2 years ago · 203e09816e
--- a/.gitignore
+++ b/.gitignore
@@ -55,7 +55,8 @@ coverage.xml
 
				 /elo_api/db.sqlite3
			
 
				 # Sphinx documentation
			
 
				 docs/_build/
			
 
				-
			
 
				+db.sqlite3
			
 
				+*.sqlite3
			
 
				 # PyBuilder
			
 
				 target/
			
 
				 
			
--- a/elo_api/api_src/models.py
+++ b/elo_api/api_src/models.py
@@ -5,6 +5,7 @@ from django.contrib.auth.models import User, Permission
 
				 from django.contrib import contenttypes
			
 
				 from django.contrib.auth.backends import ModelBackend
			
 
				 
			
 
				+from .utils import parse_request_method_name
			
 
				 
			
 
				 class APIKey(AbstractAPIKey):
			
 
				         permission = models.ManyToManyField(Permission, related_name="api_keys")
			
@@ -33,6 +34,6 @@ class APIKey(AbstractAPIKey):
 
				             '''
			
 
				             permissions = self.get_all_permissions()
			
 
				             for i in permissions:
			
 
				-                if model == i.content_type.model and request_method in i.codename:
			
 
				+                if model == i.content_type.model and parse_request_method_name(request_method) in i.codename:
			
 
				                     return True
			
 
				             return False
			
--- a/elo_api/api_src/utils.py
+++ b/elo_api/api_src/utils.py
@@ -1,10 +1,10 @@
 
				 
			
 
				 def parse_request_method_name(method):
			
 
				-    if method in ["POST", "post"]:
			
 
				+    if method in ["POST", "post", "Post", "add", "ADD", "Add"]:
			
 
				         return "add"
			
 
				-    if method in ["GET", "get"]:
			
 
				+    if method in ["GET", "get", "Get", "view", "VIEW", "View"]:
			
 
				         return "view"
			
 
				-    if method in ["PUT", "put"]:
			
 
				+    if method in ["PUT", "put", "Put", "change", "CHANGE", "Change"]:
			
 
				         return "change"
			
 
				-    if method in ["DELETE", "delete"]:
			
 
				+    if method in ["DELETE", "delete", "Delete"]:
			
 
				         return "delete"
			
--- a/elo_api/api_src/views.py
+++ b/elo_api/api_src/views.py
@@ -38,11 +38,8 @@ class SnippetUSER(APIView):
 
				         serializer = UserSerializer(snippets, many=True, context={'request': request})
			
 
				         try:
			
 
				             header_key = request.META["HTTP_X_API_KEY"]
			
 
				+            db_key = APIKey.objects.get_from_key(header_key)
			
 
				+            print(db_key.has_permission_method("user", "get"))
			
 
				         except:
			
 
				             header_key = request.META["HTTP_X_CSRFTOKEN"]
			
 
				-        db_key = APIKey.objects.get_from_key(header_key)
			
 
				-        #print(db_key.permission.all())
			
 
				-        print(db_key.has_permission("user"))
			
 
				-        print(db_key.has_permission_method("user", "add"))
			
 
				-        #print(header_key.permission)
			
 
				         return Response(serializer.data)
			
--- a/elo_api/db.sqlite3
+++ b/elo_api/db.sqlite3