how to check permission & do authorization a ForeignKey on tastypie

124 views Asked by At

i'm going to do authorization a ForeignKey on tastypie's ModelResource. i have bottom resource , if user has not permission for customer, "RepairRequestResource" should return a json with empty object for customer ForeignKey. what is the best approach?

class RepairRequestResource(ModelResource):
    customer = fields.ForeignKey(CustomerResource, 'customer', full=True)
    class Meta:
        queryset = RepairRequest.objects.all()
        resource_name = 'repair_request'
        authorization = DjangoAuthorization()
        authentication = MultiAuthentication(BasicAuthentication(), SessionAuthentication())
        always_return_data = True
        paginator_class = Paginator
        list_allowed_methods = ['get', 'post', 'put', 'delete']
        filtering = {
            "registerDate": ['gte', 'lte'],
            "deliveredDate": ['gte', 'lte'],
            "customer": ALL_WITH_RELATIONS,
            "id": ALL,
            "query": ALL,
        }

i set custom authorization of "CustomAuthorization" on bottom foreignkey but "CustomAuthorization" will not working on the "RepairRequestResource":

class CustomerResource(ModelResource):
    class Meta:
        queryset = Customer.objects.all()
        resource_name = 'customer'
        authorization = CustomAuthorization()
        authentication = MultiAuthentication(BasicAuthentication(), SessionAuthentication())
        always_return_data = True
        list_allowed_methods = ['get', 'post', 'put', 'delete']
        filtering = {
            "name": ALL,
            "id": ALL,
            "family": ALL,
            "gender": ALL,
            "cellPhone": ALL,
            "phone": ALL,
            "company": ALL,
            "address": ALL,
            "email": ALL,
        }
0

There are 0 answers