如何根据发出请求的用户动态过滤 django rest api get request 中返回的字段?
[英]How do I dynamically filter fields returned in django rest api get request based on the user making the request?
问题描述
I have a photoshoot api that allows photographers to post shoot photos from which preview and watermarded versions are derived.
我有一张照片 api,允许摄影师发布从中派生preview和watermarded版本的照片。 Editors and clients can both select which photos will be edited, but the editor should only see the preview without watermark and the clients should only see the watermarked versions.编辑和客户都可以 select 哪些照片将被编辑,但编辑只能看到没有水印的preview ,客户只能看到带watermarked的版本。
I was wondering how these different distincitons can be made in the DRF queryset.我想知道如何在 DRF 查询集中做出这些不同的区别。
My model:我的 model:
class Unedited(models.Model):
shoot = models.ForeignKey(
Shoot, on_delete=models.CASCADE, null=True, related_name="shoot_photo"
)
original = models.ImageField(null=True, blank=False, upload_to=shoot_upload_to)
preview = models.ImageField(null=True, blank=True, upload_to=shoot_upload_to)
watermarked = models.ImageField(null=True, blank=True, upload_to=shoot_upload_to)
upload_time = models.DateTimeField(auto_now_add=True)
My Serializer:我的序列化器:
class UneditedSerializer(serializers.ModelSerializer):
class Meta:
model = Unedited
fields = "__all__"
def create(self, validated_data):
validated_data["preview"] = reduce_resolution(validated_data["original"])
validated_data["watermarked"] = add_watermark(validated_data["preview"])
img_obj = Unedited.objects.create(**validated_data)
img_obj.save()
return img_obj
My view:我的观点:
class UneditedViewSet(viewsets.ModelViewSet):
if not TESTING:
permission_classes = (PhotosPermission,)
serializer_class = UneditedSerializer
def get_queryset(self):
return Unedited.objects.filter(**self.request.query_params)
1 个解决方案
解决方案1
0 2021-12-16 15:29:59
I was able to solve this issue by creating separate serializers with different fields for the different cases.我能够通过为不同的情况创建具有不同fields的单独序列化程序来解决这个问题。 UneditedSerializer remained as is but I created other serializers: UneditedSerializer保持原样,但我创建了其他序列化程序:
class UneditedMarkedSerializer(serializers.ModelSerializer):
class Meta:
model = Unedited
fields = ("watermarked", "shoot", "upload_time")
class UneditedPreviewSerializer(serializers.ModelSerializer):
class Meta:
model = Unedited
fields = ("preview", "shoot", "upload_time")
I then modified the viewset to check against the user making the request to determine which serializer to use.然后,我修改了视图集以检查发出请求以确定要使用哪个序列化程序的用户。 Like so:像这样:
class UneditedViewSet(viewsets.ModelViewSet):
if not TESTING:
permission_classes = (PhotosPermission,)
serializer_class = UneditedSerializer
def get_queryset(self):
return generic_queryset(Unedited, self.request.query_params)
def list(self, request):
queryset = self.get_queryset()
if request.user.is_anonymous or request.user.role == "CLIENT":
serializer = UneditedMarkedSerializer(queryset, many=True)
elif request.user.role == "EDITOR":
print(request.user.role)
serializer = UneditedPreviewSerializer(queryset, many=True)
elif request.user.role in ("ADMIN", "STAFF"):
serializer = UneditedSerializer(queryset, many=True)
return Response(serializer.data)
And now it works as intended.现在它按预期工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.