22👍
✅
Update-1
From DRF 3.8 onwards, detail_route decorator has replaced with action decorator.
class EventViewSet(viewsets.ModelViewSet):
@action(permission_classes=[permissions.PermissionClass_], methods=['post'])
def messages(self, request, pk=None):
# your view code
Original post
You can add permissions basically by doing this:
class EventViewSet(viewsets.ModelViewSet):
@detail_route(
permission_classes=[
permissions.PermissionClass_],
methods=['post'])
def messages(self, request, pk=None):
### Check a permissions class.
...
1👍
If you have a problem with permissions_classes in your custom actions in the ViewSet, try to use this decorator on your action. Probably the newest Django Rest Framework is not looking at permissions. Solution for this situation is to check it by yourself at the beggining of every custom action or to use following decorator:
def check_permissions(fun):
def ref(self, request, pk=None):
obj = get_object_or_404(self.get_queryset(), pk=pk)
self.check_object_permissions(self.request, obj)
return fun(self, request, pk)
return ref
- Django Test Client post() returns 302 despite error on view's post()
- Annotate (group) dates by month/year in Django
- Add unit to yaxis labels in MatPlotLib
- Multiple Forms and Formsets in CreateView
-1👍
in django rest 3.8 detail route is deprecated in favor of action route
so now it would look something like this.
from rest_framework.decorators import api_view, permission_classes
class EventViewSet(viewsets.ModelViewSet):
@action(
methods=['post'],
detail=True,
permission_classes=[YourPermission]
url_path='messages')
def messages(self, request, pk=None):
return Response("200", status=200)
👤Dap
- Python sqlite use in terminal -django
- Ajax architecture in Django application
- Prettier vscode extension not support Django template tags {% tag %}
- Django creating a form field that's read only using widgets
- Makemessages for an app installed in virtualenv
Source:stackexchange.com