How to update 'Allow' headers in DRF to match an OPTIONS request's permissions? #9059

why-not-try-calmer · 2023-08-01T14:41:10Z

why-not-try-calmer
Aug 1, 2023

I am using Django Rest Framework 3.14 with ModelViewsets and a settings-wide DjangoModelOrAnonReadOnly permission class. I am trying to add custom HTTP headers to my responses to OPTIONS request, so as reflect the authentication/permission of the requesting party, like so:

def options(self, request, *args, **kwargs) -> response.Response:
    allowed_actions = self.metadata_class().determine_actions(request, self)
    allowed_actions = ", ".join(allowed_actions.keys())
    data = self.metadata_class().determine_metadata(request, self)
    return response.Response(data, headers={"Allow": allowed_actions})

Alas, the Allow header appears unmodifed. Am I missing something? Also, Is there any (better) way of doing what I am trying?

Answered by why-not-try-calmer

Aug 2, 2023

https://stackoverflow.com/a/76808421/4500155

View full answer

why-not-try-calmer · 2023-08-02T21:23:05Z

why-not-try-calmer
Aug 2, 2023
Author

https://stackoverflow.com/a/76808421/4500155

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

How to update 'Allow' headers in DRF to match an OPTIONS request's permissions? #9059

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Uh oh!

How to update 'Allow' headers in DRF to match an OPTIONS request's permissions? #9059

Uh oh!

Uh oh!

why-not-try-calmer Aug 1, 2023

Replies: 1 comment

Uh oh!

why-not-try-calmer Aug 2, 2023 Author

why-not-try-calmer
Aug 1, 2023

why-not-try-calmer
Aug 2, 2023
Author