Removed deprecated '.model' attribute check

2024-11-10 19:56:59 +03:00 · 2015-04-12 17:12:01 +02:00 · 2015-04-12 17:12:01 +02:00 · 1ddfef1212
commit 1ddfef1212
parent 970bfe16ec
1 changed files with 10 additions and 19 deletions
--- a/rest_framework/permissions.py
+++ b/rest_framework/permissions.py
@ -77,7 +77,7 @@ class DjangoModelPermissions(BasePermission):
    `add`/`change`/`delete` permissions on the model.

    This permission can only be applied against view classes that
-    provide a `.model` or `.queryset` attribute.
+    provide a `.queryset` attribute.
    """

    # Map methods into required permission codes.
@ -107,24 +107,19 @@ class DjangoModelPermissions(BasePermission):
        return [perm % kwargs for perm in self.perms_map[method]]

    def has_permission(self, request, view):
-        # Note that `.model` attribute on views is deprecated, although we
-        # enforce the deprecation on the view `get_serializer_class()` and
-        # `get_queryset()` methods, rather than here.
-        model_cls = getattr(view, 'model', None)
        queryset = getattr(view, 'queryset', None)

-        if model_cls is None and queryset is not None:
-            model_cls = queryset.model
-
        # Workaround to ensure DjangoModelPermissions are not applied
        # to the root view when using DefaultRouter.
-        if model_cls is None and getattr(view, '_ignore_model_permissions', False):
+        if queryset is None and getattr(view, '_ignore_model_permissions', False):
            return True

-        assert model_cls, ('Cannot apply DjangoModelPermissions on a view that'
-                           ' does not have `.model` or `.queryset` property.')
+        assert queryset, (
+            'Cannot apply DjangoModelPermissions on a view that '
+            'does not have `.queryset` property.'
+        )

-        perms = self.get_required_permissions(request.method, model_cls)
+        perms = self.get_required_permissions(request.method, queryset.model)

        return (
            request.user and
@ -150,7 +145,7 @@ class DjangoObjectPermissions(DjangoModelPermissions):
    `add`/`change`/`delete` permissions on the object using .has_perms.

    This permission can only be applied against view classes that
-    provide a `.model` or `.queryset` attribute.
+    provide a `.queryset` attribute.
    """

    perms_map = {
@ -171,14 +166,10 @@ class DjangoObjectPermissions(DjangoModelPermissions):
        return [perm % kwargs for perm in self.perms_map[method]]

    def has_object_permission(self, request, view, obj):
-        model_cls = getattr(view, 'model', None)
-        queryset = getattr(view, 'queryset', None)
-
-        if model_cls is None and queryset is not None:
-            model_cls = queryset.model
+        model_cls = view.queryset.model
+        user = request.user

        perms = self.get_required_object_permissions(request.method, model_cls)
-        user = request.user

        if not user.has_perms(perms, obj):
            # If the user does not have permissions we need to determine if