Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
rest: introduce generic permission framework
Until now, the REST API didn't really have a good permission system. In particular, it did not know about user groups. We will need to allow the "importer" group to add messages to any project, so it's time to improve the permissions. Similar to the old API, all the knowledge of permissions is encapsulated in one class, in this case a DRF Permission subclass. The new class replaces the old IsAdminUserOrReadOnly and IsMaintainerUserOrReadOnly permissions.
- Loading branch information
Showing
2 changed files
with
69 additions
and
19 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters