from rest_framework import authentication, permissions from rest_framework.response import Response from rest_framework.views import APIView from ishtar_common.models import ApiSearchModel class IpModelPermission(permissions.BasePermission): def has_permission(self, request, view): if not request.user or not getattr(request.user, "apiuser", None): return False ip_addr = request.META['REMOTE_ADDR'] q = ApiSearchModel.objects.filter( user=request.user.apiuser, user__ip=ip_addr, content_type__app_label=view.model._meta.app_label, content_type__model=view.model._meta.model_name) return bool(q.count()) class SearchAPIView(APIView): model = None authentication_classes = (authentication.TokenAuthentication,) permission_classes = (permissions.IsAuthenticated, IpModelPermission) def __init__(self, **kwargs): assert self.model is not None super(SearchAPIView, self).__init__(**kwargs) def get(self, request, format=None): return Response({})