zoukankan      html  css  js  c++  java

  • drf之权限认证

    drf总流程链接

    https://www.cnblogs.com/daviddd/p/11918405.html

    drf之权限认证

    '''
承接总流程5.3的权限控制
权限认证:实例化每一个权限类得到一个对象列表,循环权限对象列表,执行每一个权限对象的
has_permession方法,返回true或者false,true表示通过权限认证,false表示没有通过,并抛出异常
'''

class APIView(View):

	# 配置文件
	permission_classes = api_settings.DEFAULT_PERMISSION_CLASSES
	settings = api_settings
	
	
	
	def initial(self, request, *args, **kwargs):
		"""
		Runs anything that needs to occur prior to calling the method handler.
		"""
		
		# 5.3 权限认证
		self.check_permissions(request)
		
		
	# 执行check_permissionds 函数,循环每一个权限对象,进行权限认证处理
	def check_permissions(self, request):
		"""
		Check if the request should be permitted.
		Raises an appropriate exception if the request is not permitted.
		"""
		# 5.31
		for permission in self.get_permissions():
			if not permission.has_permission(request, self):
				self.permission_denied(
					request, message=getattr(permission, 'message', None)
				)
				
				
	# 5.32 实例化权限类,得到权限对象列表
	def get_permissions(self):
		"""
		Instantiates and returns the list of permissions that this view requires.
		"""
		return [permission() for permission in self.permission_classes]
		
	
	# 5.33判断是否权限通过
	def has_permission(self, request, view):
		"""
		Return `True` if permission is granted, `False` otherwise.
		"""
		# 通过,有权限
		return True
		
		#如果return False,执行5.34的permission_denied函数,见60行,抛出异常
		return False



	def has_object_permission(self, request, view, obj):
		"""
		Return `True` if permission is granted, `False` otherwise.
		"""
		return True
		
	# 5.34抛出异常
	def permission_denied(self, request, message=None):
		"""
		If request is not permitted, determine what kind of exception to raise.
		"""
		if request.authenticators and not request.successful_authenticator:
			raise exceptions.NotAuthenticated()
		raise exceptions.PermissionDenied(detail=message)

    自定义权限认证

    from rest_framework.permissions import BasePermission


class MyPermission(BasePermission):
    message = {"status": False, "error": "登录成功之后才能评论"}

    def has_permission(self, request, view):
        if request.method == "GET":
            return True
        if request.user:
            return True
        return False

    def has_object_permission(self, request, view, obj):
        return True

    局部应用

    #py文件模块式引入
class CommentVIew():

    permission_classes = [MyPermission]
    
    pass
    希望你眼眸有星辰,心中有山海,从此以梦为马,不负韶华
  • 相关阅读:
    Windows下的符号链接
    简单谈谈存储器的容量缩水问题
    配置CKEditor和CKFinder
    CKFinder的水印控件的问题
    关于 Visual Studio 默认创建的不是公共类
    Symbian 60 按键以及对应的键值(图)
    PLC中存储器的数据类型与寻址方式
    S7200 寻址
    电工识图笔记
    S7200型号串口通信参数设置
  • 原文地址:https://www.cnblogs.com/daviddd/p/11918501.html
Copyright © 2011-2022 走看看