Django Swagger not showing urls without permission Class

Question

Django Swagger not showing urls without permission Class

3.7k Views Asked by Muhammad Hassan At 21 October 2024 at 03:35

I am setting up Django-rest-swagger for my project. I have following settings for Django-restframework.

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
    ),
    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.IsAuthenticated',
    ),
}

Now, when I have View with some permission class like this

class CreateUserView(viewsets.ModelViewSet):
    serializer_class = UserServiceSerializer
    authentication_classes = []
    permission_classes = []

class UserProfileView(viewsets.ModelViewSet):

    serializer_class = UserProfileSerializer
    serializer_class_2 = UserServiceSerializer

I see following view

But when add permission_classes in both view like this

class CreateUserView(viewsets.ModelViewSet):
    serializer_class = UserServiceSerializer
    authentication_classes = []
    permission_classes = []

class UserProfileView(viewsets.ModelViewSet):

    serializer_class = UserProfileSerializer
    serializer_class_2 = UserServiceSerializer
    permission_classes = []

I see view like this

I do not want to add permission class in every view as I have same class for all my view and I have mentioned that in my rest-framework setting. How can I do that?

Original Q&A

There are 2 best solutions below

**Anton Shurashov** · Answer 1

When you set permission_classes as [] you empty default permission classes for this view.

Of corse, you can set this behavior by default for all views:

REST_FRAMEWORK = {
    # ...
    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.AllowAny',
    ),
}

But be careful, in that case any unauthorized user can create records in your database.

If you don't want it, but want to see all actions - just click the Authorize button in Swagger and enter your token or login and password (depends on SECURITY_DEFINITIONS setting).

**Ankush Sahu** · Answer 2

seems like you have applied default permission classes to make APIs non public so one way to overcome this is to apply "AllowAny" as default permission class but this way all your APIs will be public, so another solution you can try is put swagger setting in you settings.py

SWAGGER_SETTINGS = {

'SECURITY_DEFINITIONS': {
'api_key': {
    'type': 'apiKey',
    'in': 'header',
    'name': 'Authorization'
}
},

this will ask for token in browser while using that API.

Django Swagger not showing urls without permission Class

There are 2 best solutions below

Related Questions in PYTHON

Related Questions in DJANGO

Related Questions in DJANGO-SWAGGER

Trending Questions

Popular # Hahtags

Popular Questions