4👍
✅
You should add this logic to views, because the views are used to implement these kinds of logic.
Actually, you don’t want to use serializers here, because of the response of .get_all_permissions() method is already in serialized form
Apart from that, your provided code is not good (it’s clearly bad). It should be as below,
return request.user.get_all_permissions()
because, you’ll get current logged-in user’s instance through request.user, to get his/her permissions, you all need to call the get_all_permissions() method
Example
from rest_framework.decorators import api_view, permission_classes
from rest_framework.response import Response
from rest_framework.permissions import IsAuthenticated
@permission_classes(IsAuthenticated, )
@api_view()
def my_view(request):
logged_in_user = request.user
return Response(data=logged_in_user.get_all_permissions())
👤JPG
Source:stackexchange.com