[英]Removing the list endpoint from a resource on tastypie
我的api上有一個Resource,它總是返回登錄用戶。 資源是只讀的。 我希望列表uri充當詳細信息uri,並刪除詳細信息URL。
因此, /api/v1/user/
將返回已記錄的用戶,並且任何其他URL將失敗。 這就是我為實現這一點所做的:
class UserResource(ModelResource):
class Meta:
queryset = User.objects.all()
fields = ['email', 'name']
authentication = MultiAuthentication(SessionAuthentication(), BasicAuthentication())
authorization = Authorization()
list_allowed_methods = []
detail_allowed_methods = ['get']
def base_urls(self):
'''
The list endpoint behaves as the list endpoint.
'''
return [
url(r"^(?P<resource_name>%s)%s$" % (self._meta.resource_name, trailing_slash()), self.wrap_view('dispatch_detail'), name="api_dispatch_detail"),
url(r"^(?P<resource_name>%s)/schema%s$" % (self._meta.resource_name, trailing_slash()), self.wrap_view('get_schema'), name="api_get_schema")
]
def obj_get(self, bundle, **kwargs):
'''
Always returns the logged in user.
'''
return bundle.request.user
def get_resource_uri(self, bundle_or_obj=None, url_name='api_dispatch_detail'):
bundle_or_obj = None
try:
return self._build_reverse_url(url_name, kwargs=self.resource_uri_kwargs(bundle_or_obj))
except NoReverseMatch:
return ''
我使用base_urls()
而不是prepend_urls()
因為我想刪除其他網址。
它運行正常,但是當我點擊/api/v1/
url時,我收到此錯誤:
Traceback:
File "/home/vagrant/workspace/expenses/venv/local/lib/python2.7/site-packages/Django-1.5-py2.7.egg/django/core/handlers/base.py" in get_response
115. response = callback(request, *callback_args, **callback_kwargs)
File "/home/vagrant/workspace/expenses/venv/local/lib/python2.7/site-packages/django_tastypie-0.9.15-py2.7.egg/tastypie/api.py" in wrapper
80. return getattr(self, view)(request, *args, **kwargs)
File "/home/vagrant/workspace/expenses/venv/local/lib/python2.7/site-packages/django_tastypie-0.9.15-py2.7.egg/tastypie/api.py" in top_level
137. 'resource_name': name,
File "/home/vagrant/workspace/expenses/venv/local/lib/python2.7/site-packages/django_tastypie-0.9.15-py2.7.egg/tastypie/api.py" in _build_reverse_url
166. return reverse(name, args=args, kwargs=kwargs)
File "/home/vagrant/workspace/expenses/venv/local/lib/python2.7/site-packages/Django-1.5-py2.7.egg/django/core/urlresolvers.py" in reverse
496. return iri_to_uri(resolver._reverse_with_prefix(view, prefix, *args, **kwargs))
File "/home/vagrant/workspace/expenses/venv/local/lib/python2.7/site-packages/Django-1.5-py2.7.egg/django/core/urlresolvers.py" in _reverse_with_prefix
416. "arguments '%s' not found." % (lookup_view_s, args, kwargs))
Exception Type: NoReverseMatch at /api/v1/
Exception Value: Reverse for 'api_dispatch_list' with arguments '()' and keyword arguments '{'api_name': u'v1', 'resource_name': 'user'}' not found.
它正試圖到達缺失列表端點。 如何擺脫這個?
謝謝。
感謝Rudy的指導,我最終得到了以下結論:
class UserResource(ModelResource):
class Meta:
queryset = User.objects.all()
fields = ['email', 'name']
authentication = MultiAuthentication(SessionAuthentication(), BasicAuthentication())
authorization = Authorization()
list_allowed_methods = []
detail_allowed_methods = ['get']
def dispatch_list(self, request, **kwargs):
return self.dispatch_detail(request, **kwargs)
def obj_get(self, bundle, **kwargs):
'''
Always returns the logged in user.
'''
return bundle.request.user
def get_resource_uri(self, bundle_or_obj=None, url_name='api_dispatch_list'):
bundle_or_obj = None
try:
return self._build_reverse_url(url_name, kwargs=self.resource_uri_kwargs(bundle_or_obj))
except NoReverseMatch:
return ''
您應該使用一個自定義授權類來阻止列表端點,並優雅地引發錯誤,而不是僅僅刪除所有URL,這樣它仍然可以很好地與Tastypie一起使用。
class UserObjectsOnlyAuthorization(Authorization):
def read_list(self, object_list, bundle):
raise Unauthorized("Sorry, no list reads.")
def read_detail(self, object_list, bundle):
# Is the requested object the user?
return bundle.obj == bundle.request.user
def create_list(self, object_list, bundle):
raise Unauthorized("Sorry, no creates.")
def create_detail(self, object_list, bundle):
raise Unauthorized("Sorry, no creates.")
def update_list(self, object_list, bundle):
raise Unauthorized("Sorry, no updates.")
def update_detail(self, object_list, bundle):
raise Unauthorized("Sorry, no updates.")
def delete_list(self, object_list, bundle):
# Sorry user, no deletes for you!
raise Unauthorized("Sorry, no deletes.")
def delete_detail(self, object_list, bundle):
raise Unauthorized("Sorry, no deletes.")
編輯:
如果您想強制此API始終為“詳細信息”請求,則可以覆蓋Tastypie的內置函數。 基本上,如果您在URL中指定了ID,則tastypie將其路由為_detail請求,如果不指定,則將其路由為_list請求。 如果覆蓋檢測到此功能的調度功能,則可以將對此資源的所有請求更改為_detail,並指定主鍵用於查找用戶的內容。 這可能會更加hacky,但會完成你想要的:
def dispatch(self, request_type, request, **kwargs):
# Force this to be a single User object
return super(UserResource, self).dispatch('detail', request, **kwargs)
def get_detail(self, request, **kwargs):
# Place the authenticated user's id in the get detail request
kwargs['id'] = request.user.pk
return super(UserResource, self).get_detail(request, **kwargs)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.