Projet

Général

Profil

0001-remove-authentication-classes-from-APIView-9812.patch

Josué Kouka, 17 février 2016 17:05

Télécharger (1,18 ko)

Voir les différences: 

Subject: [PATCH] remove authentication classes from APIView (#9812)


 src/authentic2/api_views.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
src/authentic2/api_views.py
326 326 
router.register(r'users', UsersAPI, base_name='a2-api-users')
327 327 

  		




  328
  328
  
    
class RolesAPI(APIView):

  		




  329
  
  
    
    authentication_class = (authentication.BasicAuthentication)

  		




  330
  329
  
    
    permission_classes = (permissions.IsAuthenticated,)

  		




  331
  330
  
    

  		




  332
  331
  
    
    def initial(self, request, *args, **kwargs):

  		




  ......




  339
  338
  
    
        perm = 'a2_rbac.change_role'

  		




  340
  339
  
    
        authorized = request.user.has_perm(perm, obj=self.role)

  		




  341
  340
  
    
        if not authorized:

  		




  342
  
  
    
            raise PermissionDenied(u'User not allowed to change role') 

  		




  
  341
  
    
            raise PermissionDenied(u'User not allowed to change role')

  		




  343
  342
  
    

  		




  344
  343
  
    
    def post(self, request, *args, **kwargs):

  		




  345
  344
  
    
        self.role.members.add(self.member)

  		




  346
  
  
    
-