Commit Graph

12 Commits

Author SHA1 Message Date
Yohann D'ANELLO ea092803d7
Check permissions per request instead of per user
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-09-02 20:58:05 +02:00
Yohann D'ANELLO d5ecb72a71
Update copyright for 2021
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-06-14 21:45:56 +02:00
Yohann D'ANELLO 72cc1638e6 Authenticate correctly users that connect with an authorization token 2020-09-10 09:31:27 +02:00
Yohann D'ANELLO 6a0dc4cb10 Users can see every API page since querysets are filtered and modifications are protected 2020-09-09 22:27:07 +02:00
Yohann D'ANELLO 750bdcb2c5 Treasurers can of course click on buttons. Fix PATCH requests on the API 2020-07-29 12:25:53 +02:00
Yohann D'ANELLO be42801709 The memoization doesn't work when objects don't have a primary key. 2020-04-02 14:50:28 +02:00
Yohann D'ANELLO 9a7f1bba21 Fix CI (no idea of why this error happened) 2020-03-25 00:39:40 +01:00
Pierre-antoine Comby 41568916b8 error fixes 2020-03-24 22:28:03 +01:00
Pierre-antoine Comby 8ab142c122 no need to be static after all 2020-03-24 20:25:08 +01:00
Pierre-antoine Comby d4b8d35206 check permission with PermissionBackend.
taking connection permission mask into account.
2020-03-24 20:19:24 +01:00
Yohann D'ANELLO 24ea4c0a52 Comment code 2020-03-20 15:58:14 +01:00
Yohann D'ANELLO 057f42fdb6 Handle permissions (and it seems working!) 2020-03-18 14:42:35 +01:00