You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently when making custom permissions, the "pk" field is useless as there is no way to actually retrieve the instance of the object you are checking against as the BasePermission class has no referent to a model type.
I ran into this issue when trying to write the following permission class to see if a user owns a model:
classIsOwner(BasePermission):
defhas_permission(self, user, action, pk):
try:
# have to hard code Job here because BasePermission has no reference to the Model it is checkingjob=Job.objects.get(pk=pk)
exceptJob.DoesNotExist:
returnFalseifaction=="SUBSCRIBE":
returnuser==job.ownerreturnFalse
While this works for the Job model, I want to make this more general as I have other models with Owner that I want to use the same permission on. As I see it now, there's no way to generically use this field to do anything at all.
I think this was just a design oversight and I figure this can be solved pretty easily through just passing a reference to the Model of the binding to the permission class upon construction that can then be accessed from the has_permission method. I'll submit a PR with a fix once I have a chance.
The text was updated successfully, but these errors were encountered:
Currently when making custom permissions, the "pk" field is useless as there is no way to actually retrieve the instance of the object you are checking against as the BasePermission class has no referent to a model type.
I ran into this issue when trying to write the following permission class to see if a user owns a model:
While this works for the Job model, I want to make this more general as I have other models with Owner that I want to use the same permission on. As I see it now, there's no way to generically use this field to do anything at all.
I think this was just a design oversight and I figure this can be solved pretty easily through just passing a reference to the Model of the binding to the permission class upon construction that can then be accessed from the has_permission method. I'll submit a PR with a fix once I have a chance.
The text was updated successfully, but these errors were encountered: