@@ -54,6 +54,8 @@ Or, if you're using the `@api_view` decorator with function based views.
...
@@ -54,6 +54,8 @@ Or, if you're using the `@api_view` decorator with function based views.
}
}
return Response(content)
return Response(content)
---
# API Reference
# API Reference
## IsAuthenticated
## IsAuthenticated
...
@@ -88,12 +90,15 @@ To use custom model permissions, override `DjangoModelPermissions` and set the `
...
@@ -88,12 +90,15 @@ To use custom model permissions, override `DjangoModelPermissions` and set the `
The `DjangoModelPermissions` class also supports object-level permissions. Third-party authorization backends such as [django-guardian][guardian] that provide object-level permissions should work just fine with `DjangoModelPermissions` without any custom configuration required.
The `DjangoModelPermissions` class also supports object-level permissions. Third-party authorization backends such as [django-guardian][guardian] that provide object-level permissions should work just fine with `DjangoModelPermissions` without any custom configuration required.
---
# Custom permissions
# Custom permissions
To implement a custom permission, override `BasePermission` and implement the `.has_permission(self, request, view, obj=None)` method.
To implement a custom permission, override `BasePermission` and implement the `.has_permission(self, request, view, obj=None)` method.
The method should return `True` if the request should be granted access, and `False` otherwise.
The method should return `True` if the request should be granted access, and `False` otherwise.
@@ -30,6 +30,10 @@ you should use the `api_settings` object. For example.
...
@@ -30,6 +30,10 @@ you should use the `api_settings` object. For example.
The `api_settings` object will check for any user-defined settings, and otherwise fallback to the default values. Any setting that uses string import paths to refer to a class will automatically import and return the referenced class, instead of the string literal.
The `api_settings` object will check for any user-defined settings, and otherwise fallback to the default values. Any setting that uses string import paths to refer to a class will automatically import and return the referenced class, instead of the string literal.
---
# API Reference
## DEFAULT_RENDERERS
## DEFAULT_RENDERERS
A list or tuple of renderer classes, that determines the default set of renderers that may be used when returning a `Response` object.
A list or tuple of renderer classes, that determines the default set of renderers that may be used when returning a `Response` object.
@@ -63,6 +63,8 @@ Or, if you're using the `@api_view` decorator with function based views.
...
@@ -63,6 +63,8 @@ Or, if you're using the `@api_view` decorator with function based views.
}
}
return Response(content)
return Response(content)
---
# API Reference
# API Reference
## AnonRateThrottle
## AnonRateThrottle
...
@@ -144,6 +146,8 @@ For example, given the following views...
...
@@ -144,6 +146,8 @@ For example, given the following views...
User requests to either `ContactListView` or `ContactDetailView` would be restricted to a total of 1000 requests per-day. User requests to `UploadView` would be restricted to 20 requests per day.
User requests to either `ContactListView` or `ContactDetailView` would be restricted to a total of 1000 requests per-day. User requests to `UploadView` would be restricted to 20 requests per day.
---
# Custom throttles
# Custom throttles
To create a custom throttle, override `BaseThrottle` and implement `.allow_request(request, view)`. The method should return `True` if the request should be allowed, and `False` otherwise.
To create a custom throttle, override `BaseThrottle` and implement `.allow_request(request, view)`. The method should return `True` if the request should be allowed, and `False` otherwise.
