search

wlanslovenija / django-tastypie-mongoengine

MongoEngine support for django-tastypie.
Other
73 stars 59 forks source link

DjangoAuthorization does not work! #89

Open nim4n opened 9 years ago

nim4n commented 9 years ago

I have some problem in using DjangoAuthorization , when I use this in my resource I get this error:

{"error_message": "'QuerySet' object has no attribute 'model'", "traceback": "Traceback (most recent call last):\n\n File \"/usr/local/lib/python2.7/dist-packages/tastypie/resources.py\", line 201, in wrapper\n response = callback(request, _args, _kwargs)\n\n File \"/usr/local/lib/python2.7/dist-packages/tastypie/resources.py\", line 432, in dispatch_list\n return self.dispatch('list', request, _kwargs)\n\n File \"/usr/local/lib/python2.7/dist- packages/tastypie_mongoengine/resources.py\", line 374, in dispatch\n return super(MongoEngineResource, self).dispatch(request_type, request, _kwargs)\n\n File \"/usr/local/lib/python2.7/dist-packages/tastypie/resources.py\", line 464, in dispatch\n response = method(request, _kwargs)\n\n File \"/usr/local/lib/python2.7/dist-packages/tastypie/resources.py\", line 1286, in get_list\n objects = self.obj_get_list(bundle=base_bundle, *_self.remove_api_resource_names(kwargs))\n\n File \"/usr/local/lib/python2.7/dist-packages/tastypie/resources.py\", line 2068, in obj_get_list\n return self.authorized_read_list(objects, bundle)\n\n File \"/usr/local/lib/python2.7/dist-packages/tastypie/resources.py\", line 583, in authorized_read_list\n auth_result = self._meta.authorization.read_list(object_list, bundle)\n\n File \"/usr/local/lib/python2.7/dist- packages/tastypie/authorization.py\", line 152, in read_list\n klass = self.base_checks(bundle.request, object_list.model)\n\nAttributeError: 'QuerySet' object has no attribute 'model'\n"}

but without using this It works fine, am I missed some thing? my resource is: ''' class MainUserResource(resources.MongoEngineResource): enduser = fields.ToOneField('interface.api.EndUserResource', 'enduser', full=False, null=True, blank=True)

    class Meta:
        queryset = User.objects.all()
        allowed_methods = ['get', 'post', 'put', 'delete']
        resource_name = 'main_user'
        fields = ['username', 'first_name', 'last_name', 'email']
        authorization = DjangoAuthorization()
        authentication = MultiAuthentication(BasicAuthentication(), SessionAuthentication())
        always_return_data = True
        list_allowed_methods = ['get', 'post', 'put', 'delete']
        filtering = {
            "username": ALL,
            "id": ALL,
            "enduser": ALL,
        }
arjanvaneersel commented 9 years ago

I had the same problem and noticed that all examples I found on the net and here use authorization = Authorization() and not DjangoAuthorization().

Considering the error I got the idea that DjangoAuthorization relies on the Django ORM, which -of course- wasn't made for MongoDB use.

So I'm affraid that the only way is to write your own authorization. More info about that is here: http://django-tastypie.readthedocs.org/en/latest/authorization.html#implementing-your-own-authorization

At least for me this worked, but perhaps someone else has a better solution, as I'm also still a beginner regarding tastypie for mongoengine.

nim4n commented 9 years ago

yes you must write your own authorization but another problem is default django permission in mongoengin does not work properly, I found the problem and solved It, you can see It in this link: https://github.com/MongoEngine/mongoengine/issues/898