Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/django/19.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Django rest框架中request.user的字段级验证_Django_Django Rest Framework - Fatal编程技术网
Fatal编程技术网
  • django/
  • Django rest框架中request.user的字段级验证

Django rest框架中request.user的字段级验证

django django-rest-framework

Django rest框架中request.user的字段级验证,django,django-rest-framework,Django,Django Rest Framework,我正在建立一个Django REST应用程序,人们可以在其中查看餐厅。到目前为止,我有这些模型: class RestaurantId(models.Model): maps_id = models.CharField(max_length=140, unique=True) adress = models.CharField(max_length=240) name = models.CharField(max_length=140) class R

我正在建立一个Django REST应用程序,人们可以在其中查看餐厅。到目前为止,我有这些模型:

class RestaurantId(models.Model):
    maps_id = models.CharField(max_length=140, unique=True)
    adress = models.CharField(max_length=240)
    name = models.CharField(max_length=140)
        

class RestaurantReview(models.Model):    
    review_author = models.ForeignKey(settings.AUTH_USER_MODEL,
                                      on_delete=models.CASCADE)    
    restaurant_id = models.ForeignKey(RestaurantId, on_delete=models.CASCADE)
    created_at = models.DateTimeField(auto_now_add=True)
    updated_at = models.DateTimeField(auto_now=True)
    

class StarterPics(models.Model):
    restaurant_review_id = models.OneToOneField(RestaurantReview,
                                               on_delete=models.CASCADE)
    pics_author = models.ForeignKey(User, on_delete=models.CASCADE)
    restaurant_id = models.ForeignKey(RestaurantId, on_delete=models.CASCADE)
    name_1 = models.CharField(max_length=40)    
    picture_1 = models.ImageField()
我的序列化程序:

class RestaurantIdSerializer(serializers.ModelSerializer):
    class Meta:
        model = RestaurantId
        field = fields = '__all__'


class RestaurantReviewSerializer(serializers.ModelSerializer):
    class Meta:
        model = RestaurantReview
        field = fields = '__all__'


class StarterPicsSerializer(serializers.ModelSerializer):
    class Meta:
        model = StarterPics
        fields = '__all__'

   def validate_restaurant_review_id(self, value)
        if value.review_author != self.request.user:                
            raise serializers.ValidationError("User has not reviewed the restaurant")        
        return value
我的看法:

class RestaurantIdViewset(viewsets.ModelViewSet):
    queryset = models.RestaurantId.objects.all()
    serializer_class = serializers.RestaurantIdSerializer

class RestaurantReviewViewset(viewsets.ModelViewSet):
    queryset = models.RestaurantReview.objects.all()
    serializer_class = serializers.RestaurantReviewSerializer
    permission_classes = [IsAuthenticatedOrReadOnly,IsAuthorOrReadOnly]

    def perform_create(self, serializer):
        serializer.save(review_author=self.request.user)

class StarterPicsViewset(viewsets.ModelViewSet):
    queryset = models.StarterPics.objects.all()
    serializer_class = serializers.StarterPicsSerializer
    permission_classes = [IsAuthenticatedOrReadOnly]
I have set up permissions as well so only the review_author can update his reviews and pics_author can update his pictures.
我的权限:

class IsOwnReviewOrReadOnly(permissions.BasePermission):

    def has_object_permission(self, request, view, obj):
        if request.method in permissions.SAFE_METHODS:
            return True

        return obj.pics_author == request.user


class IsAuthorOrReadOnly(permissions.BasePermission):

    def has_object_permission(self, request, view, obj):
        if request.method in permissions.SAFE_METHODS:
            return True

    return obj.review_author == request.user
运行Django服务器时,我得到一个
'StarterPicsSerializer'对象没有属性'request'

此验证适用于尚未撰写评论的用户(评论作者)无法在
StarterPics
中发布图片。因此,只有创建评论的用户才能在上面发布图片

我尝试了另一个验证,但也没有成功:

def validate_restaurant_review_id(self, value):               
    if not RestaurantReview.objects.filter(restaurant_review_id=value, 
                     review_author=self.request.user).exists():              
        raise serializers.ValidationError('Not your review')  
    return value
除了要序列化的对象之外,还可以通过在视图中实例化序列化程序时传递上下文参数来为序列化程序提供额外的上下文

serializer=RandomSerializer(实例,上下文={'request':request})

如果使用(继承形式
GenericAPIView
),则序列化程序
self.context
dict中已有
请求

class StarterPicsSerializer(serializers.ModelSerializer):
    class Meta:
        model = StarterPics
        fields = '__all__'

    def validate_restaurant_review_id(self, value):                     
        print(self.context['request'])

class StarterPicsSerializer(serializers.ModelSerializer):
类元:
型号=起动装置
字段='\uuuu所有\uuuu'
def验证\餐厅\审核\ id(自我、价值):
打印(self.context['request'])
在视图中实例化序列化程序时,通过传递上下文参数,除了要序列化的对象之外,还可以为序列化程序提供额外的上下文

serializer=RandomSerializer(实例,上下文={'request':request})

如果使用(继承形式
GenericAPIView
),则序列化程序
self.context
dict中已有
请求

class StarterPicsSerializer(serializers.ModelSerializer):
    class Meta:
        model = StarterPics
        fields = '__all__'

    def validate_restaurant_review_id(self, value):                     
        print(self.context['request'])

class StarterPicsSerializer(serializers.ModelSerializer):
类元:
型号=起动装置
字段='\uuuu所有\uuuu'
def验证\餐厅\审核\ id(自我、价值):
打印(self.context['request'])
我应该在哪里添加它?取决于您的视图,如果您使用
GenericAPIView
或其子视图,如
ModelViewSet
,然后,
请求
已在
序列化程序中可用。上下文
我已使用我的代码更新了我的问题,以便您可以更清楚地了解我的问题。如果您在视图中使用
ModelViewSet
,那么您可以在序列化程序中使用
self.context['request']
直接访问
请求
,因此它变成了
review\u author=self.context['request']。user
我应该在哪里添加它?取决于您的视图,如果您使用
GenericAPIView
或其子视图,如
ModelViewSet
,然后,
请求
已在
序列化程序中可用。上下文
我已使用我的代码更新了我的问题,以便您可以更清楚地了解我的问题。如果您在视图中使用
ModelViewSet
,那么您可以在序列化程序中使用
self.context['request']
直接访问
请求
,因此它变成了
review\u author=self.context['request'].user