caps.permissions

This module provides Django Rest Framework permissions that run checks based on the capability system.

Two implementations are provided: DjangoModelPermissions and OwnedPermissions. The first one is the base improved class, second is used to provide object permission checks.

class DjangoModelPermissions[source]

Bases: DjangoModelPermissions

This base class improve base DRF’s DjangoModelPermissions class.

It provides extra features:

GET request also has permission check (model’s view permission);

Maps view’s action to permissions;

Permissions map can be provided by the view (as attribute on the view);

When the view has perms_map attribute, it will look up there for a permission at first place, defaulting to self’s one.

View action will be searched before using request’s method. This allows viewsets to specify different permissions based on the current action.

get_required_permissions(view, method, model_cls)[source]

Given a view, model and HTTP method, return the list of permission codes that the user is required to have.

Lookup for them based on viewset action if any, then on method. Lookup for view’s perms_map before self’s one if any.

Return type:: list[str]

has_permission(request, view)[source]: Return True if permission is granted, False otherwise.

perms_map = {'DELETE': ['%(app_label)s.delete_%(model_name)s'], 'GET': ['%(app_label)s.view_%(model_name)s'], 'HEAD': [], 'OPTIONS': [], 'PATCH': ['%(app_label)s.change_%(model_name)s'], 'POST': ['%(app_label)s.add_%(model_name)s'], 'PUT': ['%(app_label)s.change_%(model_name)s']}

class OwnedPermissions[source]

Bases: DjangoObjectPermissions, DjangoModelPermissions

This class provides object permissions check for Owned.

For more information about usage, see DjangoModelPermissions.

Request

Fake request providing what is required to get permissions.

alias of RequestInfo

has_object_permission(request, view, obj)[source]: Return True if permission is granted, False otherwise.

perms_map = {'DELETE': ['%(app_label)s.delete_%(model_name)s'], 'GET': ['%(app_label)s.view_%(model_name)s'], 'HEAD': [], 'OPTIONS': [], 'PATCH': ['%(app_label)s.change_%(model_name)s'], 'POST': ['%(app_label)s.add_%(model_name)s'], 'PUT': ['%(app_label)s.change_%(model_name)s'], 'create': ['%(app_label)s.add_%(model_name)s'], 'destroy': ['%(app_label)s.delete_%(model_name)s'], 'list': ['%(app_label)s.view_%(model_name)s'], 'partial_update': ['%(app_label)s.change_%(model_name)s'], 'retrieve': ['%(app_label)s.view_%(model_name)s'], 'update': ['%(app_label)s.change_%(model_name)s']}