From 80ce4a2cb83ee9e93c559ef402c737ca967c19ae Mon Sep 17 00:00:00 2001 From: Ehsan200 Date: Sat, 10 Jun 2023 14:36:50 +0330 Subject: [PATCH] feat: Use new methods in all views and use cached permissions in each view instance --- rest_framework/views.py | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/rest_framework/views.py b/rest_framework/views.py index 4c30029fd..c72033547 100644 --- a/rest_framework/views.py +++ b/rest_framework/views.py @@ -1,6 +1,8 @@ """ Provides an APIView class that is the base of all views in REST framework. """ +from functools import cached_property + from django.conf import settings from django.core.exceptions import PermissionDenied from django.db import connections, models @@ -277,6 +279,10 @@ class APIView(View): """ return [permission() for permission in self.permission_classes] + @cached_property + def cached_permissions(self): + return self.get_permissions() + def get_throttles(self): """ Instantiates and returns the list of throttles that this view uses. @@ -328,8 +334,8 @@ class APIView(View): Check if the request should be permitted. Raises an appropriate exception if the request is not permitted. """ - for permission in self.get_permissions(): - if not permission.has_permission(request, self): + for permission in self.cached_permissions: + if not permission.has_permission_value(request, self): self.permission_denied( request, message=getattr(permission, 'message', None), @@ -341,8 +347,8 @@ class APIView(View): Check if the request should be permitted for a given object. Raises an appropriate exception if the request is not permitted. """ - for permission in self.get_permissions(): - if not permission.has_object_permission(request, self, obj): + for permission in self.cached_permissions: + if not permission.has_object_permission_value(request, self, obj): self.permission_denied( request, message=getattr(permission, 'message', None),