encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2024-12-03 06:54:05 +03:00
Code Issues Packages Projects Releases Wiki Activity

reword error message when user not logged in; add request to permission (so we can check permissions based on the type of request)

Browse Source
This commit is contained in:
Craig Blaszczyk 2011-07-26 11:57:33 +01:00
parent 68487c846b
commit f71f3aa422
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
djangorestframework/mixins.py
View File

@ -388,6 +388,7 @@ class AuthMixin(object):
user = self.user user = self.user
for permission_cls in self.permissions: for permission_cls in self.permissions:
permission = permission_cls(self) permission = permission_cls(self)
permission.request = self.request
permission.check_permission(user) permission.check_permission(user)

6
djangorestframework/permissions.py
View File

@ -26,6 +26,10 @@ _403_FORBIDDEN_RESPONSE = ErrorResponse(
{'detail': 'You do not have permission to access this resource. ' + {'detail': 'You do not have permission to access this resource. ' +
'You may need to login or otherwise authenticate the request.'}) 'You may need to login or otherwise authenticate the request.'})
_403_NOT_LOGGED_IN_RESPONSE = ErrorResponse(
status.HTTP_403_FORBIDDEN,
{'detail': 'You need to login to access this resource.'})
_503_SERVICE_UNAVAILABLE = ErrorResponse( _503_SERVICE_UNAVAILABLE = ErrorResponse(
status.HTTP_503_SERVICE_UNAVAILABLE, status.HTTP_503_SERVICE_UNAVAILABLE,
{'detail': 'request was throttled'}) {'detail': 'request was throttled'})
@ -64,7 +68,7 @@ class IsAuthenticated(BasePermission):
def check_permission(self, user): def check_permission(self, user):
if not user.is_authenticated(): if not user.is_authenticated():
raise _403_FORBIDDEN_RESPONSE raise _403_NOT_LOGGED_IN_RESPONSE
class IsAdminUser(BasePermission): class IsAdminUser(BasePermission):