mirror of
https://github.com/encode/django-rest-framework.git
synced 2025-07-05 12:53:33 +03:00
Remove PermissionsMixin
This commit is contained in:
parent
4e4584a01a
commit
87b363f7bc
|
@ -15,7 +15,6 @@ from djangorestframework.response import Response, ImmediateResponse
|
||||||
|
|
||||||
__all__ = (
|
__all__ = (
|
||||||
# Base behavior mixins
|
# Base behavior mixins
|
||||||
'PermissionsMixin',
|
|
||||||
'ResourceMixin',
|
'ResourceMixin',
|
||||||
# Model behavior mixins
|
# Model behavior mixins
|
||||||
'ReadModelMixin',
|
'ReadModelMixin',
|
||||||
|
@ -27,35 +26,6 @@ __all__ = (
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
########## Permissions Mixin ##########
|
|
||||||
|
|
||||||
class PermissionsMixin(object):
|
|
||||||
"""
|
|
||||||
Simple :class:`mixin` class to add permission checking to a :class:`View` class.
|
|
||||||
"""
|
|
||||||
|
|
||||||
permissions_classes = ()
|
|
||||||
"""
|
|
||||||
The set of permissions that will be enforced on this view.
|
|
||||||
|
|
||||||
Should be a tuple/list of classes as described in the :mod:`permissions` module.
|
|
||||||
"""
|
|
||||||
|
|
||||||
def get_permissions(self):
|
|
||||||
"""
|
|
||||||
Instantiates and returns the list of permissions that this view requires.
|
|
||||||
"""
|
|
||||||
return [p(self) for p in self.permissions_classes]
|
|
||||||
|
|
||||||
# TODO: wrap this behavior around dispatch()
|
|
||||||
def check_permissions(self, user):
|
|
||||||
"""
|
|
||||||
Check user permissions and either raise an ``ImmediateResponse`` or return.
|
|
||||||
"""
|
|
||||||
for permission in self.get_permissions():
|
|
||||||
permission.check_permission(user)
|
|
||||||
|
|
||||||
|
|
||||||
########## Resource Mixin ##########
|
########## Resource Mixin ##########
|
||||||
|
|
||||||
class ResourceMixin(object):
|
class ResourceMixin(object):
|
||||||
|
|
|
@ -12,7 +12,7 @@ import base64
|
||||||
|
|
||||||
|
|
||||||
class MockView(View):
|
class MockView(View):
|
||||||
permissions_classes = (permissions.IsAuthenticated,)
|
permission_classes = (permissions.IsAuthenticated,)
|
||||||
|
|
||||||
def post(self, request):
|
def post(self, request):
|
||||||
return HttpResponse({'a': 1, 'b': 2, 'c': 3})
|
return HttpResponse({'a': 1, 'b': 2, 'c': 3})
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.conf.urls.defaults import patterns, url, include
|
||||||
from django.test import TestCase
|
from django.test import TestCase
|
||||||
|
|
||||||
from djangorestframework import status
|
from djangorestframework import status
|
||||||
from djangorestframework.compat import View as DjangoView
|
|
||||||
from djangorestframework.response import Response
|
from djangorestframework.response import Response
|
||||||
from djangorestframework.views import View
|
from djangorestframework.views import View
|
||||||
from djangorestframework.renderers import BaseRenderer, JSONRenderer, YAMLRenderer, \
|
from djangorestframework.renderers import BaseRenderer, JSONRenderer, YAMLRenderer, \
|
||||||
|
|
|
@ -12,25 +12,28 @@ from djangorestframework.permissions import PerUserThrottling, PerViewThrottling
|
||||||
from djangorestframework.resources import FormResource
|
from djangorestframework.resources import FormResource
|
||||||
from djangorestframework.response import Response
|
from djangorestframework.response import Response
|
||||||
|
|
||||||
|
|
||||||
class MockView(View):
|
class MockView(View):
|
||||||
permissions_classes = ( PerUserThrottling, )
|
permission_classes = (PerUserThrottling,)
|
||||||
throttle = '3/sec'
|
throttle = '3/sec'
|
||||||
|
|
||||||
def get(self, request):
|
def get(self, request):
|
||||||
return Response('foo')
|
return Response('foo')
|
||||||
|
|
||||||
|
|
||||||
class MockView_PerViewThrottling(MockView):
|
class MockView_PerViewThrottling(MockView):
|
||||||
permissions_classes = ( PerViewThrottling, )
|
permission_classes = (PerViewThrottling,)
|
||||||
|
|
||||||
|
|
||||||
class MockView_PerResourceThrottling(MockView):
|
class MockView_PerResourceThrottling(MockView):
|
||||||
permissions_classes = ( PerResourceThrottling, )
|
permission_classes = (PerResourceThrottling,)
|
||||||
resource = FormResource
|
resource = FormResource
|
||||||
|
|
||||||
|
|
||||||
class MockView_MinuteThrottling(MockView):
|
class MockView_MinuteThrottling(MockView):
|
||||||
throttle = '3/min'
|
throttle = '3/min'
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
class ThrottlingTests(TestCase):
|
class ThrottlingTests(TestCase):
|
||||||
urls = 'djangorestframework.tests.throttling'
|
urls = 'djangorestframework.tests.throttling'
|
||||||
|
|
||||||
|
@ -54,7 +57,7 @@ class ThrottlingTests(TestCase):
|
||||||
"""
|
"""
|
||||||
Explicitly set the timer, overriding time.time()
|
Explicitly set the timer, overriding time.time()
|
||||||
"""
|
"""
|
||||||
view.permissions_classes[0].timer = lambda self: value
|
view.permission_classes[0].timer = lambda self: value
|
||||||
|
|
||||||
def test_request_throttling_expires(self):
|
def test_request_throttling_expires(self):
|
||||||
"""
|
"""
|
||||||
|
@ -101,7 +104,6 @@ class ThrottlingTests(TestCase):
|
||||||
"""
|
"""
|
||||||
self.ensure_is_throttled(MockView_PerResourceThrottling, 503)
|
self.ensure_is_throttled(MockView_PerResourceThrottling, 503)
|
||||||
|
|
||||||
|
|
||||||
def ensure_response_header_contains_proper_throttle_field(self, view, expected_headers):
|
def ensure_response_header_contains_proper_throttle_field(self, view, expected_headers):
|
||||||
"""
|
"""
|
||||||
Ensure the response returns an X-Throttle field with status and next attributes
|
Ensure the response returns an X-Throttle field with status and next attributes
|
||||||
|
|
|
@ -68,7 +68,7 @@ _resource_classes = (
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class View(ResourceMixin, PermissionsMixin, DjangoView):
|
class View(ResourceMixin, DjangoView):
|
||||||
"""
|
"""
|
||||||
Handles incoming requests and maps them to REST operations.
|
Handles incoming requests and maps them to REST operations.
|
||||||
Performs request deserialization, response serialization, authentication and input validation.
|
Performs request deserialization, response serialization, authentication and input validation.
|
||||||
|
@ -96,7 +96,7 @@ class View(ResourceMixin, PermissionsMixin, DjangoView):
|
||||||
List of all authenticating methods to attempt.
|
List of all authenticating methods to attempt.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
permissions = (permissions.FullAnonAccess,)
|
permission_classes = (permissions.FullAnonAccess,)
|
||||||
"""
|
"""
|
||||||
List of all permissions that must be checked.
|
List of all permissions that must be checked.
|
||||||
"""
|
"""
|
||||||
|
@ -223,6 +223,19 @@ class View(ResourceMixin, PermissionsMixin, DjangoView):
|
||||||
"""
|
"""
|
||||||
return self.renderers[0]
|
return self.renderers[0]
|
||||||
|
|
||||||
|
def get_permissions(self):
|
||||||
|
"""
|
||||||
|
Instantiates and returns the list of permissions that this view requires.
|
||||||
|
"""
|
||||||
|
return [permission(self) for permission in self.permission_classes]
|
||||||
|
|
||||||
|
def check_permissions(self, user):
|
||||||
|
"""
|
||||||
|
Check user permissions and either raise an ``ImmediateResponse`` or return.
|
||||||
|
"""
|
||||||
|
for permission in self.get_permissions():
|
||||||
|
permission.check_permission(user)
|
||||||
|
|
||||||
def initial(self, request, *args, **kargs):
|
def initial(self, request, *args, **kargs):
|
||||||
"""
|
"""
|
||||||
This method is a hook for any code that needs to run prior to
|
This method is a hook for any code that needs to run prior to
|
||||||
|
|
Loading…
Reference in New Issue
Block a user