Stack Overflow
Stack Overflow

Questions tagged [django-permissions]

django-permissions is a pluggable django app that provides per-object permissions for Django based on roles

django-permissions is a pluggable django app that provides per-object permissions for Django based on roles.

431 questions
0
votes
1 answer

Adding permissions to a django rest api

I am working on a django rest api and i want to add permission to it . I decided to go with IsAuthenticatedOrReadOnly to allow none authenticated people to read only and allow authenticated people to add data setting.py: REST_FRAMEWORK = { …
rira
  • 11
  • 2
0
votes
0 answers

Using session data ion custom permissions Django

I want to validate session data in custom permission, when i tried to access session data inside permissons it is showing None.Please help on this. class IsEmployee(permissions.BasePermission): def has_permission(self, request, view): if…
mohammed fayeez
  • 11
  • 4
0
votes
1 answer

How to refer or access the custom made permissions in `has_perm()` and `required_permissions`, in Django?

I want to know that how do I refer the custom made permissions in the has_perm() method of User Model and required_permissions attribute of PermissionRequiredMixin Class? Let's say I create the following custom permission: content_type =…
Khubaib Khawar
  • 13
  • 3
0
votes
1 answer

DRF Model Permission denying access to authenticated user

I'm getting a permission denial error but, if I'm understanding things correctly, the permissions should already have been assigned. class UserList(generics.ListCreateAPIView): queryset = User.objects.all() serializer_class =…
Mr.Andor
  • 25
  • 5
0
votes
0 answers

"permission matching query does not exist" errors i encounter with django guardian

Am trying to enable my website users block other users they don't want again as friends just like we can on Facebook. I decided to implement it with Django guardian. when a user clicks a button, a view(block_user_view) is called and the profile the…
Emmanuel C. O Peters
  • 3
  • 2
0
votes
1 answer

AttributeError: 'Request' object has no attribute 'DELETE'

I am trying to add permission for deleting an object. views.py class DeleteView(APIView): permission_classes = [IsAllowedDelete] def delete(self, request, id): obj = Mymodel.objects.get(id=id) obj.delete() return…
Jasmeet Pabla
  • 123
  • 10
0
votes
0 answers

Django middleware runs before drf permissions

I have a middleware class that looks something like this: class DogMiddleware: def __init__(self, get_response): self.get_response = get_response def __call__(self, request): return self.get_response(request) def…
user7097722
  • 65
  • 1
  • 1
  • 5
0
votes
1 answer

In Django, how to restrict access to a template to users based on their department_name. Each user belongs to certain department

I have the below model. Departments, users. Users are assigned to a department. How can I restrict the access of templates based on the department_name of a user? For eg : User can view Application Template_1 if department_name ==…
Raj
  • 1
  • 2
0
votes
1 answer

permission based on the action/url in Django rest framewrok

I have a Modelviewset class that has several functions inside it like list(), destroy, partial_update() and also other custom functions like def get_examples(self,request). The thing is different functions have different permissions based on the…
Reactoo
  • 916
  • 2
  • 12
  • 40
0
votes
1 answer

How to pass error message for custom permission in Django Rest Framework?

I have a custom permission and it called IsVendor. Now I have two built in permission class and they are IsAdminUser, IsAuthenticated and when I try to hit those url without credentials or login information it shows me an error message like this one…
sohanur shanto
  • 91
  • 3
  • 9
0
votes
0 answers

Django permissions view access for only one permission in the list

I have a Django class based view in which I am using the PermissionRequiredMixin. I would like a user who has at least one of the permissions in the permissions_required attribute to be able to access the view. From the Django documentation: The…
Mustafamond77
  • 330
  • 2
  • 15
0
votes
1 answer

Django self.groups.add(group) not adding group

I have a User model with role field. I want each user to be in one Group that corresponds to their role. So I try to set their group everytime user is saved. The problem is that user is not in any group after save. The important part of User…
Milano
  • 18,048
  • 37
  • 153
  • 353
0
votes
1 answer

IsOwnerOrReadOnly permission

I'm trying to do crud API with IsOwnerOrReadOnly permission but other users can still delete posts from the others. Could you please have a look? I have no clue what goes wrong. My guess is that it has something to do with this line return…
phong nguyen
  • 1
  • 1
0
votes
1 answer

How are permissions in Django created?

The following throws a DoesNotExist: exception: from django.contrib.auth.models import Permission Permission.objects.get(codename='add_eventmanager') Should I create this permission manually ?
canadadry
  • 8,115
  • 12
  • 51
  • 68
0
votes
1 answer

How do I dynamically filter fields returned in django rest api get request based on the user making the request?

I have a photoshoot api that allows photographers to post shoot photos from which preview and watermarded versions are derived. Editors and clients can both select which photos will be edited, but the editor should only see the preview without…
keystroke33
  • 159
  • 3
  • 11
1 2 3
28 29