From 2bc697fd37c93c195d0a2fd3632d5eb5b604d178 Mon Sep 17 00:00:00 2001 From: Yura Pogorelov Date: Thu, 23 May 2019 23:50:23 +0300 Subject: [PATCH 1/5] Change permission finish --- mlp_api/staticPageApp/admin.py | 4 ++++ mlp_api/staticPageApp/models.py | 5 +++++ 2 files changed, 9 insertions(+) diff --git a/mlp_api/staticPageApp/admin.py b/mlp_api/staticPageApp/admin.py index 48a0506..c7e9837 100644 --- a/mlp_api/staticPageApp/admin.py +++ b/mlp_api/staticPageApp/admin.py @@ -25,6 +25,10 @@ class PageAdmin(admin.ModelAdmin): ) save_on_top = True + def get_readonly_fields(self, request, obj=None): + request.user.has_perm('app.readonly_page') + return self.readonly_fields + @admin.register(BlockPage) class BlockPageAdmin(admin.ModelAdmin): diff --git a/mlp_api/staticPageApp/models.py b/mlp_api/staticPageApp/models.py index d226c08..c55da01 100644 --- a/mlp_api/staticPageApp/models.py +++ b/mlp_api/staticPageApp/models.py @@ -2,6 +2,7 @@ from django.utils.translation import ugettext_lazy as _ from django.template.defaultfilters import truncatechars + from pytils.translit import slugify from tinymce.models import HTMLField @@ -50,6 +51,10 @@ class Meta: verbose_name = _("static page") verbose_name_plural = _("static pages") + permissions = ( + ('readonly_page', 'Readonly Page'), + ) + def save(self, *args, **kwargs): """ If the field is not filled when saving, it is automatically From 27ae569b3cfff8b737f3455c4116f4d0f89fd0cb Mon Sep 17 00:00:00 2001 From: Yura Pogorelov Date: Fri, 24 May 2019 12:24:55 +0300 Subject: [PATCH 2/5] fix admin.py staticPageApp --- mlp_api/staticPageApp/admin.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mlp_api/staticPageApp/admin.py b/mlp_api/staticPageApp/admin.py index c7e9837..385738e 100644 --- a/mlp_api/staticPageApp/admin.py +++ b/mlp_api/staticPageApp/admin.py @@ -26,7 +26,7 @@ class PageAdmin(admin.ModelAdmin): save_on_top = True def get_readonly_fields(self, request, obj=None): - request.user.has_perm('app.readonly_page') + request.user.has_perm('page.readonly_page') return self.readonly_fields From 4c9020d59ab2d22bcacdfa6b134342a4b81e1776 Mon Sep 17 00:00:00 2001 From: Yura Pogorelov Date: Fri, 24 May 2019 16:13:15 +0300 Subject: [PATCH 3/5] Removed unnecessary --- mlp_api/staticPageApp/admin.py | 5 ----- mlp_api/staticPageApp/models.py | 4 ---- 2 files changed, 9 deletions(-) diff --git a/mlp_api/staticPageApp/admin.py b/mlp_api/staticPageApp/admin.py index 385738e..8b59ddb 100644 --- a/mlp_api/staticPageApp/admin.py +++ b/mlp_api/staticPageApp/admin.py @@ -25,11 +25,6 @@ class PageAdmin(admin.ModelAdmin): ) save_on_top = True - def get_readonly_fields(self, request, obj=None): - request.user.has_perm('page.readonly_page') - return self.readonly_fields - - @admin.register(BlockPage) class BlockPageAdmin(admin.ModelAdmin): list_display = ( diff --git a/mlp_api/staticPageApp/models.py b/mlp_api/staticPageApp/models.py index c55da01..0148703 100644 --- a/mlp_api/staticPageApp/models.py +++ b/mlp_api/staticPageApp/models.py @@ -51,10 +51,6 @@ class Meta: verbose_name = _("static page") verbose_name_plural = _("static pages") - permissions = ( - ('readonly_page', 'Readonly Page'), - ) - def save(self, *args, **kwargs): """ If the field is not filled when saving, it is automatically From 2e0061435e8fd3e586b38345cead0be2df34ea3b Mon Sep 17 00:00:00 2001 From: Yura Pogorelov Date: Fri, 24 May 2019 16:14:51 +0300 Subject: [PATCH 4/5] Added permission_class --- mlp_api/staticPageApp/views.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mlp_api/staticPageApp/views.py b/mlp_api/staticPageApp/views.py index 9af7439..6968ebc 100644 --- a/mlp_api/staticPageApp/views.py +++ b/mlp_api/staticPageApp/views.py @@ -1,6 +1,7 @@ from rest_framework import viewsets from staticPageApp.models import Page from staticPageApp.serializers import PageSerializer +from utils.permissions import IsAdminUserOrReadOnly class PageViewSet(viewsets.ModelViewSet): """ @@ -8,4 +9,5 @@ class PageViewSet(viewsets.ModelViewSet): """ queryset = Page.objects.filter(is_activate=True) serializer_class = PageSerializer + permission_classes = (IsAdminUserOrReadOnly,) lookup_field = 'slug' \ No newline at end of file From d2b095a190a4a9c83aa1392e0cb9603a2403f591 Mon Sep 17 00:00:00 2001 From: Yura Pogorelov Date: Mon, 27 May 2019 13:34:40 +0300 Subject: [PATCH 5/5] prescribed permission_classes = (permissions.DjangoModelPermissionsOrAnonReadOnly, permissions.IsAuthenticatedOrReadOnly,) --- mlp_api/staticPageApp/views.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mlp_api/staticPageApp/views.py b/mlp_api/staticPageApp/views.py index 6968ebc..287e5ff 100644 --- a/mlp_api/staticPageApp/views.py +++ b/mlp_api/staticPageApp/views.py @@ -1,7 +1,9 @@ from rest_framework import viewsets from staticPageApp.models import Page from staticPageApp.serializers import PageSerializer -from utils.permissions import IsAdminUserOrReadOnly + +from rest_framework import permissions + class PageViewSet(viewsets.ModelViewSet): """ @@ -9,5 +11,5 @@ class PageViewSet(viewsets.ModelViewSet): """ queryset = Page.objects.filter(is_activate=True) serializer_class = PageSerializer - permission_classes = (IsAdminUserOrReadOnly,) + permission_classes = (permissions.DjangoModelPermissionsOrAnonReadOnly, permissions.IsAuthenticatedOrReadOnly,) lookup_field = 'slug' \ No newline at end of file