Permissions For Createapiview In Django Rest Framework

July 20, 2023 Post a Comment

I looked at the code for CreateAPIView and nowhere in the creation process are permissions checked. So I decided to check them in the perform_create hook as follows: class CourseLi

Solution 1:

You have an issue because you're tying business logic checks with permissions.

Instead of calling check_object_permission, perform your own check once it's deserialized and raise a PermissionDenied if it fails.

Baca Juga

How To Specify Typings For Dynamic Fields Similar To Django Model/field?
Getting "doesn't Exist Or Is M2m Field" Error On My Uuid (primary Key) When Trying To Save In Drf
Django Mptt Efficiently Serializing Relational Data With Drf

Python Developer

Permissions For Createapiview In Django Rest Framework

Solution 1:

Post a Comment for "Permissions For Createapiview In Django Rest Framework"