New style object-level permission checks

author: Tom Christie 2013-02-11 12:47:56 +0000
committer: Tom Christie 2013-02-12 08:58:28 +0000
commit: 09b01887f234be55c14943028330f569823b2369 (patch)
tree: 6457258308dbc63a24c7a4f16b544999adc6c2b3 /docs/tutorial/4-authentication-and-permissions.md
parent: aa03425c09c2eb4fc0a24276de92a320af09c33e (diff)
download: django-rest-framework-09b01887f234be55c14943028330f569823b2369.tar.bz2
1 files changed, 1 insertions, 5 deletions
diff --git a/docs/tutorial/4-authentication-and-permissions.md b/docs/tutorial/4-authentication-and-permissions.md
index e9e5246a..979421ea 100644
--- a/docs/tutorial/4-authentication-and-permissions.md
+++ b/docs/tutorial/4-authentication-and-permissions.md
@@ -161,11 +161,7 @@ In the snippets app, create a new file, `permissions.py`
         Custom permission to only allow owners of an object to edit it.
         """
 
-        def has_permission(self, request, view, obj=None):
-            # Skip the check unless this is an object-level test
-            if obj is None:
-                return True
-    
+        def has_object_permission(self, request, view, obj):
             # Read permissions are allowed to any request,
             # so we'll always allow GET, HEAD or OPTIONS requests.
             if request.method in permissions.SAFE_METHODS:
author	Tom Christie	2013-02-11 12:47:56 +0000
committer	Tom Christie	2013-02-12 08:58:28 +0000
commit	09b01887f234be55c14943028330f569823b2369 (patch)
tree	6457258308dbc63a24c7a4f16b544999adc6c2b3 /docs/tutorial/4-authentication-and-permissions.md
parent	aa03425c09c2eb4fc0a24276de92a320af09c33e (diff)
download	django-rest-framework-09b01887f234be55c14943028330f569823b2369.tar.bz2