Welcome to the Treehouse Community

The Treehouse Community is a meeting place for developers, designers, and programmers of all backgrounds and skill levels to get support. Collaborate here on code errors or bugs that you need feedback on, or asking for an extra set of eyes on your latest project. Join thousands of Treehouse students and alumni in the community today. (Note: Only Treehouse students can comment or ask questions, but non-students are welcome to browse our conversations.)

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and a supportive community. Start your free trial today.

Python Django REST Framework Security and Customization Set Permissions

Bummer: Oh no! I couldn't add a game even though the user was authorized!; Oh no! I created a game with a non-authorized

Need help not sure what I am doing wrong! I keep watching the video and rereading the doc's and still can't figure it out

scorekeeper/views.py
from rest_framework import generics
from rest_framework import mixins
from rest_framework import permissions
from rest_framework import viewsets
from rest_framework.response import Response
from rest_framework.views import APIView

from . import models
from . import serializers


class GameListCreate(generics.ListCreateAPIView):
    queryset = models.Game.objects.all()
    serializer_class = serializers.GameSerializer


class GameScoresList(generics.ListAPIView):
    queryset = models.Score.objects.all()
    serializer_class = serializers.ScoreSerializer

    def get_queryset(self):
        return self.queryset.filter(
            game_id=self.kwargs.get('game_pk')
        )


class PlayerViewSet(viewsets.ModelViewSet):
    queryset = models.Player.objects.all()
    serializer_class = serializers.PlayerSerializer

class UserAccessPermission(permissions.BasePermission):
    def has_permission(self, request, view, ):
        if request.method == 'DELETE' and request.user.User _ Access:
            return True
        return False

class GameViewSet(mixins.CreateModelMixin,
                  mixins.ListModelMixin,
                  mixins.RetrieveModelMixin,
                  viewsets.GenericViewSet):
    permissions_classes = (UserAccessPermission, permissions.DjangoModelPermissions,)
    queryset = models.Game.objects.all()
    serializer_class = serializers.GameSerializer


class ScoreViewSet(viewsets.ModelViewSet):
    queryset = models.Score.objects.all()
    serializer_class = serializers.ScoreSerializer

2 Answers

remove the 's' on your permissions_classes to permission_classes

permission_classes = (permissions.DjangoModelPermissions,)
Christopher Gunawan
Christopher Gunawan
10,754 Points

I'm having an issue with this too. Any help?