zoukankan      html  css  js  c++  java

  • drf之权限认证

    drf总流程链接

    https://www.cnblogs.com/daviddd/p/11918405.html

    drf之权限认证

    '''
承接总流程5.3的权限控制
权限认证:实例化每一个权限类得到一个对象列表,循环权限对象列表,执行每一个权限对象的
has_permession方法,返回true或者false,true表示通过权限认证,false表示没有通过,并抛出异常
'''

class APIView(View):

	# 配置文件
	permission_classes = api_settings.DEFAULT_PERMISSION_CLASSES
	settings = api_settings
	
	
	
	def initial(self, request, *args, **kwargs):
		"""
		Runs anything that needs to occur prior to calling the method handler.
		"""
		
		# 5.3 权限认证
		self.check_permissions(request)
		
		
	# 执行check_permissionds 函数,循环每一个权限对象,进行权限认证处理
	def check_permissions(self, request):
		"""
		Check if the request should be permitted.
		Raises an appropriate exception if the request is not permitted.
		"""
		# 5.31
		for permission in self.get_permissions():
			if not permission.has_permission(request, self):
				self.permission_denied(
					request, message=getattr(permission, 'message', None)
				)
				
				
	# 5.32 实例化权限类,得到权限对象列表
	def get_permissions(self):
		"""
		Instantiates and returns the list of permissions that this view requires.
		"""
		return [permission() for permission in self.permission_classes]
		
	
	# 5.33判断是否权限通过
	def has_permission(self, request, view):
		"""
		Return `True` if permission is granted, `False` otherwise.
		"""
		# 通过,有权限
		return True
		
		#如果return False,执行5.34的permission_denied函数,见60行,抛出异常
		return False



	def has_object_permission(self, request, view, obj):
		"""
		Return `True` if permission is granted, `False` otherwise.
		"""
		return True
		
	# 5.34抛出异常
	def permission_denied(self, request, message=None):
		"""
		If request is not permitted, determine what kind of exception to raise.
		"""
		if request.authenticators and not request.successful_authenticator:
			raise exceptions.NotAuthenticated()
		raise exceptions.PermissionDenied(detail=message)

    自定义权限认证

    from rest_framework.permissions import BasePermission


class MyPermission(BasePermission):
    message = {"status": False, "error": "登录成功之后才能评论"}

    def has_permission(self, request, view):
        if request.method == "GET":
            return True
        if request.user:
            return True
        return False

    def has_object_permission(self, request, view, obj):
        return True

    局部应用

    #py文件模块式引入
class CommentVIew():

    permission_classes = [MyPermission]
    
    pass
    希望你眼眸有星辰,心中有山海,从此以梦为马,不负韶华
  • 相关阅读:
    BZOJ 3205 [Apio2013]机器人 ——斯坦纳树
    BZOJ 3782 上学路线 ——动态规划 Lucas定理 中国剩余定理
    HDU 1423 Greatest Common Increasing Subsequence ——动态规划
    BZOJ 3309 DZY Loves Math ——莫比乌斯反演
    POJ 1038 Bugs Integrated, Inc. ——状压DP
    POJ 3693 Maximum repetition substring ——后缀数组
    POJ 2699 The Maximum Number of Strong Kings ——网络流
    POJ 2396 Budget ——有上下界的网络流
    BZOJ 4650 [Noi2016]优秀的拆分 ——后缀数组
    源码安装python
  • 原文地址:https://www.cnblogs.com/daviddd/p/11918501.html
Copyright © 2011-2022 走看看