13π
β
It seems like itβs a known issue, has_object_permission is not supported when using function based views, itβs reported here.
If you would like to call has_permission, you should be able to do so using the permission_classes decorator as shown in the documentation
@api_view(['GET'])
@permission_classes((IsAuthenticated, ))
def example_view(request, format=None):
content = {
'status': 'request was permitted'
}
return Response(content)
π€Forge
0π
I agree with the @Forge answer but If you still want to accomplish such things. You can follow this-
@api_view(['ANY_METHOD'])
@permission_classes([IsAuthenticated])
def model_delete_view(request, pk, *args, **kwargs):
obj = MyModel.objects.filter(pk=pk)
if not obj.exists():
return Response(
{'message': 'MyModel not found'},
status=status.HTTP_404_NOT_FOUND
)
obj = obj.filter(user=request.user)
if not obj.exists():
return Response(
{'message': 'You are not authorizated'},
status=status.HTTP_403_FORBIDDEN
)
obj.delete()
return Response({'message': 'MyModel deleted'}, status=status.HTTP_200_OK)
π€Yash
- Django cache framework. What is the difference between TIMEOUT and CACHE_MIDDLEWARE_SECONDS?
- Order in django migrations
- Send email confirmation after registration django
-2π
You have to add these words before def function_name ():
from rest_framework.decorators import authentication_classes
@authentication_classes([TokenAuthentication])
def func_name (request):
# Enter your code here.
Take careful in square brackets
π€Ibrahim Samir
- Does django staticfiles skip the middleware?
- Django ModelChoiceField: how to iter through the instances in the template?
- Django Apache Redirect Problem
- Django ORM for desktop application
Source:stackexchange.com