Почему я не могу проверить условие в классе разрешений?
class ViewUserLeaveRequest(BasePermission):
def has_permission(self, request, view):
id = view.kwargs['id']
user = User.objects.get(id = request.user.id)
print('this is user ', user)
print(id)
print(user.id)
group = list(user.groups.all())
permison = group[0].permissions.all()
if permison.get(name='can view leave request') or user.id == id:
return True
else :
return False
Все в порядке. Я получаю идентификатор от kwargs и хочу вернуть True, если в группе пользователей есть can view leave request или если идентификатор запрашиваемого пользователя равен идентификатору в kwargs.
путь трассировки:
Quit the server with CONTROL-C.
this is user rabin Rabin
26
26
Internal Server Error: /attend/v1/leaveRequestList/26/
Traceback (most recent call last):
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/core/handlers/exception.py", line 35, in inner
response = get_response(request)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/core/handlers/base.py", line 128, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/core/handlers/base.py", line 126, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/lib/python3.6/contextlib.py", line 52, in inner
return func(*args, **kwds)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
return view_func(*args, **kwargs)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/views/generic/base.py", line 69, in view
return self.dispatch(request, *args, **kwargs)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/rest_framework/views.py", line 495, in dispatch
response = self.handle_exception(exc)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/rest_framework/views.py", line 455, in handle_exception
self.raise_uncaught_exception(exc)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/rest_framework/views.py", line 483, in dispatch
self.initial(request, *args, **kwargs)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/rest_framework/views.py", line 401, in initial
self.check_permissions(request)
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/rest_framework/views.py", line 334, in check_permissions
if not permission.has_permission(request, self):
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/attendanceregistersystem/attendance/permissions.py", line 77, in has_permission
if permison.get(name='can view leave request') or user.id == id:
File "/home/bishwa/attendanceRegisterSystem/attendanceregistersystem/.venv/lib/python3.6/site-packages/django/db/models/query.py", line 403, in get
self.model._meta.object_name
django.contrib.auth.models.DoesNotExist: Permission matching query does not exist.
[21/Jan/2019 17:41:35] "GET /attend/v1/leaveRequestList/26/ HTTP/1.1" 500 129370
Редактировать:
try:
if permison.get(name='can view leave request') or user.id == id:
return True
except :
return False
Я сделал это, но это дает мне "detail": "You do not have permission to perform this action."
Если я сделаю следующее, я получу ту же ошибку, так как user.id == id равен True в этом случае 26 оба
try:
if user.id == id:
return True
except :
return False
Редактировать:
try:
permison.get(name='can view leave request') or user.id == id
return True
except :
return False