如何将细节对象传递给tastypie中的自定义授权? [英] How can I pass a detail object to custom authorization in tastypie?
本文介绍了如何将细节对象传递给tastypie中的自定义授权?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
如何在一个tastypie授权期间访问请求中访问的详细端点对象?
How can I access the detail endpoint object being accessed in the request during a tastypie authorization?
我注意到, docs 有一个对象参数 - 如何设置?
I noticed that one of the overridden methods in the docs has an object parameter -- how can I set this?
推荐答案
在分支烫发中,
https://github.com/toastdriven/django-tastypie/blob /perms/tastypie/authorization.py
类授权有一组方法,例如:
Class Authorization has a set of methods for example:
def read_detail(self, object_list, bundle):
"""
Returns either ``True`` if the user is allowed to read the object in
question or throw ``Unauthorized`` if they are not.
Returns ``True`` by default.
"""
return True
这里您可以尝试访问> obj 通过 bundle.obj
Here You can try to access the obj through bundle.obj
如果你不能使用perms分支,我建议你这样: / p>
If You can't use the perms branch, I suggest you this way:
class MyBaseAuth(Authorization):
def get_object(self, request):
try:
pk = resolve(request.path)[2]['pk']
except IndexError, KeyError:
object = None # or raise Exception('Wrong URI')
else:
try:
object = self.resource_meta.object_class.objects.get(pk=pk)
except self.resource_meta.DoesNotExist:
object = None
return object
class FooResourceAuthorization(MyBaseAuth):
def is_authorized(self, request, object=None):
if request.method in ('GET', 'POST'):
return True
elif request.method == 'DELETE':
object = self.get_object(request)
if object.profile = request.user.profile:
return True
return False
这篇关于如何将细节对象传递给tastypie中的自定义授权?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文