encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2024-11-23 10:03:57 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix permission issues

Browse Source
This commit is contained in:
Tom Christie 2012-09-05 13:04:07 +01:00
parent ef5279e97c
commit 367dd01a33
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
djangorestframework/permissions.py
View File

@ -41,7 +41,7 @@ class IsAuthenticated(BasePermission):
""" """
def check_permission(self, request, obj=None): def check_permission(self, request, obj=None):
if request.user.is_authenticated(): if request.user and request.user.is_authenticated():
return True return True
return False return False
@ -52,7 +52,7 @@ class IsAdminUser(BasePermission):
""" """
def check_permission(self, request, obj=None): def check_permission(self, request, obj=None):
if request.user.is_staff: if request.user and request.user.is_staff():
return True return True
return False return False
@ -63,8 +63,9 @@ class IsAuthenticatedOrReadOnly(BasePermission):
""" """
def check_permission(self, request, obj=None): def check_permission(self, request, obj=None):
if (request.user.is_authenticated() or if (request.method in SAFE_METHODS or
request.method in SAFE_METHODS): request.user and
request.user.is_authenticated()):
return True return True
return False return False
@ -108,6 +109,8 @@ class DjangoModelPermissions(BasePermission):
model_cls = self.view.model model_cls = self.view.model
perms = self.get_required_permissions(request.method, model_cls) perms = self.get_required_permissions(request.method, model_cls)
if request.user.is_authenticated() and request.user.has_perms(perms, obj): if (request.user and
request.user.is_authenticated() and
request.user.has_perms(perms, obj)):
return True return True
return False return False