mattdrayer/api-secureapiview-fix: Resolved DRF view issue

8c411041 · Matt Drayer · Jonathan Piacenti · 08acaad8 · 8c411041 · 8c411041
Commit 8c411041 authored Jun 11, 2014 by Matt Drayer Committed by Jonathan Piacenti Aug 20, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 4 deletions

lms/djangoapps/api_manager/permissions.py
+6 -2

lms/djangoapps/api_manager/users/views.py
+2 -2

No files found.
--- a/lms/djangoapps/api_manager/permissions.py
+++ b/lms/djangoapps/api_manager/permissions.py
@@ -5,7 +5,7 @@ from django.conf import settings

 from api_manager.utils import get_client_ip_address, address_exists_in_network
 from rest_framework import permissions, generics, filters, pagination, serializers
-
+from rest_framework.views import APIView

 log = logging.getLogger(__name__)

@@ -102,7 +102,11 @@ class CustomPaginationSerializer(pagination.PaginationSerializer):
    num_pages = serializers.Field(source='paginator.num_pages')


-class SecureAPIView(generics.ListAPIView):
+class SecureAPIView(APIView):
+    permission_classes = (ApiKeyHeaderPermission, )
+
+
+class SecureListAPIView(generics.ListAPIView):
    """
        Inherited from ListAPIView
    """

--- a/lms/djangoapps/api_manager/users/views.py
+++ b/lms/djangoapps/api_manager/users/views.py
@@ -13,7 +13,7 @@ from rest_framework.response import Response

 from django.db.models import Q

-from api_manager.permissions import SecureAPIView
+from api_manager.permissions import SecureAPIView, SecureListAPIView
 from api_manager.models import GroupProfile
 from .serializers import UserSerializer

@@ -114,7 +114,7 @@ def _save_content_position(request, user, course_id, course_descriptor, position
    return saved_content.id


-class UsersList(SecureAPIView):
+class UsersList(SecureListAPIView):
    """
    ### The UsersList view allows clients to retrieve/append a list of User entities
    - URI: ```/api/users/```