Skip to content

HTTP Methods

Jump to bottom
Thomas Pollet edited this page Jul 15, 2020 · 3 revisions

Allowed HTTP Methods

You can limit the http methods that are allowd by declaring the http_methods class attribute:

class Person(BaseModel):
    http_methods = ["get"]

Method Customization

It is possible to customize the PATCH and POST methods of an instance by overriding the SAFRSBase _s_patch and _s_post methods. For example:

    def _s_patch(self, *args, **kwargs):
        """
            Verify access when updating a user
        """
        print(kwargs)
        if g.user is self or g.user.role == "admin":
            return SAFRSBase._s_patch(self, *args, **kwargs)
        raise AuthorizationError("Not allowed")

The kwargs dictionary will contain the jsonapi data.attributes.

Clone this wiki locally