Permissions and authorization
DRF Permission classes
- class vng_api_common.permissions.AuthScopesRequired
- class vng_api_common.permissions.BaseAuthRequired
Look at the scopes required for the current action and check that they are present in the AC for this client
- has_object_permission(request: rest_framework.request.Request, view, obj) → bool
Return True if permission is granted, False otherwise.
- has_permission(request: rest_framework.request.Request, view) → bool
Return True if permission is granted, False otherwise.
- class vng_api_common.permissions.ClientIdRequired
Look at the client_id of an object and check that it equals client_id in the JWT
- has_object_permission(request: rest_framework.request.Request, view, obj) → bool
Return True if permission is granted, False otherwise.
- class vng_api_common.permissions.MainObjAuthScopesRequired
- class vng_api_common.permissions.RelatedObjAuthScopesRequired
- vng_api_common.permissions.bypass_permissions(request: rest_framework.request.Request) → bool
Bypass permission checks in DBEUG when using the browsable API renderer
- vng_api_common.permissions.permission_class_factory(base=<class 'vng_api_common.permissions.BaseAuthRequired'>, **attrs) → type
Build a view-specific permission class
This is just a small wrapper around
type
intended to keep the code readable.