0
我在views.py以下,Django的休息IsAdminUser不适用
from webapi.models import members
from rest_framework import permissions
from webapi.serializers import MemberSerializer
from rest_framework import generics
class MemberList(generics.ListAPIView):
queryset = members.objects.all()
serializer_class = MemberSerializer
permission_class = (permissions.IsAuthenticated,)
class MemberCreate(generics.CreateAPIView):
queryset = members.objects.all()
serializer_class = MemberSerializer
permission_class = (permissions.IsAdminUser,)
def perform_create(self, serializer):
serializer.save(owner=self.request.user)
在上面IsAuthenticated工作正常,但是当我用“permissions.IsAdminUser”为MemberCreate类是允许而不是管理用户也可以创建项目。
按照问题“Django rest_framework IsAdminUser not behaving”我甚至尝试添加在settings.py以下,但仍重写没有发生,
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
)
}
无论添加或不设置增加REST_FRAMEWORK。 py IsAdminUser权限不起作用。