Permissions and authorization

DRF Permission classes

class vng_api_common.permissions.AuthScopesRequired

class vng_api_common.permissions.BaseAuthRequired

Look at the scopes required for the current action and check that they are present in the AC for this client

has_object_permission(request: rest_framework.request.Request, view, obj) → bool: Return True if permission is granted, False otherwise.

has_permission(request: rest_framework.request.Request, view) → bool: Return True if permission is granted, False otherwise.

class vng_api_common.permissions.ClientIdRequired

Look at the client_id of an object and check that it equals client_id in the JWT

has_object_permission(request: rest_framework.request.Request, view, obj) → bool: Return True if permission is granted, False otherwise.

class vng_api_common.permissions.MainObjAuthScopesRequired

class vng_api_common.permissions.RelatedObjAuthScopesRequired

vng_api_common.permissions.bypass_permissions(request: rest_framework.request.Request) → bool: Bypass permission checks in DBEUG when using the browsable API renderer

vng_api_common.permissions.permission_class_factory(base=<class 'vng_api_common.permissions.BaseAuthRequired'>, **attrs) → type

Build a view-specific permission class

This is just a small wrapper around type intended to keep the code readable.

Scopes

Read the Docs v: stable/1.0.x

Versions: latest; stable; stable-1.0.x

Downloads

On Read the Docs: Project Home; Builds