如何将细节对象传递给tastypie中的自定义授权？ [英] How can I pass a detail object to custom authorization in tastypie?

问题描述

如何在一个tastypie授权期间访问请求中访问的详细端点对象？

How can I access the detail endpoint object being accessed in the request during a tastypie authorization?

我注意到， docs 有一个对象参数 - 如何设置？

I noticed that one of the overridden methods in the docs has an object parameter -- how can I set this?

推荐答案

在分支烫发中，

https://github.com/toastdriven/django-tastypie/blob /perms/tastypie/authorization.py

类授权有一组方法，例如：

Class Authorization has a set of methods for example:

def read_detail(self, object_list, bundle):
    """
    Returns either ``True`` if the user is allowed to read the object in
    question or throw ``Unauthorized`` if they are not.
    Returns ``True`` by default.
    """
    return True

这里您可以尝试访问> obj 通过 bundle.obj

Here You can try to access the obj through bundle.obj

如果你不能使用perms分支，我建议你这样： / p>

If You can't use the perms branch, I suggest you this way:

class MyBaseAuth(Authorization):
    def get_object(self, request):
        try:
            pk = resolve(request.path)[2]['pk']
        except IndexError, KeyError:
            object = None # or raise Exception('Wrong URI')
        else:
            try:
                object = self.resource_meta.object_class.objects.get(pk=pk)
            except self.resource_meta.DoesNotExist:
                object = None
        return object


class FooResourceAuthorization(MyBaseAuth):
    def is_authorized(self, request, object=None):
        if request.method in ('GET', 'POST'):
            return True
        elif request.method == 'DELETE':
            object = self.get_object(request)
            if object.profile = request.user.profile:
                return True
        return False

这篇关于如何将细节对象传递给tastypie中的自定义授权？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！