From 4b797337aefa4bc4d2db44a3071976f79d40d97c Mon Sep 17 00:00:00 2001 From: daffyd Date: Wed, 9 Feb 2022 12:15:28 -0500 Subject: [PATCH 1/5] 1112: adding class based view handling to tutorial --- docs/tutorial/tutorial_03.rst | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/docs/tutorial/tutorial_03.rst b/docs/tutorial/tutorial_03.rst index 52868c01f..eb1fc6b37 100644 --- a/docs/tutorial/tutorial_03.rst +++ b/docs/tutorial/tutorial_03.rst @@ -78,3 +78,29 @@ Now supposing your access token value is `123456` you can try to access your aut :: curl -H "Authorization: Bearer 123456" -X GET http://localhost:8000/secret + +Working with Rest_framework generic class based views +----------------------------------------------------- + +If you have completed the `Django REST framework tutorial +`_, +you will be familiar with the 'Snippet' example, in particular the SnippetList and SnippetDetail classes. + +It would be really nice to reuse those views, but also support token handling. Instead of reworking +those classes to be ProtectedResourceView based, the solution is much simpler than that. + +Assuming you have already modified the settings as was already shown. + +The key is setting a class variable to override the default *permissions_classes* with something that will use our :term:`Access Token` properly. + +.. code-block:: python + + from django.contrib.auth.decorators import login_required + + class SnippetList(generics.ListCreateAPIView): + ... + permission_classes = [TokenHasReadWriteScope] + + class SnippetDetail(generics.ListCreateAPIView): + ... + permission_classes = [TokenHasReadWriteScope] From 0b190834423f422ba5ac04a97e2befc1810f230d Mon Sep 17 00:00:00 2001 From: daffyd Date: Wed, 9 Feb 2022 13:06:29 -0500 Subject: [PATCH 2/5] Adding to Authors --- AUTHORS | 1 + 1 file changed, 1 insertion(+) diff --git a/AUTHORS b/AUTHORS index c6e66453d..a5ce9bfad 100644 --- a/AUTHORS +++ b/AUTHORS @@ -69,3 +69,4 @@ Vinay Karanam Eduardo Oliveira Andrea Greco Dominik George +David Hill From a373f461c8909f9ca76d48944f2d69e5433e5f9a Mon Sep 17 00:00:00 2001 From: daffyd Date: Wed, 9 Feb 2022 13:58:26 -0500 Subject: [PATCH 3/5] merging review changes --- docs/tutorial/tutorial_03.rst | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/docs/tutorial/tutorial_03.rst b/docs/tutorial/tutorial_03.rst index eb1fc6b37..89f611538 100644 --- a/docs/tutorial/tutorial_03.rst +++ b/docs/tutorial/tutorial_03.rst @@ -86,16 +86,15 @@ If you have completed the `Django REST framework tutorial `_, you will be familiar with the 'Snippet' example, in particular the SnippetList and SnippetDetail classes. -It would be really nice to reuse those views, but also support token handling. Instead of reworking +It would be nice to reuse those views **and** support token handling. Instead of reworking those classes to be ProtectedResourceView based, the solution is much simpler than that. -Assuming you have already modified the settings as was already shown. - -The key is setting a class variable to override the default *permissions_classes* with something that will use our :term:`Access Token` properly. +Assume you have already modified the settings as was already shown. +The key is setting a class attribute to override the default *permissions_classes* with something that will use our :term:`Access Token` properly. .. code-block:: python - from django.contrib.auth.decorators import login_required + from oauth2_provider.contrib.rest_framework import TokenHasReadWriteScope class SnippetList(generics.ListCreateAPIView): ... From 9572269ea9f05af1716964706fe27ec8e72009f7 Mon Sep 17 00:00:00 2001 From: Dave Hill Date: Fri, 11 Feb 2022 17:49:50 +0000 Subject: [PATCH 4/5] adding another clarification --- docs/tutorial/tutorial_03.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/tutorial/tutorial_03.rst b/docs/tutorial/tutorial_03.rst index 89f611538..3f1cd716e 100644 --- a/docs/tutorial/tutorial_03.rst +++ b/docs/tutorial/tutorial_03.rst @@ -103,3 +103,10 @@ The key is setting a class attribute to override the default *permissions_classe class SnippetDetail(generics.ListCreateAPIView): ... permission_classes = [TokenHasReadWriteScope] + +Note that this example overrides the Django default permission class setting. There are several other +ways this can be solved. Overriding the class function *get_permission_classes* is another way +to solve the problem. + +A detailed dive into the `Dango REST framework permissions is here. `_ + From 9778b3f9e0181348315a22645801f1dd4c4fc456 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Fri, 11 Feb 2022 17:50:08 +0000 Subject: [PATCH 5/5] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- docs/tutorial/tutorial_03.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/tutorial/tutorial_03.rst b/docs/tutorial/tutorial_03.rst index 3f1cd716e..30c8317e6 100644 --- a/docs/tutorial/tutorial_03.rst +++ b/docs/tutorial/tutorial_03.rst @@ -104,9 +104,9 @@ The key is setting a class attribute to override the default *permissions_classe ... permission_classes = [TokenHasReadWriteScope] -Note that this example overrides the Django default permission class setting. There are several other +Note that this example overrides the Django default permission class setting. There are several other ways this can be solved. Overriding the class function *get_permission_classes* is another way -to solve the problem. +to solve the problem. A detailed dive into the `Dango REST framework permissions is here. `_