0
在我嘗試解決問題時,我試圖強制自定義權限類返回False,事實並非如此。我仍然可以通過下面的DateListViewSet類執行成功的GET和POST請求。我無法弄清楚爲什麼我的自定義權限類(IsUser)不起作用以下是我的自定義權限類,視圖類和序列化程序。請協助Django REST框架自定義權限類不工作
自定義權限類
class IsUser(permissions.BasePermission):
def has_permissions(self, request, view):
return False
密新和視圖類
class DateListMixin(object):
serializer_class = SimpleDateSerializer
permission_classes = (permissions.IsAuthenticated, IsUser)
class DateListViewSet(DateListMixin, generics.BulkModelViewSet):
def get_queryset(self):
num = self.kwargs['rm']
num2 = self.kwargs['id']
r1 = Room.objects.get(pk=num)
s1 = Schedule.objects.get(pk=num2)
u = self.request.user.pk
usr = User.objects.get(pk=u)
if(s1.user.username == usr.username):
queryset = r1.transactiondatetime_set.all()
return queryset
else: raise Http404("User does not exist")
串行類
class SimpleDateSerializer(BulkSerializerMixin, ModelSerializer, serializers.Serializer):
start_dt = serializers.DateTimeField(format="%Y-%m-%d %H:%M:%S")
class Meta(object):
model = TransactionDateTime
list_serializer_class = BulkListSerializer
fields = ('pk', 'start_dt', 'room')