oauth2 ustawienia

2024-01-12 15:58:27 +01:00 · 2024-01-12 15:58:27 +01:00 · 54682acc66
commit 54682acc66
parent 4c57eecdbc
2 changed files with 14 additions and 5 deletions
--- a/izaac/settings.py
+++ b/izaac/settings.py
@ -48,6 +48,11 @@ REST_FRAMEWORK = {
    ],
 }

+OAUTH2_PROVIDER = {
+    # this is the list of available scopes
+    'SCOPES': {'read': 'Read scope', 'write': 'Write scope', 'groups': 'Access to your groups'}
+}
+
 # Application definition

 INSTALLED_APPS = [
--- a/jobposting/views.py
+++ b/jobposting/views.py
@ -4,6 +4,10 @@ from jobposting.models import JobListing, SkillLevels, CompanyLogo, Skill
 from core.models import MyUser, AnonymousUserData
 from rest_framework import status

+from oauth2_provider.contrib.rest_framework import TokenHasReadWriteScope
+
+
+
 from jobposting.serializers import (
    JobListingSerializer,
    SkillLevelsSerializer,
@ -13,13 +17,13 @@ from jobposting.serializers import (
 )

 class MyUserViewSet(viewsets.ModelViewSet):
-    permission_classes = [permissions.AllowAny] # test only
+    permission_classes = [permissions.IsAuthenticated, TokenHasReadWriteScope] # test only
    queryset = MyUser.objects.all()
    serializer_class = MyUserSerializer
    # permission_classes = [permissions.IsAuthenticated]

 class JobListingViewSet(viewsets.ModelViewSet):
-    permission_classes = [permissions.AllowAny] # test only
+    permission_classes = [permissions.IsAuthenticated, TokenHasReadWriteScope]# test only
    queryset = JobListing.objects.all()
    serializer_class = JobListingSerializer
    # permission_classes = [permissions.IsAuthenticatedOrReadOnly]
@ -43,7 +47,7 @@ class JobListingViewSet(viewsets.ModelViewSet):
            serializer.save(anonymous_user_data=anonymous_user_data)

 class SkillLevelsViewSet(viewsets.ModelViewSet):
-    permission_classes = [permissions.AllowAny] # test only
+    permission_classes = [permissions.IsAuthenticated, TokenHasReadWriteScope] # test only
    queryset = SkillLevels.objects.all()
    serializer_class = SkillLevelsSerializer
    # permission_classes = [permissions.IsAuthenticatedOrReadOnly]
@ -61,11 +65,11 @@ class SkillLevelsViewSet(viewsets.ModelViewSet):
            return super().create(request, *args, **kwargs)

 class CompanyLogoViewSet(viewsets.ModelViewSet):
-    permission_classes = [permissions.AllowAny]
+    permission_classes = [permissions.IsAuthenticated, TokenHasReadWriteScope]
    queryset = CompanyLogo.objects.all()
    serializer_class = CompanyLogoSerializer

 class SkillViewset(viewsets.ModelViewSet):
-    permission_classes = [permissions.AllowAny]
+    permission_classes = [permissions.IsAuthenticated, TokenHasReadWriteScope]
    queryset = Skill.objects.all()
    serializer_class = SkillSerializer