diff options
| author | Tom Christie | 2014-08-20 12:06:29 +0100 |
|---|---|---|
| committer | Tom Christie | 2014-08-20 12:06:29 +0100 |
| commit | 6ffc97c808f8026c063011e2d048604f3a6b70fa (patch) | |
| tree | 93586ece6e50ab5ef6282ffd104e886ed48d9180 /rest_framework/permissions.py | |
| parent | f7b3e1e62b8e2c8bd1d1eb79a1cb0b3f4a0559a9 (diff) | |
| parent | 874d2be83c612fb5e04aa6a28901c2afe4bf9d3b (diff) | |
| download | django-rest-framework-6ffc97c808f8026c063011e2d048604f3a6b70fa.tar.bz2 | |
Merge pull request #1770 from tomchristie/2.4.0
2.4.0 Release.
Diffstat (limited to 'rest_framework/permissions.py')
| -rw-r--r-- | rest_framework/permissions.py | 36 |
1 files changed, 16 insertions, 20 deletions
diff --git a/rest_framework/permissions.py b/rest_framework/permissions.py index f24a5123..6a1a0077 100644 --- a/rest_framework/permissions.py +++ b/rest_framework/permissions.py @@ -2,15 +2,12 @@ Provides a set of pluggable permission policies. """ from __future__ import unicode_literals -import inspect -import warnings - -SAFE_METHODS = ['GET', 'HEAD', 'OPTIONS'] - from django.http import Http404 from rest_framework.compat import (get_model_name, oauth2_provider_scope, oauth2_constants) +SAFE_METHODS = ['GET', 'HEAD', 'OPTIONS'] + class BasePermission(object): """ @@ -27,13 +24,6 @@ class BasePermission(object): """ Return `True` if permission is granted, `False` otherwise. """ - if len(inspect.getargspec(self.has_permission).args) == 4: - warnings.warn( - 'The `obj` argument in `has_permission` is deprecated. ' - 'Use `has_object_permission()` instead for object permissions.', - DeprecationWarning, stacklevel=2 - ) - return self.has_permission(request, view, obj) return True @@ -72,9 +62,11 @@ class IsAuthenticatedOrReadOnly(BasePermission): """ def has_permission(self, request, view): - return (request.method in SAFE_METHODS or - request.user and - request.user.is_authenticated()) + return ( + request.method in SAFE_METHODS or + request.user and + request.user.is_authenticated() + ) class DjangoModelPermissions(BasePermission): @@ -132,9 +124,11 @@ class DjangoModelPermissions(BasePermission): perms = self.get_required_permissions(request.method, model_cls) - return (request.user and + return ( + request.user and (request.user.is_authenticated() or not self.authenticated_users_only) and - request.user.has_perms(perms)) + request.user.has_perms(perms) + ) class DjangoModelPermissionsOrAnonReadOnly(DjangoModelPermissions): @@ -222,6 +216,8 @@ class TokenHasReadWriteScope(BasePermission): required = oauth2_constants.READ if read_only else oauth2_constants.WRITE return oauth2_provider_scope.check(required, request.auth.scope) - assert False, ('TokenHasReadWriteScope requires either the' - '`OAuthAuthentication` or `OAuth2Authentication` authentication ' - 'class to be used.') + assert False, ( + 'TokenHasReadWriteScope requires either the' + '`OAuthAuthentication` or `OAuth2Authentication` authentication ' + 'class to be used.' + ) |