Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

Python Django REST Framework Security and Customization Set Permissions

Posted by Christopher Gomez
Christopher Gomez
Courses Plus Student 13,800 Points

Bummer: Oh no! I couldn't add a game even though the user was authorized!; Oh no! I created a game with a non-authorized

Need help not sure what I am doing wrong! I keep watching the video and rereading the doc's and still can't figure it out

scorekeeper/views.py 
from rest_framework import generics
from rest_framework import mixins
from rest_framework import permissions
from rest_framework import viewsets
from rest_framework.response import Response
from rest_framework.views import APIView

from . import models
from . import serializers


class GameListCreate(generics.ListCreateAPIView):
    queryset = models.Game.objects.all()
    serializer_class = serializers.GameSerializer


class GameScoresList(generics.ListAPIView):
    queryset = models.Score.objects.all()
    serializer_class = serializers.ScoreSerializer

    def get_queryset(self):
        return self.queryset.filter(
            game_id=self.kwargs.get('game_pk')
        )


class PlayerViewSet(viewsets.ModelViewSet):
    queryset = models.Player.objects.all()
    serializer_class = serializers.PlayerSerializer

class UserAccessPermission(permissions.BasePermission):
    def has_permission(self, request, view, ):
        if request.method == 'DELETE' and request.user.User _ Access:
            return True
        return False

class GameViewSet(mixins.CreateModelMixin,
                  mixins.ListModelMixin,
                  mixins.RetrieveModelMixin,
                  viewsets.GenericViewSet):
    permissions_classes = (UserAccessPermission, permissions.DjangoModelPermissions,)
    queryset = models.Game.objects.all()
    serializer_class = serializers.GameSerializer


class ScoreViewSet(viewsets.ModelViewSet):
    queryset = models.Score.objects.all()
    serializer_class = serializers.ScoreSerializer
Christopher Gomez
Christopher Gomez
Courses Plus Student 13,800 Points

Chris Freeman

2 Answers

SINDISO BRIGHT MAPETESE
SINDISO BRIGHT MAPETESE
12,985 Points
SINDISO BRIGHT MAPETESE
SINDISO BRIGHT MAPETESE
12,985 Points

remove the 's' on your permissions_classes to permission_classes

permission_classes = (permissions.DjangoModelPermissions,)
Christopher Gunawan
Christopher Gunawan
10,754 Points
Christopher Gunawan
Christopher Gunawan
10,754 Points

I'm having an issue with this too. Any help?