![](/img/trans.png)
[英]Cannot apply DjangoModelPermissions on a view that does not have `.queryset` property or overrides the `.get_queryset()` method
[英]django rest framework error Cannot apply DjangoModelPermissions on a view that does not set `.queryset` or have a `.get_queryset()` method
我正在使用django 1.9.5和rest框架3.x(DRF)。我剛從django rest官方框架學習了教程,可以說它是從DRF開始的,我已經寫了以下視圖 , URL以查看api的工作原理使用DRF,
意見
class DepartMentList(APIView):
"""
List of all departments or create a department
"""
def get(self, request, format=None):
departments = Department.objects.all()
serializer = DepartmentSerializer(departments)
return Response(serializer.data)
def post(self, request, format=None):
serializer = DepartmentSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data,status=status.HTTP_201_CREATED)
return Response(serializer._errors, status=status.HTTP_400_BAD_REQUEST)
網址
from django.conf.urls import url
from rest_framework.urlpatterns import format_suffix_patterns
from organizations import views
urlpatterns = [
url(r'^departments/$', views.DepartMentList.as_view()),
]
urlpatterns = format_suffix_patterns(urlpatterns)
這是setting.py,在其中我為DEFAULT_PERMISSION_CLASSES添加了以下rest framework
字典
REST_FRAMEWORK = {
# Use Django's standard `django.contrib.auth` permissions,
# or allow read-only access for unauthenticated users.
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
]
}
現在,當我運行部門的endpoint
以查看部門列表時,則出現以下錯誤,
'Cannot apply DjangoModelPermissions on a view that '
AssertionError: Cannot apply DjangoModelPermissions on a view that does not set `.queryset` or have a `.get_queryset()` method.
究竟是什么導致錯誤? 我已經調查過,但無法解決。
更新
class DepartMentDetail(APIView):
"""
Retrieve, update or delete a department instance.
"""
def get_object(self, pk):
try:
return Department.objects.get(pk=pk)
except Department.DoesNotExist:
raise Http404
def get(self,request,pk,format=None):
department = self.get_object(pk)
serializer = DepartmentSerializer(department)
return Response(serializer.data)
def put(self,request,pk,format=None):
department = self.get_object(pk)
serializer = DepartmentSerializer(department,data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def delete(self, request, pk, format=None):
department = self.get_object(pk)
department.delete()
return Response(status=status.HTTP_204_NO_CONTENT)
DjangoRestFramework要求您在視圖上設置queryset
類參數或實現get_queryset
方法。 應用權限等級時會進行檢查。 因為DjangoModelPermissionsOrAnonReadOnly
具有has_permission
方法,如下所示,並且此方法檢查您的視圖是否具有queryset
變量或get_queryset
方法。
def has_permission(self, request, view):
# Workaround to ensure DjangoModelPermissions are not applied
# to the root view when using DefaultRouter.
if getattr(view, '_ignore_model_permissions', False):
return True
if hasattr(view, 'get_queryset'):
queryset = view.get_queryset()
else:
queryset = getattr(view, 'queryset', None)
assert queryset is not None, (
'Cannot apply DjangoModelPermissions on a view that '
'does not set `.queryset` or have a `.get_queryset()` method.'
)
perms = self.get_required_permissions(request.method, queryset.model)
return (
request.user and
(request.user.is_authenticated() or not self.authenticated_users_only) and
request.user.has_perms(perms)
)
如您所見, has_permission
方法使queryset
變量assert
您的視圖應如下所示
class DepartMentList(APIView):
"""
List of all departments or create a department
"""
queryset = Department.objects.all()
def get(self, request, format=None):
serializer = DepartmentSerializer(self.queryset)
return Response(serializer.data)
def post(self, request, format=None):
serializer = DepartmentSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data,status=status.HTTP_201_CREATED)
return Response(serializer._errors, status=status.HTTP_400_BAD_REQUEST)
PS使用http://www.django-rest-framework.org/api-guide/generic-views/它更干凈))
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.