![]() For example you can define whether a user has the ability to update any projects from the database. Global permissions are always checked first and define the ability of a user to take an action on an entire model. Install using pip… $ pip install dry-rest-permissionsĭRY Rest Permissions allows you to define both global and object level permissions. This would need a lot of triggers that would key off of these actions and explicitly change permissions.ĭRY Rest Permissions allows developers to easily describe what gives someone permission using the current data in an implicit way. This means that a user's permission will be granted or revoked based on many possibilities including ownership of the project transferring to a different association, the user's admin status in the association changing and the user entering or leaving the association. For apps that have many ways for a user to be given permission to certain actions, this approach can be very hard to maintain.įor example: you may have an app which lets you create and modify projects if you are an admin of an association that owns the project. Django-guardian is an explicit approach to permissions that requires data to be saved in tables that explicitly grants permissions for certain actions. Most other DRF permissions are based on django-guardian. Why is DRY Rest Permissions different than other DRF permission packages? A framework for limiting list requests based on permissions. ![]() This is DRY and works with your existing permission definitions. A serializer field that will return permissions for an object to your client app.Support for custom list and detail actions. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |