Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Library does not check for allowed methods #40

Open
dbrgn opened this issue Mar 17, 2017 · 1 comment
Open

Library does not check for allowed methods #40

dbrgn opened this issue Mar 17, 2017 · 1 comment

Comments

@dbrgn
Copy link

dbrgn commented Mar 17, 2017

If I add DRYPermissions to a ReadOnlyModelViewSet and then do a DELETE request to the endpoint, I get a HTTP500 with the following exception:

AssertionError: '<class 'data.models.Animal'>' does not have 'has_write_permission' or 'has_None_permission' defined.

Instead, a HTTP 405 (method not allowed) should be returned.

Might be related: encode/django-rest-framework#4927
@dbrgn dbrgn mentioned this issue Mar 19, 2017
Open
@jberends
Copy link

that can be related indeed as the DRYPermissions is just another implementation of Global and Object level permissions. And DRF will cycle through the permission_classes definition (eg permission_classes = (IsAuthenticated, DRYPermissions)). It looks for implementations of has_permission() and has_object_permission() methods on those classed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dbrgn @jberends