Commit d995742a by Tom Christie

Add AllowAny permission

parent 51a64019
...@@ -33,6 +33,12 @@ The default permission policy may be set globally, using the `DEFAULT_PERMISSION ...@@ -33,6 +33,12 @@ The default permission policy may be set globally, using the `DEFAULT_PERMISSION
) )
} }
If not specified, this setting defaults to allowing unrestricted access:
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.AllowAny',
)
You can also set the authentication policy on a per-view basis, using the `APIView` class based views. You can also set the authentication policy on a per-view basis, using the `APIView` class based views.
class ExampleView(APIView): class ExampleView(APIView):
...@@ -58,6 +64,12 @@ Or, if you're using the `@api_view` decorator with function based views. ...@@ -58,6 +64,12 @@ Or, if you're using the `@api_view` decorator with function based views.
# API Reference # API Reference
## AllowAny
The `AllowAny` permission class will allow unrestricted access, **regardless of if the request was authenticated or unauthenticated**.
This permission is not strictly required, since you can achieve the same result by using an empty list or tuple for the permissions setting, but you may find it useful to specify this class because it makes the intention explicit.
## IsAuthenticated ## IsAuthenticated
The `IsAuthenticated` permission class will deny permission to any unauthenticated user, and allow permission otherwise. The `IsAuthenticated` permission class will deny permission to any unauthenticated user, and allow permission otherwise.
......
...@@ -72,7 +72,11 @@ Default: ...@@ -72,7 +72,11 @@ Default:
A list or tuple of permission classes, that determines the default set of permissions checked at the start of a view. A list or tuple of permission classes, that determines the default set of permissions checked at the start of a view.
Default: `()` Default:
(
'rest_framework.permissions.AllowAny',
)
## DEFAULT_THROTTLE_CLASSES ## DEFAULT_THROTTLE_CLASSES
......
...@@ -37,11 +37,14 @@ DEFAULTS = { ...@@ -37,11 +37,14 @@ DEFAULTS = {
'rest_framework.authentication.SessionAuthentication', 'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication' 'rest_framework.authentication.BasicAuthentication'
), ),
'DEFAULT_PERMISSION_CLASSES': (), 'DEFAULT_PERMISSION_CLASSES': (
'DEFAULT_THROTTLE_CLASSES': (), 'rest_framework.permissions.AllowAny',
),
'DEFAULT_THROTTLE_CLASSES': (
),
'DEFAULT_CONTENT_NEGOTIATION_CLASS': 'DEFAULT_CONTENT_NEGOTIATION_CLASS':
'rest_framework.negotiation.DefaultContentNegotiation', 'rest_framework.negotiation.DefaultContentNegotiation',
'DEFAULT_MODEL_SERIALIZER_CLASS': 'DEFAULT_MODEL_SERIALIZER_CLASS':
'rest_framework.serializers.ModelSerializer', 'rest_framework.serializers.ModelSerializer',
'DEFAULT_PAGINATION_SERIALIZER_CLASS': 'DEFAULT_PAGINATION_SERIALIZER_CLASS':
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment