diff options
| author | Tom Christie | 2014-11-25 15:52:36 +0000 |
|---|---|---|
| committer | Tom Christie | 2014-11-25 15:52:36 +0000 |
| commit | d7f8047addaea10b0f629e064a3826e7531d8040 (patch) | |
| tree | 9bd27d74390b313bd1b84a9853531e5814ea24e5 /docs/api-guide/permissions.md | |
| parent | 64d8e3dcb6846610e1908e067962b0c8457a86f8 (diff) | |
| parent | 66fc51de5c4622073e7e6cfd12cc7c4a1a8ba60c (diff) | |
| download | django-rest-framework-d7f8047addaea10b0f629e064a3826e7531d8040.tar.bz2 | |
Merge branch 'mkdocs' of git://github.com/d0ugal/django-rest-framework into d0ugal-mkdocs
Diffstat (limited to 'docs/api-guide/permissions.md')
| -rw-r--r-- | docs/api-guide/permissions.md | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/docs/api-guide/permissions.md b/docs/api-guide/permissions.md index 446e362e..f068f0f7 100644 --- a/docs/api-guide/permissions.md +++ b/docs/api-guide/permissions.md @@ -1,4 +1,4 @@ -<a class="github" href="permissions.py"></a> +source: permissions.py # Permissions @@ -12,7 +12,7 @@ Permission checks are always run at the very start of the view, before any other ## How permissions are determined -Permissions in REST framework are always defined as a list of permission classes. +Permissions in REST framework are always defined as a list of permission classes. Before running the main body of the view each permission in the list is checked. If any permission check fails an `exceptions.PermissionDenied` exception will be raised, and the main body of the view will not run. @@ -220,9 +220,9 @@ As well as global permissions, that are run against all incoming requests, you c def has_object_permission(self, request, view, obj): # Read permissions are allowed to any request, # so we'll always allow GET, HEAD or OPTIONS requests. - if request.method in permissions.SAFE_METHODS: + if request.method in permissions.SAFE_METHODS: return True - + # Instance must have an attribute named `owner`. return obj.owner == request.user |