Coverage for apis/permissions.py: 85.71%

10 statements  

« prev     ^ index     » next       coverage.py v7.9.1, created at 2025-06-14 19:27 -0700

1from rest_framework import permissions 1a

2 

3 

4class IsAuthorOrReadOnly(permissions.BasePermission): 1a

5 def has_permission(self, request, view): 1a

6 # Authenticated users only can see list view 

7 if request.user.is_authenticated: 1bcd

8 return True 1bc

9 return False 1d

10 

11 def has_object_permission(self, request, view, obj): 1a

12 # Read permissions are allowed to any request so we'll always 

13 # allow GET, HEAD, or OPTIONS requests 

14 if request.method in permissions.SAFE_METHODS: 14 ↛ 18line 14 didn't jump to line 18 because the condition on line 14 was always true1b

15 return True 1b

16 

17 # Write permissions are only allowed to the author of a post 

18 return obj.author == request.user