added docs for TokenHasScope permission class. ref #182

synasius · synasius · commit b6af819cf2df · 2015-03-23T15:11:56.000+01:00
diff --git a/docs/rest-framework/permissions.rst b/docs/rest-framework/permissions.rst
@@ -4,15 +4,30 @@ Permissions
 Django OAuth Toolkit provides a few utility classes to use along with other permissions in Django REST Framework,
 so you can easily add scoped-based permission checks to your API views.
 
+More details on how to add custom permissions to your API Endpoints can be found at the official
+`Django REST Framework documentation <http://www.django-rest-framework.org/api-guide/permissions/>`_
 
 
 TokenHasScope
 -------------
 
-TODO: add docs for TokenHasScope permission class with usage examples
+The `TokenHasScope` permission class will allow the access only when the current access token has been
+authorized for all the scopes listed in the `required_scopes` field of the view.
+
+For example:
+
+.. code-block:: python
+
+    class SongView(views.APIView):
+        authentication_classes = [OAuth2Authentication]
+        permission_classes = [TokenHasScope]
+        required_scopes = ['music']
+
+The `required_scopes` attribute is mandatory.
 
 
 TokenHasReadWriteScope
 ----------------------
 
 TODO: add docs for TokenHasReadWriteScope permission class with usage examples
+
diff --git a/oauth2_provider/ext/rest_framework/permissions.py b/oauth2_provider/ext/rest_framework/permissions.py
@@ -59,3 +59,4 @@ def get_scopes(self, request, view):
             read_write_scope = oauth2_settings.WRITE_SCOPE
 
         return required_scopes + [read_write_scope]
+

Original file line number	Diff line number	Diff line change
`@@ -59,3 +59,4 @@ def get_scopes(self, request, view):`
`59`	`59`	`read_write_scope = oauth2_settings.WRITE_SCOPE`
`60`	`60`
`61`	`61`	`return required_scopes + [read_write_scope]`
	`62`	`+`