how to apply permission class to particular method in class based views in Django-Rest Framework?

https://stackoverflow.com//questions/22010675

django-rest-framework

21-12-2019
|

Question

I want to apply permission only for "PUT" method not for "POST"

class Signup(APIView):
    def post(self, request, format=None):
        something...something

    @authentication_classes((ExpiringTokenAuthentication,))
    @permission_classes((IsAuthenticated,))
    def put(self, request, format=None):
        something...something

Solution

Check the HTTP method on your permission class has_permission method and apply your checks if it was PUT:

class ExpiringTokenAuthentication(permissions.BasePermission):

    def has_permission(self, request, view):
        if request.method == 'PUT':
           # do it here


class Signup(APIView):
    permission_classes = (BlacklistPermission,)

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow