improving documentation about object level permissions #1049

author: Filipe Ximenes 2013-08-20 16:24:13 -0300
committer: Filipe Ximenes 2013-08-20 16:24:13 -0300
commit: 1bf712341508b5d9aa07fb62f55b7e495278fabf (patch)
tree: 8ce12c440976236a8e351b8a7e6b149237fb5279 /docs/api-guide/permissions.md
parent: f84d4951bfcc8887d57ca5fa0321cfdbb18a9b6d (diff)
download: django-rest-framework-1bf712341508b5d9aa07fb62f55b7e495278fabf.tar.bz2
1 files changed, 7 insertions, 0 deletions
diff --git a/docs/api-guide/permissions.md b/docs/api-guide/permissions.md
index c6372f98..bb7343af 100644
--- a/docs/api-guide/permissions.md
+++ b/docs/api-guide/permissions.md
@@ -28,6 +28,13 @@ If you're writing your own views and want to enforce object level permissions,
 you'll need to explicitly call the `.check_object_permissions(request, obj)` method on the view at the point at which you've retrieved the object.
 This will either raise a `PermissionDenied` or `NotAuthenticated` exception, or simply return if the view has the appropriate permissions.
 
+For example:
+
+    def get_object(self):
+        obj = get_object_or_404(self.get_queryset())
+        self.check_object_permissions(self.request, obj)
+        return obj
+
 ## Setting the permission policy
 
 The default permission policy may be set globally, using the `DEFAULT_PERMISSION_CLASSES` setting.  For example.
author	Filipe Ximenes	2013-08-20 16:24:13 -0300
committer	Filipe Ximenes	2013-08-20 16:24:13 -0300
commit	1bf712341508b5d9aa07fb62f55b7e495278fabf (patch)
tree	8ce12c440976236a8e351b8a7e6b149237fb5279 /docs/api-guide/permissions.md
parent	f84d4951bfcc8887d57ca5fa0321cfdbb18a9b6d (diff)
download	django-rest-framework-1bf712341508b5d9aa07fb62f55b7e495278fabf.tar.bz2