From b65b065375796919a57f4bd6f1dd8187ef0eb165 Mon Sep 17 00:00:00 2001
From: Tom Christie
Date: Tue, 30 Apr 2013 14:34:28 +0100
Subject: Add DjangoModelPermissionsOrAnonReadOnly

---
 rest_framework/permissions.py | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'rest_framework/permissions.py')

diff --git a/rest_framework/permissions.py b/rest_framework/permissions.py
index 91bf5ad6..751f31a7 100644
--- a/rest_framework/permissions.py
+++ b/rest_framework/permissions.py
@@ -89,8 +89,8 @@ class DjangoModelPermissions(BasePermission):
     It ensures that the user is authenticated, and has the appropriate
     `add`/`change`/`delete` permissions on the model.
 
-    This permission will only be applied against view classes that
-    provide a `.model` attribute, such as the generic class-based views.
+    This permission can only be applied against view classes that
+    provide a `.model` or `.queryset` attribute.
     """
 
     # Map methods into required permission codes.
@@ -138,6 +138,14 @@ class DjangoModelPermissions(BasePermission):
         return False
 
 
+class DjangoModelPermissionsOrAnonReadOnly(DjangoModelPermissions):
+    """
+    Similar to DjangoModelPermissions, except that anonymous users are
+    allowed read-only access.
+    """
+    authenticated_users_only = False
+
+
 class TokenHasReadWriteScope(BasePermission):
     """
     The request is authenticated as a user and the token used has the right scope
-- 
cgit v1.2.3