* Fix API endpoint permission for the "AttachmentMixin" class - Any authenticated user could perform CREATE and UPDATE operations on attachments - Could be performed via the browsable DRF API - Could also be performed via the front-end (with some advaned jiggering of OPTIONS code) * Show or hide buttons depending on the permissions of the user * Add shortcut for table permission check |
||
|---|---|---|
| .. | ||
| fixtures | ||
| migrations | ||
| __init__.py | ||
| admin.py | ||
| api.py | ||
| apps.py | ||
| models.py | ||
| serializers.py | ||
| test_migrations.py | ||
| tests.py | ||