Open barseghyanartur opened 8 years ago
I think it is very specific case and this logic should be implemented at application level.
@caxap:
That's what we did. Still very useful. If you're not interested, feel free to close this. I have no objections.
DRF has a built-in way of providing custom error messages. However, these error messages are currently ignored by 'rest_condition' classes.
In DRF, you can specify a message class level attribute that then gets used as the error message if the permission check fails.
http://www.django-rest-framework.org/api-guide/permissions/#custom-permissions
from rest_framework import permissions
class CustomerAccessPermission(permissions.BasePermission): message = 'Adding customers not allowed.'
def has_permission(self, request, view):
...
It seems evaluate_permissions(....) in permissions.py could be enhanced to read the message attribute from the condition instance and set its own message attribute to that.
e.g. permissions.py : evaluate_permissions(....)
...
if reduced_result is not _NONE:
# read the error message from the custom permissions class and set it here so DRF
# can pick it up.
if hasattr(condition.__class__, 'message'):
Condition.message = condition.__class__.message
return not reduced_result if self.negated else reduced_result
Add a custom Boolean type in order to be able to provide custom descriptive message along the error status.
In that case, the following would be possible.
It would also work with
GenericViewSet
orViewSet
: