest_framework/settings.py b/rest_framework/settings.py index bb2f2b766..68c7709e8 100644 --- a/rest_framework/settings.py +++ b/rest_framework/settings.py @@ -84,9 +84,6 @@ DEFAULTS = { 'EXCEPTION_HANDLER': 'rest_framework.views.exception_handler', 'NON_FIELD_ERRORS_KEY': 'non_field_errors', - # Schema generation - 'SCHEMA_CHECK_PERMISSIONS': True, - # Testing 'TEST_REQUEST_RENDERER_CLASSES': ( 'rest_framework.renderers.MultiPartRenderer',