Complete the code to import the base permission class in Django REST Framework.
from rest_framework.permissions import [1]
The BasePermission class is the base class for all permissions in DRF. Importing it allows you to create custom permissions.
Complete the code to set the permission class to allow only authenticated users in a DRF view.
from rest_framework.permissions import IsAuthenticated class MyView(APIView): permission_classes = [[1]]
AllowAny which allows all users.IsAdminUser which restricts to admin users only.The IsAuthenticated permission class restricts access to authenticated users only.
Fix the error in the custom permission class method name to check permissions.
from rest_framework.permissions import BasePermission class IsOwner(BasePermission): def [1](self, request, view, obj): return obj.owner == request.user
has_permission which checks general permission, not object-level.check_permission.The method to check permissions against a specific object is has_object_permission.
Fill both blanks to create a custom permission that allows access only if the user is staff and the request method is safe.
from rest_framework.permissions import BasePermission, SAFE_METHODS class StaffReadOnly(BasePermission): def has_permission(self, request, view): return request.user.is_staff and request.method [1] SAFE_METHODS
The in operator checks if the request method is one of the safe methods like GET or HEAD.
Fill all three blanks to define a custom permission that allows access only if the user is authenticated, is the object's owner, and the request method is safe.
from rest_framework.permissions import BasePermission, SAFE_METHODS class IsOwnerOrReadOnly(BasePermission): def has_object_permission(self, request, view, obj): if request.method [1] SAFE_METHODS: return True return obj.owner [2] request.user and request.user.[3]
This permission allows safe methods for everyone, but for other methods, it checks if the user owns the object and is authenticated.