2 years ago · 203e09816e
--- a/.gitignore
+++ b/.gitignore
@@ -55,7 +55,8 @@ coverage.xml
 
																 /elo_api/db.sqlite3
															
 
																 # Sphinx documentation
															
 
																 docs/_build/
															
 
																-
															
 
																+db.sqlite3
															
 
																+*.sqlite3
															
 
																 # PyBuilder
															
 
																 target/
															
--- a/elo_api/api_src/models.py
+++ b/elo_api/api_src/models.py
@@ -5,6 +5,7 @@ from django.contrib.auth.models import User, Permission
 
																 from django.contrib import contenttypes
															
 
																 from django.contrib.auth.backends import ModelBackend
															
 
																+from .utils import parse_request_method_name
															
 
																 class APIKey(AbstractAPIKey):
															
 
																         permission = models.ManyToManyField(Permission, related_name="api_keys")
															
@@ -33,6 +34,6 @@ class APIKey(AbstractAPIKey):
 
																             '''
															
 
																             permissions = self.get_all_permissions()
															
 
																             for i in permissions:
															
 
																-                if model == i.content_type.model and request_method in i.codename:
															
 
																+                if model == i.content_type.model and parse_request_method_name(request_method) in i.codename:
															
 
																                     return True
															
 
																             return False
															
--- a/elo_api/api_src/utils.py
+++ b/elo_api/api_src/utils.py
@@ -1,10 +1,10 @@
 
																 def parse_request_method_name(method):
															
 
																-    if method in ["POST", "post"]:
															
 
																+    if method in ["POST", "post", "Post", "add", "ADD", "Add"]:
															
 
																         return "add"
															
 
																-    if method in ["GET", "get"]:
															
 
																+    if method in ["GET", "get", "Get", "view", "VIEW", "View"]:
															
 
																         return "view"
															
 
																-    if method in ["PUT", "put"]:
															
 
																+    if method in ["PUT", "put", "Put", "change", "CHANGE", "Change"]:
															
 
																         return "change"
															
 
																-    if method in ["DELETE", "delete"]:
															
 
																+    if method in ["DELETE", "delete", "Delete"]:
															
 
																         return "delete"
															
--- a/elo_api/api_src/views.py
+++ b/elo_api/api_src/views.py
@@ -38,11 +38,8 @@ class SnippetUSER(APIView):
 
																         serializer = UserSerializer(snippets, many=True, context={'request': request})
															
 
																         try:
															
 
																             header_key = request.META["HTTP_X_API_KEY"]
															
 
																+            db_key = APIKey.objects.get_from_key(header_key)
															
 
																+            print(db_key.has_permission_method("user", "get"))
															
 
																         except:
															
 
																             header_key = request.META["HTTP_X_CSRFTOKEN"]
															
 
																-        db_key = APIKey.objects.get_from_key(header_key)
															
 
																-        #print(db_key.permission.all())
															
 
																-        print(db_key.has_permission("user"))
															
 
																-        print(db_key.has_permission_method("user", "add"))
															
 
																-        #print(header_key.permission)
															
 
																         return Response(serializer.data)
															
--- a/elo_api/db.sqlite3
+++ b/elo_api/db.sqlite3