Book Image

Building RESTful Python Web Services

By : Gaston C. Hillar
Book Image

Building RESTful Python Web Services

By: Gaston C. Hillar

Overview of this book

Python is the language of choice for millions of developers worldwide, due to its gentle learning curve as well as its vast applications in day-to-day programming. It serves the purpose of building great web services in the RESTful architecture. This book will show you the best tools you can use to build your own web services. Learn how to develop RESTful APIs using the popular Python frameworks and all the necessary stacks with Python, Django, Flask, and Tornado, combined with related libraries and tools. We will dive deep into each of these frameworks to build various web services, and will provide use cases and best practices on when to use a particular framework to get the best results. We will show you everything required to successfully develop RESTful APIs with the four frameworks such as request handling, URL mapping, serialization, validation, authentication, authorization, versioning, ORMs, databases, custom code for models and views, and asynchronous callbacks. At the end of each framework, we will add authentication and security to the RESTful APIs and prepare tests for it. By the end of the book, you will have a deep understanding of the stacks needed to build RESTful web services.
Table of Contents (18 chapters)
Building RESTful Python Web Services
Credits
About the Author
Acknowledgments
About the Reviewer
www.PacktPub.com
Preface

Creating a customized permission class for object-level permissions


Create a new Python file named permissions.py within the games folder and enter the following code that, declares the new IsOwnerOrReadOnly class. The code file for the sample is included in the restful_python_chapter_03_04 folder:

from rest_framework import permissions 
 
 
class IsOwnerOrReadOnly(permissions.BasePermission): 
    def has_object_permission(self, request, view, obj): 
        if request.method in permissions.SAFE_METHODS: 
            return True 
        else: 
            return obj.owner == request.user 

The rest_framework.permissions.BasePermission class is the base class from which all permission classes should inherit. The previous lines declare the IsOwnerOrReadOnly class as a subclass of the BasePermission class and overrides the has_object_permission method defined in the superclass that returns a bool value indicating whether the permission should be granted or not. If the HTTP verb specified in...