mirror of
				https://github.com/encode/django-rest-framework.git
				synced 2025-10-25 21:21:04 +03:00 
			
		
		
		
	GitHub link in toolbar
This commit is contained in:
		
							parent
							
								
									2469cd2c83
								
							
						
					
					
						commit
						dac4cb9e8b
					
				|  | @ -8,7 +8,7 @@ | ||||||
| 
 | 
 | ||||||
| ## Exception handling in REST framework views | ## Exception handling in REST framework views | ||||||
| 
 | 
 | ||||||
| REST framework's views handle various exceptions, and deal with returning appropriate error responses for you. | REST framework's views handle various exceptions, and deal with returning appropriate error responses. | ||||||
| 
 | 
 | ||||||
| The handled exceptions are: | The handled exceptions are: | ||||||
| 
 | 
 | ||||||
|  | @ -16,9 +16,9 @@ The handled exceptions are: | ||||||
| * Django's `Http404` exception. | * Django's `Http404` exception. | ||||||
| * Django's `PermissionDenied` exception. | * Django's `PermissionDenied` exception. | ||||||
| 
 | 
 | ||||||
| In each case, REST framework will return a response, rendering it to an appropriate content-type. | In each case, REST framework will return a response with an appropriate status code and content-type.  The body of the response will include any additional details regarding the nature of the error. | ||||||
| 
 | 
 | ||||||
| By default all error messages will include a key `details` in the body of the response, but other keys may also be included. | By default all error responses will include a key `details` in the body of the response, but other keys may also be included. | ||||||
| 
 | 
 | ||||||
| For example, the following request: | For example, the following request: | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -12,7 +12,7 @@ Permission checks are always run at the very start of the view, before any other | ||||||
| 
 | 
 | ||||||
| ## How permissions are determined | ## How permissions are determined | ||||||
| 
 | 
 | ||||||
| Permissions in REST framework are always defined as a list of permission classes.  Before running the main body of the view, each permission in the list is checked. | Permissions in REST framework are always defined as a list of permission classes.  Before running the main body of the view each permission in the list is checked. | ||||||
| 
 | 
 | ||||||
| If any permission check fails an `exceptions.PermissionDenied` exception will be raised, and the main body of the view will not run. | If any permission check fails an `exceptions.PermissionDenied` exception will be raised, and the main body of the view will not run. | ||||||
| 
 | 
 | ||||||
|  | @ -73,7 +73,18 @@ This permission is suitable if you want to your API to allow read permissions to | ||||||
| 
 | 
 | ||||||
| ## DjangoModelPermissions | ## DjangoModelPermissions | ||||||
| 
 | 
 | ||||||
| This permission class ties into Django's standard `django.contrib.auth` model permissions.  When applied to a view that has a `.model` property, permission will only be granted if the user | This permission class ties into Django's standard `django.contrib.auth` [model permissions][contribauth].  When applied to a view that has a `.model` property, authorization will only be granted if the user has the relevant model permissions assigned. | ||||||
|  | 
 | ||||||
|  | * `POST` requests require the user to have the `add` permission on the model. | ||||||
|  | * `PUT` and `PATCH` requests require the user to have the `change` permission on the model. | ||||||
|  | * `DELETE` requests require the user to have the `delete` permission on the model. | ||||||
|  |   | ||||||
|  | The default behaviour can also be overridden to support custom model permissions.  For example, you might want to include a `view` model permission for `GET` requests. | ||||||
|  | 
 | ||||||
|  | To use custom model permissions, override `DjangoModelPermissions` and set the `.perms_map` property.  Refer to the source code for details. | ||||||
|  | 
 | ||||||
|  | The `DjangoModelPermissions` class also supports object-level permissions.  Third-party authorization backends such as [django-guardian][guardian] should work just fine with `DjangoModelPermissions` without any custom configuration required. | ||||||
|  | 
 | ||||||
| 
 | 
 | ||||||
| ## Custom permissions | ## Custom permissions | ||||||
| 
 | 
 | ||||||
|  | @ -85,3 +96,5 @@ The method should return `True` if the request should be granted access, and `Fa | ||||||
| [cite]: https://developer.apple.com/library/mac/#documentation/security/Conceptual/AuthenticationAndAuthorizationGuide/Authorization/Authorization.html | [cite]: https://developer.apple.com/library/mac/#documentation/security/Conceptual/AuthenticationAndAuthorizationGuide/Authorization/Authorization.html | ||||||
| [authentication]: authentication.md | [authentication]: authentication.md | ||||||
| [throttling]: throttling.md | [throttling]: throttling.md | ||||||
|  | [contribauth]: https://docs.djangoproject.com/en/1.0/topics/auth/#permissions | ||||||
|  | [guardian]: https://github.com/lukaszb/django-guardian | ||||||
							
								
								
									
										7
									
								
								docs/static/css/drf-styles.css
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										7
									
								
								docs/static/css/drf-styles.css
									
									
									
									
										vendored
									
									
								
							|  | @ -22,6 +22,13 @@ pre { | ||||||
|     display: block; |     display: block; | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | /* Header link to GitHub */ | ||||||
|  | .repo-link { | ||||||
|  |     float: right; | ||||||
|  |     margin-right: 10px; | ||||||
|  |     margin-top: 7px; | ||||||
|  | } | ||||||
|  | 
 | ||||||
| /* GitHub 'Star' badge */ | /* GitHub 'Star' badge */ | ||||||
| body.index #main-content iframe { | body.index #main-content iframe { | ||||||
|     float: right; |     float: right; | ||||||
|  |  | ||||||
|  | @ -21,6 +21,7 @@ | ||||||
|     <div class="navbar navbar-inverse navbar-fixed-top"> |     <div class="navbar navbar-inverse navbar-fixed-top"> | ||||||
|       <div class="navbar-inner"> |       <div class="navbar-inner"> | ||||||
|         <div class="container-fluid"> |         <div class="container-fluid"> | ||||||
|  |             <a class="repo-link btn btn-primary btn-small" href="https://github.com/tomchristie/django-rest-framework/tree/restframework2">GitHub</a> | ||||||
|           <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> |           <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> | ||||||
|             <span class="icon-bar"></span> |             <span class="icon-bar"></span> | ||||||
|             <span class="icon-bar"></span> |             <span class="icon-bar"></span> | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user