|
ea092803d7
|
Check permissions per request instead of per user
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-09-02 20:58:05 +02:00 |
|
|
d5ecb72a71
|
Update copyright for 2021
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
|
2021-06-14 21:45:56 +02:00 |
|
Yohann D'ANELLO
|
72cc1638e6
|
Authenticate correctly users that connect with an authorization token
|
2020-09-10 09:31:27 +02:00 |
|
Yohann D'ANELLO
|
6a0dc4cb10
|
Users can see every API page since querysets are filtered and modifications are protected
|
2020-09-09 22:27:07 +02:00 |
|
Yohann D'ANELLO
|
750bdcb2c5
|
Treasurers can of course click on buttons. Fix PATCH requests on the API
|
2020-07-29 12:25:53 +02:00 |
|
Yohann D'ANELLO
|
be42801709
|
The memoization doesn't work when objects don't have a primary key.
|
2020-04-02 14:50:28 +02:00 |
|
Yohann D'ANELLO
|
9a7f1bba21
|
Fix CI (no idea of why this error happened)
|
2020-03-25 00:39:40 +01:00 |
|
Pierre-antoine Comby
|
41568916b8
|
error fixes
|
2020-03-24 22:28:03 +01:00 |
|
Pierre-antoine Comby
|
8ab142c122
|
no need to be static after all
|
2020-03-24 20:25:08 +01:00 |
|
Pierre-antoine Comby
|
d4b8d35206
|
check permission with PermissionBackend.
taking connection permission mask into account.
|
2020-03-24 20:19:24 +01:00 |
|
Yohann D'ANELLO
|
24ea4c0a52
|
Comment code
|
2020-03-20 15:58:14 +01:00 |
|
Yohann D'ANELLO
|
057f42fdb6
|
Handle permissions (and it seems working!)
|
2020-03-18 14:42:35 +01:00 |
|