In django rest framework when create a custom viewsets.ViewSet can we apply a custom decorator on a specific function in that ViewSet?
class UserViewSet(viewsets.ViewSet):
"""
Example empty viewset demonstrating the standard
actions that will be handled by a router class.
If you're using format suffixes, make sure to also include
the `format=None` keyword argument for each action.
"""
@permission_classes([IsAuthenticated])
@custom_decorator_1()
def list(self, request):
pass
@custom_decorator_2()
def create(self, request):
pass
@custom_decorator_3()
def retrieve(self, request, pk=None):
pass
def update(self, request, pk=None):
pass
def partial_update(self, request, pk=None):
pass
def destroy(self, request, pk=None):
pass
If yes then how can we get query parameters inside that custom decorator applied on a ViewSet? Or is there any alternate solution to achieve this where I can apply multiple decorators on a ViewSet action?
Right now I am trying to do it in this way:
def custom_decorator():
"""
Decorator for views that checks that the user passes the given test,
redirecting to the log-in page if necessary. The test should be a callable
that takes the user object and returns True if the user passes.
"""
def decorator(view_func):
@wraps(view_func)
def wrapper(request, *args, **kwargs):
role = request.query_params['role']
return view_func(request, *args, **kwargs)
return wrapper
return decorator
Error received:
AttributeError: 'UserViewSet' object has no attribute 'query_params'
Django provides a simple way to use decorators on class based views (this works for DRF as well):
from django.utils.decorators import method_decorator
@method_decorator(login_required) #replace login_required with your own decorator
def list(self, request):
pass
More info: https://docs.djangoproject.com/en/3.1/topics/class-based-views/intro/#decorating-the-class
But in your case, I would rather go for DRF own Permissions system ( https://www.django-rest-framework.org/api-guide/permissions/ ):
from rest_framework import permissions
class CustomerAccessPermission(permissions.BasePermission):
def has_permission(self, request, view):
return request.query_params['role'] == "admin" #or whatever as long as it is a boolean
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.