Adding browsable login in api would help in checking the permission level of each endpoint for each user visually.
---
patchew/urls.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/patchew/urls.py b/patchew/urls.py
index 08ace07..18cc95c 100644
--- a/patchew/urls.py
+++ b/patchew/urls.py
@@ -27,11 +27,13 @@ from django.conf.urls import include, url
from api.admin import admin_site
from django.conf.urls.static import static
from django.conf import settings
+from rest_framework.authtoken import views
urlpatterns = [
url(r'^admin/', admin_site.urls),
url(r'^api/', include('api.urls')),
url(r'^', include('www.urls')),
+ url(r'^/api/api-auth/', include('rest_framework.urls',namespace='rest_framework')),
] + static(settings.STATIC_URL,
document_root=settings.STATIC_ROOT) \
+ static(settings.MEDIA_URL,
--
2.14.3 (Apple Git-98)
_______________________________________________
Patchew-devel mailing list
Patchew-devel@redhat.com
https://www.redhat.com/mailman/listinfo/patchew-devel
On 14/05/2018 16:57, Shubham Jain wrote:
> Adding browsable login in api would help in checking the permission level of each endpoint for each user visually.
> ---
> patchew/urls.py | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/patchew/urls.py b/patchew/urls.py
> index 08ace07..18cc95c 100644
> --- a/patchew/urls.py
> +++ b/patchew/urls.py
> @@ -27,11 +27,13 @@ from django.conf.urls import include, url
> from api.admin import admin_site
> from django.conf.urls.static import static
> from django.conf import settings
> +from rest_framework.authtoken import views
>
> urlpatterns = [
> url(r'^admin/', admin_site.urls),
> url(r'^api/', include('api.urls')),
> url(r'^', include('www.urls')),
> + url(r'^/api/api-auth/', include('rest_framework.urls',namespace='rest_framework')),
> ] + static(settings.STATIC_URL,
> document_root=settings.STATIC_ROOT) \
> + static(settings.MEDIA_URL,
>
Does this view use token authentication?
My plan was to use OAuth, which has nice support for
permissions---scopes would be used just like groups in the current API,
but without the need to create a user for each service.
Paolo
_______________________________________________
Patchew-devel mailing list
Patchew-devel@redhat.com
https://www.redhat.com/mailman/listinfo/patchew-devel
OAuth was planned in second phase according to the proposal. I needed a
substitute to check for the permissions visually meanwhile. I can do this
on my local git tree then :)
On Mon, May 14, 2018 at 8:39 PM Paolo Bonzini <pbonzini@redhat.com> wrote:
> On 14/05/2018 16:57, Shubham Jain wrote:
> > Adding browsable login in api would help in checking the permission
> level of each endpoint for each user visually.
> > ---
> > patchew/urls.py | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/patchew/urls.py b/patchew/urls.py
> > index 08ace07..18cc95c 100644
> > --- a/patchew/urls.py
> > +++ b/patchew/urls.py
> > @@ -27,11 +27,13 @@ from django.conf.urls import include, url
> > from api.admin import admin_site
> > from django.conf.urls.static import static
> > from django.conf import settings
> > +from rest_framework.authtoken import views
> >
> > urlpatterns = [
> > url(r'^admin/', admin_site.urls),
> > url(r'^api/', include('api.urls')),
> > url(r'^', include('www.urls')),
> > + url(r'^/api/api-auth/',
> include('rest_framework.urls',namespace='rest_framework')),
> > ] + static(settings.STATIC_URL,
> > document_root=settings.STATIC_ROOT) \
> > + static(settings.MEDIA_URL,
> >
>
> Does this view use token authentication?
>
> My plan was to use OAuth, which has nice support for
> permissions---scopes would be used just like groups in the current API,
> but without the need to create a user for each service.
>
> Paolo
>
_______________________________________________
Patchew-devel mailing list
Patchew-devel@redhat.com
https://www.redhat.com/mailman/listinfo/patchew-devel
© 2016 - 2024 Red Hat, Inc.