Merge branch 'master' into many-fields

Conflicts: rest_framework/relations.py
author: Tom Christie 2013-01-30 13:41:56 +0000
committer: Tom Christie 2013-01-30 13:41:56 +0000
commit: be6df3ae3ce18bf4b55ae065ebd34198885e48df (patch)
tree: 3a96bb6a5075584add7e28c6d8d7f251ad785b4e /docs/api-guide/permissions.md
parent: 9a4d01d687d57601d37f9a930d37039cb9f6a6f2 (diff)
parent: 8021bb5d5089955b171173e60dcc0968e13d29ea (diff)
download: django-rest-framework-be6df3ae3ce18bf4b55ae065ebd34198885e48df.tar.bz2
1 files changed, 9 insertions, 0 deletions
diff --git a/docs/api-guide/permissions.md b/docs/api-guide/permissions.md
index fce68f6d..1814b811 100644
--- a/docs/api-guide/permissions.md
+++ b/docs/api-guide/permissions.md
@@ -110,6 +110,15 @@ To implement a custom permission, override `BasePermission` and implement the `.
 
 The method should return `True` if the request should be granted access, and `False` otherwise.
 
+## Example
+
+The following is an example of a permission class that checks the incoming request's IP address against a blacklist, and denies the request if the IP has been blacklisted.
+
+    class BlacklistPermission(permissions.BasePermission):
+        def has_permission(self, request, view, obj=None):
+            ip_addr = request.META['REMOTE_ADDR']
+            blacklisted = Blacklist.objects.filter(ip_addr=ip_addr).exists()
+            return not blacklisted
 
 [cite]: https://developer.apple.com/library/mac/#documentation/security/Conceptual/AuthenticationAndAuthorizationGuide/Authorization/Authorization.html
 [authentication]: authentication.md
author	Tom Christie	2013-01-30 13:41:56 +0000
committer	Tom Christie	2013-01-30 13:41:56 +0000
commit	be6df3ae3ce18bf4b55ae065ebd34198885e48df (patch)
tree	3a96bb6a5075584add7e28c6d8d7f251ad785b4e /docs/api-guide/permissions.md
parent	9a4d01d687d57601d37f9a930d37039cb9f6a6f2 (diff)
parent	8021bb5d5089955b171173e60dcc0968e13d29ea (diff)
download	django-rest-framework-be6df3ae3ce18bf4b55ae065ebd34198885e48df.tar.bz2