You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What sort of permissions should there be for the browsable API?
Is there a use case for a user to only have view access? Even if that is not the case now, that could be the case in the future? If so, is there information that not all users should see (contact info, member names, etc)?
An admin user should have view and admin (edit/create/delete) permissions. But should not have access to edit/view other users/groups.
What sort of permissions should there be for the browsable API?
Docs:
https://www.django-rest-framework.org/tutorial/4-authentication-and-permissions/
https://www.django-rest-framework.org/api-guide/permissions/
The text was updated successfully, but these errors were encountered: