Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
IsAdminOrReadOnly is a custom Django Rest Framework permission class that allows Admin users to POST and anonymous to GET
from rest_framework.permissions import BasePermission, SAFE_METHODS
class IsAdminOrReadOnly(BasePermission):
def has_permission(self, request, view):
if request.method in SAFE_METHODS:
return True
return request.user.is_staff
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment