phzhik/kwork-poizonstore
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* DISABLE_PERMISSIONS in settings

Browse Source
This commit is contained in:
Phil Zhitnikov 2023-07-07 02:07:41 +04:00
parent 82bdd2a9ee
commit 31412f25f0
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
poizonstore/settings.py
View File

@ -27,6 +27,7 @@ CDEK_CLIENT_SECRET = '***REMOVED***'
# SECURITY WARNING: don't run with debug turned on in production! # SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True DEBUG = True
DISABLE_PERMISSIONS = True
ALLOWED_HOSTS = ["crm-poizonstore.ru", "127.0.0.1", "localhost", "45.84.227.72"] ALLOWED_HOSTS = ["crm-poizonstore.ru", "127.0.0.1", "localhost", "45.84.227.72"]
@ -135,6 +136,9 @@ REST_FRAMEWORK = {
# or allow read-only access for unauthenticated users. # or allow read-only access for unauthenticated users.
'DEFAULT_PERMISSION_CLASSES': [ 'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated' 'rest_framework.permissions.IsAuthenticated'
if DISABLE_PERMISSIONS
else
'rest_framework.permissions.AllowAny'
], ],
'DEFAULT_AUTHENTICATION_CLASSES': ( 'DEFAULT_AUTHENTICATION_CLASSES': (

4
store/views.py
View File

@ -58,7 +58,7 @@ class LoginAPI(generics.GenericAPIView):
class ChecklistAPI(mixins.ListModelMixin, mixins.CreateModelMixin, mixins.RetrieveModelMixin, generics.GenericAPIView): class ChecklistAPI(mixins.ListModelMixin, mixins.CreateModelMixin, mixins.RetrieveModelMixin, generics.GenericAPIView):
serializer_class = ChecklistSerializer serializer_class = ChecklistSerializer
permission_classes = [IsAuthenticated | ReadOnly] permission_classes = [IsAuthenticated | ReadOnly] if not settings.DISABLE_PERMISSIONS else [permissions.AllowAny]
lookup_field = 'id' lookup_field = 'id'
filterset_fields = ['status', ] filterset_fields = ['status', ]
search_fields = ['id', 'track_id', 'buyer_phone', 'full_price'] search_fields = ['id', 'track_id', 'buyer_phone', 'full_price']
@ -164,7 +164,7 @@ class PricesAPI(generics.GenericAPIView):
class PickupAPI(generics.GenericAPIView): class PickupAPI(generics.GenericAPIView):
serializer_class = GlobalSettingsPickupSerializer serializer_class = GlobalSettingsPickupSerializer
permission_classes = [IsAuthenticated | ReadOnly] permission_classes = [IsAuthenticated | ReadOnly] if not settings.DISABLE_PERMISSIONS else [permissions.AllowAny]
def get_object(self): def get_object(self):
return GlobalSettings.load() return GlobalSettings.load()