i'm going to do authorization a ForeignKey on tastypie's ModelResource. i have bottom resource , if user has not permission for customer, "RepairRequestResource" should return a json with empty object for customer ForeignKey. what is the best approach?
class RepairRequestResource(ModelResource):
customer = fields.ForeignKey(CustomerResource, 'customer', full=True)
class Meta:
queryset = RepairRequest.objects.all()
resource_name = 'repair_request'
authorization = DjangoAuthorization()
authentication = MultiAuthentication(BasicAuthentication(), SessionAuthentication())
always_return_data = True
paginator_class = Paginator
list_allowed_methods = ['get', 'post', 'put', 'delete']
filtering = {
"registerDate": ['gte', 'lte'],
"deliveredDate": ['gte', 'lte'],
"customer": ALL_WITH_RELATIONS,
"id": ALL,
"query": ALL,
}
i set custom authorization of "CustomAuthorization" on bottom foreignkey but "CustomAuthorization" will not working on the "RepairRequestResource":
class CustomerResource(ModelResource):
class Meta:
queryset = Customer.objects.all()
resource_name = 'customer'
authorization = CustomAuthorization()
authentication = MultiAuthentication(BasicAuthentication(), SessionAuthentication())
always_return_data = True
list_allowed_methods = ['get', 'post', 'put', 'delete']
filtering = {
"name": ALL,
"id": ALL,
"family": ALL,
"gender": ALL,
"cellPhone": ALL,
"phone": ALL,
"company": ALL,
"address": ALL,
"email": ALL,
}