DRF之权限

1.基于BasePermission自定义权限

1.1    基于from rest_framework.permissions import BasePermission 实现权限

class App01Permission(BasePermission):

    def has_permission(self, request, view):
        '''
        :param request:
        :param view:
        :return:
        由于已经过了认证组件，request.user已经有值了。
        '''
        # print('认证模块')
        # print(self)
        # print(request)
        # print(view)
        user=request.user
        # print(user.get_usertype_display())
        if user.usertype==1:
            return True
        else:
            raise PermissionDenied(detail='权限不足，滚回去',code=222)

 1.2 使用自带的权限类

from rest_framework.permissions import IsAdminUser,IsAuthenticated,AllowAny
class BOOKS2(GenericAPIView,ListModelMixin):

    queryset = models.Books.objects.all()
    serializer_class = SERList.BookModelSerializer

    pagination_class = PageNumList3
    permission_classes = [IsAuthenticated,IsAdminUser,AllowAny]
    def get(self,request,*args,**kwargs):
        self.queryset=self.queryset.filter(id__gt=2)
        res=self.list(request, *args, **kwargs)
        # return Response(res)
        print(request.user,request.session)
        return res

 TIPS: 自定义认证要与自定义权限一起使用，如果用系统默认的权限，就得用系统默认的认证。auth系统