DRF permissions - visitors can view but is_manager can POST, PUT, DELETE request

-

 permissions.py


from rest_framework.permissions import BasePermission

from rest_framework import permissions


class UnAuthenticatedOrReadOnly(BasePermission):

    def has_permission(self, request, view):

        if request.user.is_authenticated:

            if request.method in permissions.SAFE_METHODS:

                return True  # Allow unauthenticated users to perform GET and RETRIEVE

            return request.user.is_manager  # Only manager users can perform POST, PUT, DELETE

        return request.method in permissions.SAFE_METHODS  # Allow unauthenticated users to perform GET and RETRIEVE


    def has_object_permission(self, request, view, obj):

        if request.user.is_authenticated:

            return request.user.is_manager  # Only manager users can perform CRUD actions

        return request.method in permissions.SAFE_METHODS  # Unauthenticated users can only view

----------------------------------------------------------------------------------------------------------------------------------

views.py


from django.shortcuts import render

from rest_framework.viewsets import ModelViewSet

from core.models import Product

from .serializer import *

from .permissions import *

from rest_framework.permissions import IsAuthenticated, AllowAny

from rest_framework_simplejwt.authentication import JWTAuthentication



class ProductView(ModelViewSet):

    queryset = Product.objects.all()

    serializer_class = ProductSeralizer

    authentication_classes = [JWTAuthentication]

    permission_classes = [UnAuthenticatedOrReadOnly]

-----------------------------------------------------------------------------------------------------------------------------

serializers.py

        

from rest_framework import serializers

from core.models import Product


class ProductSeralizer(serializers.ModelSerializer):

    class Meta:

        model = Product

        fields = "__all__"

Popular posts from this blog

MCSL 216 MCA NEW Practical ~ common questions suggestions

-
Topic: JS VALIDATION   Q1. Design a form for booking room through a Hotel website. The form should have relevant fields (make suitable assumptions). Further, the form should have Submit and Reset button. Now, perform following: Marks: 20   Solution: <html>     <title>hotel form booking</title>     <body>         <br>         <h2>Hotel Form</h2>         <br>           <form id="booking_form">             <label for="p_name">Person Name</label> <br>             <input type="text" id="p_name" name="p_name">          ...
Read more

dev chaeatsheet

-
Image
dev cheatsheet link: https://docs.google.com/document/d/15gRGAB57iEFs_TGsqrk08_OZ36mX1yfsMKCYM6qX7gk/edit?usp=sharing Topic: WordPress Theme Dev We can develop our custom theme in wordpress. Let’s first understand the folder structure of wordpress.contact form Let me assure you, how can you make a proper structure of a wordpress project.  front-page.php: This template is used to display the front page of the site. It's often used for the site's homepage. index.php: This is the fallback template used when more specific templates are not available. It usually displays a list of posts. style.css: This file contains the styles for your theme. While it can include theme author details in comments, its primary purpose is to style the HTML elements of your theme. single.php: This template is used to display a single post's details.             404.php: handle 404 error page         ...
Read more

STRAPI

-
Image
  Strapi helps us to provide pre-made cms backend. In strapi everything is about content type.   Topic: Weird Things About STRAPI Topic: Document Save States When we want to store a post into strapi, that time it gives us 2 options: “publish”, “save”. When we create content as publish/save it creates 2 different records. First 2 are for “save” and the rest 2 are for “publish”. Good thing is when creating a new publish/save it delta the OLD one ID and create a NEW one. Topic: Content Type change in strapi We can add multiple fields into strapi content type. For changing the Column Type we need go in inside /src/your-content-type/schema.json /* OLD ONE */ "attributes": {     "title": {       "type": "string"     },     "description": {       "type": "text",   "length": 80     }, /* NEW ONE */ "description": {    ...
Read more