Django rest_framework IsAdminUser行为异常 [英] Django rest_framework IsAdminUser not behaving
问题描述
我在rest框架中有一个 viewset
,它的运行方式与我期望的不一样.如果我以编外人员身份登录并导航到api-url/users,则可以看到其中列出的所有用户.
I have a viewset
in rest framework that is not behaving like I would expect. If I login with a non-staff user and navigate to the api-url/users I can see all the users listed there.
IsAuthenticated
权限正在起作用,因为如果我注销,则会收到一条错误消息,提示我未通过身份验证.
The IsAuthenticated
permission is working, because if I logout I get an error saying that I am not authenticated.
我使用这些权限不对吗?我已经完成了教程并浏览了文档,但是找不到任何可以告诉我为什么这不起作用的信息
Am I using these permissions wrong? I have done the tutorial and looked through the docs, but I can't find anything to tell me why this shouldn't work
观看次数:
class UserViewSet(viewsets.ModelViewSet):
"""Viewset for viewing users. Only to be used by admins"""
queryset = LangaLangUserProfile.objects.all()
serializer_class = UserSerializer
filter_backends = (filters.DjangoFilterBackend, )
filter_fields = '__all__'
permissions_classes = (permissions.IsAdminUser, )
class LanguageViewSet(viewsets.ReadOnlyModelViewSet):
"""Viewset for Language objects, use the proper HTTP methods to modify them"""
queryset = Language.objects.all()
serializer_class = LanguageSerializer
filter_backends = (filters.DjangoFilterBackend, )
filter_fields = '__all__'
permissions_classes = (permissions.IsAuthenticated, )
网址:
router = routers.DefaultRouter()
router.register(r'users', views.UserViewSet)
router.register(r'language', views.LanguageViewSet)
序列化器:
class UserSerializer(serializers.ModelSerializer):
"""Serializer for User objects"""
class Meta:
model = LangaLangUserProfile
fields = '__all__'
class LanguageSerializer(serializers.ModelSerializer):
"""Serializer for the Language model"""
class Meta:
model = Language
fields = '__all__'
depth = 2
推荐答案
错字!
它是 permission_classes
,而不是 permissions_classes
.
关于这部分:
IsAuthenticated权限正在工作,因为如果我注销,则会收到一条错误消息,提示我未通过身份验证.
The IsAuthenticated permission is working, because if I logout I cget an error saysing that I am not authenticated.
我不确定为什么会这样,但是我会怪您在Django设置中 DEFAULT_PERMISSION_CLASSES
-也许您在其中指定了 IsAuthenticated
?
I'm not sure why this is happening but I'd blame DEFAULT_PERMISSION_CLASSES
in your Django settings - maybe you have IsAuthenticated
specified there?
这篇关于Django rest_framework IsAdminUser行为异常的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!