You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've looked a bit at the source code and predicates don't seem to support this.
In my use case I need to query the database to see if the user has permissions to do something in a Role table, but a user may have multiple, differing roles. I can handle this in delete / update / view permissions by modifying the get_queryset()method and thus the self.get_object() method and adding additional filtering from the request there, but I am not able to do this for CreateViews since PermissionRequiredMixin returns None when it is a CreateView.
A solution for this is using django's UserPassesTestMixin, but at that point it doesn't make much sense to use django-rules.
It would be great to have the option of passing additional arguments or the view to predicates.
For comparison, django-rest passes both the view and the request to the method that handles the checking:
fromrest_frameworkimportpermissionsclassBlocklistPermission(permissions.BasePermission):
""" Global permission check for blocked IPs. """defhas_permission(self, request, view):
ip_addr=request.META['REMOTE_ADDR']
blocked=Blocklist.objects.filter(ip_addr=ip_addr).exists()
returnnotblocked
The text was updated successfully, but these errors were encountered:
I've looked a bit at the source code and predicates don't seem to support this.
In my use case I need to query the database to see if the user has permissions to do something in a Role table, but a user may have multiple, differing roles. I can handle this in delete / update / view permissions by modifying the
get_queryset()method and thus theself.get_object()method and adding additional filtering from the request there, but I am not able to do this forCreateViews sincePermissionRequiredMixinreturnsNonewhen it is a CreateView.A solution for this is using django's
UserPassesTestMixin, but at that point it doesn't make much sense to use django-rules.It would be great to have the option of passing additional arguments or the view to predicates.
For comparison, django-rest passes both the view and the request to the method that handles the checking:
The text was updated successfully, but these errors were encountered: