From 69dcf13da90e4a2c78ea4136426fa98d24a83813 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Sun, 10 Feb 2013 16:43:52 +0000 Subject: [PATCH] Bugfix for DjangoModelPermissions. Fixes #437 Turns out that Django's default permissions backend always returns False when checking object-level permissions, even if the user does have valid global permissions. --- rest_framework/permissions.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rest_framework/permissions.py b/rest_framework/permissions.py index 3222dbf22..c9bbf4c4f 100644 --- a/rest_framework/permissions.py +++ b/rest_framework/permissions.py @@ -109,6 +109,6 @@ class DjangoModelPermissions(BasePermission): if (request.user and request.user.is_authenticated() and - request.user.has_perms(perms, obj)): + request.user.has_perms(perms)): return True return False