DEVHIDE
Login Or Sign up

Django custom group permission return 401 code as Unauthorized user

36 Views Asked by At

I want create user permission based on user group membership.

But next code return next error message "Request failed with status code 401".

And for authorized user print(request.user) return next line: "AnonymousUser".

permission.py:

from django.contrib.auth.models import Group
from rest_framework import permissions

def is_in_group(user, group_name):
    try:
        return Group.objects.get(name=group_name).user_set.filter(id=user.id).exists()
    except Group.DoesNotExist:
        return False

class HasGroupPermission(permissions.BasePermission):
    def has_permission(self, request, view):
        print(request.user)
        required_groups_mapping = getattr(view, "required_groups", {})
        required_groups = required_groups_mapping.get(request.method, [])
        return all([is_in_group(request.user, group_name) if group_name != "__all__" else True for group_name in required_groups]) or (request.user and request.user.is_staff)

views.py:

from .models import AppOne
from .serializers import AppOnesSerializer
from rest_framework import generics
from scripts.permission import HasGroupPermission

class AppOneView(generics.ListAPIView):
    queryset = AppOne.objects.all()
    serializer_class = AppOnesSerializer
    permission_classes = [HasGroupPermission]  
    required_groups = {
        'GET': ['group1'],
        'POST': ['group1'],
        'PUT': ['group1'],
    }

my User Model:

class CustomUser(AbstractUser):
    age = models.PositiveIntegerField(blank=True, null=True)

(I tried almost nothing extra, as I'm new one.)

Edit:

urls.py:

from django.urls import path
from .views import ObtainTokenPairWithAgeView
urlpatterns = [
    path('token/obtain/', ObtainTokenPairWithAgeView.as_view(), name='token_create'),
]

views.py:

from rest_framework_simplejwt.views import TokenObtainPairView
from .serializers import MyTokenObtainPairSerializer
class ObtainTokenPairWithAgeView(TokenObtainPairView):
    serializer_class = MyTokenObtainPairSerializer

serializers.py

from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
class MyTokenObtainPairSerializer(TokenObtainPairSerializer):
    @classmethod
    def get_token(cls, user):
        token = super(MyTokenObtainPairSerializer, cls).get_token(user)
        token['age'] = user.age
        return token
django django-rest-framework permissions user-permissions
Original Q&A
0

There are 0 best solutions below

Related Questions in DJANGO

Related Questions in DJANGO-REST-FRAMEWORK

Related Questions in PERMISSIONS

Related Questions in USER-PERMISSIONS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.