Object Permissions With Read Only Access For Anonymous Users In Django Rest Framework
The problem I am using Django REST Framework - and so far I have been using the DjangoObjectPermissions permissions class. I use django-rules to determine which users have permissi
Solution 1:
The fix was actually really simple. It's possible to create a custom permissions class extending DjangoObjectPermissions
, and to override the authenticated_users_only
variable.
classDjangoObjectPermissionsOrAnonReadOnly(DjangoObjectPermissions):
authenticated_users_only = False
Solution 2:
from rest_framework import permissions
and Just give
permission_classes = [permissions.IsAuthenticatedOrReadOnly, YourPermissionshere, ]
in your viewset. That will do the job. if not authenticated, Anonymous users will be getting a read-only permission
you can control when the permissions are checked and not checked by handling the function
self.check_object_permissions(self.request, obj)
Post a Comment for "Object Permissions With Read Only Access For Anonymous Users In Django Rest Framework"