mirror of
https://github.com/inventree/InvenTree.git
synced 2025-04-29 12:06:44 +00:00
Enforce authentication for API access
This commit is contained in:
Oliver Walters
parent
16e1be61f5
commit
20ec36d3ea
@ -26,7 +26,7 @@ class BuildList(generics.ListCreateAPIView):
|
|||||||
serializer_class = BuildSerializer
|
serializer_class = BuildSerializer
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
@ -47,7 +47,7 @@ class BuildDetail(generics.RetrieveUpdateAPIView):
|
|||||||
serializer_class = BuildSerializer
|
serializer_class = BuildSerializer
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
@ -80,7 +80,7 @@ class BuildItemList(generics.ListCreateAPIView):
|
|||||||
return query
|
return query
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
|
|||||||
@ -32,7 +32,7 @@ class CompanyList(generics.ListCreateAPIView):
|
|||||||
serializer_class = CompanySerializer
|
serializer_class = CompanySerializer
|
||||||
queryset = Company.objects.all()
|
queryset = Company.objects.all()
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
@ -66,7 +66,7 @@ class CompanyDetail(generics.RetrieveUpdateDestroyAPIView):
|
|||||||
serializer_class = CompanySerializer
|
serializer_class = CompanySerializer
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
@ -102,7 +102,7 @@ class SupplierPartList(generics.ListCreateAPIView):
|
|||||||
serializer_class = SupplierPartSerializer
|
serializer_class = SupplierPartSerializer
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
@ -135,7 +135,7 @@ class SupplierPartDetail(generics.RetrieveUpdateDestroyAPIView):
|
|||||||
|
|
||||||
queryset = SupplierPart.objects.all()
|
queryset = SupplierPart.objects.all()
|
||||||
serializer_class = SupplierPartSerializer
|
serializer_class = SupplierPartSerializer
|
||||||
permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
|
permission_classes = (permissions.IsAuthenticated,)
|
||||||
|
|
||||||
read_only_fields = [
|
read_only_fields = [
|
||||||
]
|
]
|
||||||
@ -152,7 +152,7 @@ class SupplierPriceBreakList(generics.ListCreateAPIView):
|
|||||||
serializer_class = SupplierPriceBreakSerializer
|
serializer_class = SupplierPriceBreakSerializer
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
|
|||||||
@ -54,7 +54,7 @@ class CategoryList(generics.ListCreateAPIView):
|
|||||||
serializer_class = CategorySerializer
|
serializer_class = CategorySerializer
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
@ -91,7 +91,7 @@ class PartDetail(generics.RetrieveUpdateAPIView):
|
|||||||
serializer_class = PartSerializer
|
serializer_class = PartSerializer
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
@ -178,7 +178,7 @@ class PartList(generics.ListCreateAPIView):
|
|||||||
return parts_list
|
return parts_list
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
@ -243,7 +243,7 @@ class PartStarList(generics.ListCreateAPIView):
|
|||||||
return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
|
return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
@ -292,7 +292,7 @@ class BomList(generics.ListCreateAPIView):
|
|||||||
return queryset
|
return queryset
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
@ -314,7 +314,7 @@ class BomDetail(generics.RetrieveUpdateDestroyAPIView):
|
|||||||
serializer_class = BomItemSerializer
|
serializer_class = BomItemSerializer
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -57,7 +57,7 @@ class StockDetail(generics.RetrieveUpdateDestroyAPIView):
|
|||||||
|
|
||||||
queryset = StockItem.objects.all()
|
queryset = StockItem.objects.all()
|
||||||
serializer_class = StockItemSerializer
|
serializer_class = StockItemSerializer
|
||||||
permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
|
permission_classes = (permissions.IsAuthenticated,)
|
||||||
|
|
||||||
|
|
||||||
class StockFilter(FilterSet):
|
class StockFilter(FilterSet):
|
||||||
@ -83,7 +83,7 @@ class StockStocktake(APIView):
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
def post(self, request, *args, **kwargs):
|
def post(self, request, *args, **kwargs):
|
||||||
@ -153,7 +153,7 @@ class StockMove(APIView):
|
|||||||
""" API endpoint for performing stock movements """
|
""" API endpoint for performing stock movements """
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
def post(self, request, *args, **kwargs):
|
def post(self, request, *args, **kwargs):
|
||||||
@ -227,7 +227,7 @@ class StockLocationList(generics.ListCreateAPIView):
|
|||||||
serializer_class = LocationSerializer
|
serializer_class = LocationSerializer
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
@ -390,7 +390,7 @@ class StockList(generics.ListCreateAPIView):
|
|||||||
serializer_class = StockItemSerializer
|
serializer_class = StockItemSerializer
|
||||||
|
|
||||||
permission_classes = [
|
permission_classes = [
|
||||||
permissions.IsAuthenticatedOrReadOnly,
|
permissions.IsAuthenticated,
|
||||||
]
|
]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
@ -412,7 +412,7 @@ class StockStocktakeEndpoint(generics.UpdateAPIView):
|
|||||||
|
|
||||||
queryset = StockItem.objects.all()
|
queryset = StockItem.objects.all()
|
||||||
serializer_class = StockQuantitySerializer
|
serializer_class = StockQuantitySerializer
|
||||||
permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
|
permission_classes = (permissions.IsAuthenticated,)
|
||||||
|
|
||||||
def update(self, request, *args, **kwargs):
|
def update(self, request, *args, **kwargs):
|
||||||
object = self.get_object()
|
object = self.get_object()
|
||||||
@ -434,7 +434,7 @@ class StockTrackingList(generics.ListCreateAPIView):
|
|||||||
|
|
||||||
queryset = StockItemTracking.objects.all()
|
queryset = StockItemTracking.objects.all()
|
||||||
serializer_class = StockTrackingSerializer
|
serializer_class = StockTrackingSerializer
|
||||||
permission_classes = [permissions.IsAuthenticatedOrReadOnly]
|
permission_classes = [permissions.IsAuthenticated]
|
||||||
|
|
||||||
filter_backends = [
|
filter_backends = [
|
||||||
DjangoFilterBackend,
|
DjangoFilterBackend,
|
||||||
@ -469,7 +469,7 @@ class LocationDetail(generics.RetrieveUpdateDestroyAPIView):
|
|||||||
|
|
||||||
queryset = StockLocation.objects.all()
|
queryset = StockLocation.objects.all()
|
||||||
serializer_class = LocationSerializer
|
serializer_class = LocationSerializer
|
||||||
permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
|
permission_classes = (permissions.IsAuthenticated,)
|
||||||
|
|
||||||
|
|
||||||
stock_endpoints = [
|
stock_endpoints = [
|
||||||
|
|||||||
@ -12,7 +12,7 @@ class UserDetail(generics.RetrieveAPIView):
|
|||||||
|
|
||||||
queryset = User.objects.all()
|
queryset = User.objects.all()
|
||||||
serializer_class = UserSerializer
|
serializer_class = UserSerializer
|
||||||
permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
|
permission_classes = (permissions.IsAuthenticated,)
|
||||||
|
|
||||||
|
|
||||||
class UserList(generics.ListAPIView):
|
class UserList(generics.ListAPIView):
|
||||||
@ -20,7 +20,7 @@ class UserList(generics.ListAPIView):
|
|||||||
|
|
||||||
queryset = User.objects.all()
|
queryset = User.objects.all()
|
||||||
serializer_class = UserSerializer
|
serializer_class = UserSerializer
|
||||||
permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
|
permission_classes = (permissions.IsAuthenticated,)
|
||||||
|
|
||||||
|
|
||||||
class GetAuthToken(ObtainAuthToken):
|
class GetAuthToken(ObtainAuthToken):
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user