I've got an endpoint built with Django Rest Framework, to which I now want to add permissions so that only users belonging to a certain group can access an endpoint. So I'm using token based access and inspired by this example I'm trying to use the following code:
class ReadPermission(BasePermission):
def has_permission(self, request, view):
return request.user.groups.filter(name=settings.GROUP_POST_DATA).exists()
class MyEndpoint(mixins.ListModelMixin, viewsets.GenericViewSet):
permission_classes = [IsAuthenticated, ReadPermission]
http_method_names = ['get']
# etc
But unfortunately I get anAttributeError: 'User' object has no attribute 'groups'
Why doesn't the user object have groups?
from Why doesn't my request.user have groups in Django?
No comments:
Post a Comment