Python 3.x Django rest框架:身份验证/权限错误:TypeError:';str';对象不可调用
我正试图了解django rest框架,我陷入了身份验证/权限过程。我希望有人能帮助我。下面是我的代码: 设置.pyPython 3.x Django rest框架:身份验证/权限错误:TypeError:';str';对象不可调用,python-3.x,django-rest-framework,Python 3.x,Django Rest Framework,我正试图了解django rest框架,我陷入了身份验证/权限过程。我希望有人能帮助我。下面是我的代码: 设置.py REST_FRAMEWORK = { 'DEFAULT_PAGINATION_CLASS': 'drones.custompagination.LimitOffsetPaginationWithUpperBound', 'PAGE_SIZE': 4, 'DEFAULT_FILTER_BACKENDS': ( 'django_filters.
REST_FRAMEWORK = {
'DEFAULT_PAGINATION_CLASS': 'drones.custompagination.LimitOffsetPaginationWithUpperBound',
'PAGE_SIZE': 4,
'DEFAULT_FILTER_BACKENDS': (
'django_filters.rest_framework.DjangoFilterBackend',
'rest_framework.filters.OrderingFilter',
'rest_framework.filters.SearchFilter',
),
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
]
}
class Drone(models.Model):
name = models.CharField(max_length=250,
unique=True)
drone_category = models.ForeignKey(DroneCategory,
related_name='drones',
on_delete=models.CASCADE)
manufacturing_date = models.DateTimeField()
has_it_competed = models.BooleanField(default=False)
inserted_timestamp = models.DateTimeField(auto_now_add=True)
owner = models.ForeignKey(
'auth.User',
related_name='drones',
on_delete=models.CASCADE)
class Meta:
ordering = ('name',)
def __str__(self):
return self.name
class DroneList(generics.ListCreateAPIView):
queryset = Drone.objects.all()
serializer_class = DroneSerializer
name = 'drone-list'
permission_classes = (
'permissions.IsAuthenticatedOrReadOnly',
'custompermission.IsCurrentUserOwnerOrReadOnly',
)
filterset_fields = (
'name',
'drone_category',
'manufacturing_date',
'has_it_competed',
)
search_fileds = (
'name',
)
ordering_fields = (
'name',
'manufacturing_date',
)
def perform_create(self, serializer):
serializer.save(owner=self.request.user)
class DroneDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = Drone.objects.all()
serializer_class = DroneSerializer
name = 'drone-detail'
permission_classes = (
'permissions.IsAuthenticatedOrReadOnly',
'custompermission.IsCurrentUserOwnerOrReadOnly',
)
from rest_framework import permissions
class IsCurrentUserOwnerOrReadOnly(permissions.BasePermission):
def has_object_permission(self, request, view, obj):
if request.method in permissions.SAFE_METHODS:
# The method is a safe method
return True
else:
# The method is not a safe method
# Only owners are granted permissions
return obj.owner == request.user
型号.py
REST_FRAMEWORK = {
'DEFAULT_PAGINATION_CLASS': 'drones.custompagination.LimitOffsetPaginationWithUpperBound',
'PAGE_SIZE': 4,
'DEFAULT_FILTER_BACKENDS': (
'django_filters.rest_framework.DjangoFilterBackend',
'rest_framework.filters.OrderingFilter',
'rest_framework.filters.SearchFilter',
),
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
]
}
class Drone(models.Model):
name = models.CharField(max_length=250,
unique=True)
drone_category = models.ForeignKey(DroneCategory,
related_name='drones',
on_delete=models.CASCADE)
manufacturing_date = models.DateTimeField()
has_it_competed = models.BooleanField(default=False)
inserted_timestamp = models.DateTimeField(auto_now_add=True)
owner = models.ForeignKey(
'auth.User',
related_name='drones',
on_delete=models.CASCADE)
class Meta:
ordering = ('name',)
def __str__(self):
return self.name
class DroneList(generics.ListCreateAPIView):
queryset = Drone.objects.all()
serializer_class = DroneSerializer
name = 'drone-list'
permission_classes = (
'permissions.IsAuthenticatedOrReadOnly',
'custompermission.IsCurrentUserOwnerOrReadOnly',
)
filterset_fields = (
'name',
'drone_category',
'manufacturing_date',
'has_it_competed',
)
search_fileds = (
'name',
)
ordering_fields = (
'name',
'manufacturing_date',
)
def perform_create(self, serializer):
serializer.save(owner=self.request.user)
class DroneDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = Drone.objects.all()
serializer_class = DroneSerializer
name = 'drone-detail'
permission_classes = (
'permissions.IsAuthenticatedOrReadOnly',
'custompermission.IsCurrentUserOwnerOrReadOnly',
)
from rest_framework import permissions
class IsCurrentUserOwnerOrReadOnly(permissions.BasePermission):
def has_object_permission(self, request, view, obj):
if request.method in permissions.SAFE_METHODS:
# The method is a safe method
return True
else:
# The method is not a safe method
# Only owners are granted permissions
return obj.owner == request.user
视图.py
REST_FRAMEWORK = {
'DEFAULT_PAGINATION_CLASS': 'drones.custompagination.LimitOffsetPaginationWithUpperBound',
'PAGE_SIZE': 4,
'DEFAULT_FILTER_BACKENDS': (
'django_filters.rest_framework.DjangoFilterBackend',
'rest_framework.filters.OrderingFilter',
'rest_framework.filters.SearchFilter',
),
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
]
}
class Drone(models.Model):
name = models.CharField(max_length=250,
unique=True)
drone_category = models.ForeignKey(DroneCategory,
related_name='drones',
on_delete=models.CASCADE)
manufacturing_date = models.DateTimeField()
has_it_competed = models.BooleanField(default=False)
inserted_timestamp = models.DateTimeField(auto_now_add=True)
owner = models.ForeignKey(
'auth.User',
related_name='drones',
on_delete=models.CASCADE)
class Meta:
ordering = ('name',)
def __str__(self):
return self.name
class DroneList(generics.ListCreateAPIView):
queryset = Drone.objects.all()
serializer_class = DroneSerializer
name = 'drone-list'
permission_classes = (
'permissions.IsAuthenticatedOrReadOnly',
'custompermission.IsCurrentUserOwnerOrReadOnly',
)
filterset_fields = (
'name',
'drone_category',
'manufacturing_date',
'has_it_competed',
)
search_fileds = (
'name',
)
ordering_fields = (
'name',
'manufacturing_date',
)
def perform_create(self, serializer):
serializer.save(owner=self.request.user)
class DroneDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = Drone.objects.all()
serializer_class = DroneSerializer
name = 'drone-detail'
permission_classes = (
'permissions.IsAuthenticatedOrReadOnly',
'custompermission.IsCurrentUserOwnerOrReadOnly',
)
from rest_framework import permissions
class IsCurrentUserOwnerOrReadOnly(permissions.BasePermission):
def has_object_permission(self, request, view, obj):
if request.method in permissions.SAFE_METHODS:
# The method is a safe method
return True
else:
# The method is not a safe method
# Only owners are granted permissions
return obj.owner == request.user
custompermission.py
REST_FRAMEWORK = {
'DEFAULT_PAGINATION_CLASS': 'drones.custompagination.LimitOffsetPaginationWithUpperBound',
'PAGE_SIZE': 4,
'DEFAULT_FILTER_BACKENDS': (
'django_filters.rest_framework.DjangoFilterBackend',
'rest_framework.filters.OrderingFilter',
'rest_framework.filters.SearchFilter',
),
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
]
}
class Drone(models.Model):
name = models.CharField(max_length=250,
unique=True)
drone_category = models.ForeignKey(DroneCategory,
related_name='drones',
on_delete=models.CASCADE)
manufacturing_date = models.DateTimeField()
has_it_competed = models.BooleanField(default=False)
inserted_timestamp = models.DateTimeField(auto_now_add=True)
owner = models.ForeignKey(
'auth.User',
related_name='drones',
on_delete=models.CASCADE)
class Meta:
ordering = ('name',)
def __str__(self):
return self.name
class DroneList(generics.ListCreateAPIView):
queryset = Drone.objects.all()
serializer_class = DroneSerializer
name = 'drone-list'
permission_classes = (
'permissions.IsAuthenticatedOrReadOnly',
'custompermission.IsCurrentUserOwnerOrReadOnly',
)
filterset_fields = (
'name',
'drone_category',
'manufacturing_date',
'has_it_competed',
)
search_fileds = (
'name',
)
ordering_fields = (
'name',
'manufacturing_date',
)
def perform_create(self, serializer):
serializer.save(owner=self.request.user)
class DroneDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = Drone.objects.all()
serializer_class = DroneSerializer
name = 'drone-detail'
permission_classes = (
'permissions.IsAuthenticatedOrReadOnly',
'custompermission.IsCurrentUserOwnerOrReadOnly',
)
from rest_framework import permissions
class IsCurrentUserOwnerOrReadOnly(permissions.BasePermission):
def has_object_permission(self, request, view, obj):
if request.method in permissions.SAFE_METHODS:
# The method is a safe method
return True
else:
# The method is not a safe method
# Only owners are granted permissions
return obj.owner == request.user
下面是django抛出的错误:
[03/Nov/2019 18:01:42] "GET / HTTP/1.1" 200 10070
Internal Server Error: /drones/
Traceback (most recent call last):
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/django/core/handlers/exception.py", line 34, in inner
response = get_response(request)
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/django/core/handlers/base.py", line 115, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/django/core/handlers/base.py", line 113, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
return view_func(*args, **kwargs)
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/django/views/generic/base.py", line 71, in view
return self.dispatch(request, *args, **kwargs)
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/rest_framework/views.py", line 505, in dispatch
response = self.handle_exception(exc)
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/rest_framework/views.py", line 465, in handle_exception
self.raise_uncaught_exception(exc)
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/rest_framework/views.py", line 476, in raise_uncaught_exception
raise exc
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/rest_framework/views.py", line 493, in dispatch
self.initial(request, *args, **kwargs)
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/rest_framework/views.py", line 411, in initial
self.check_permissions(request)
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/rest_framework/views.py", line 331, in check_permissions
for permission in self.get_permissions():
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/rest_framework/views.py", line 278, in get_permissions
return [permission() for permission in self.permission_classes]
File "/home/martin/python/learn_rest/lib/python3.5/site-packages/rest_framework/views.py", line 278, in <listcomp>
return [permission() for permission in self.permission_classes]
TypeError: 'str' object is not callable
[03/Nov/2019 18:01:45] "GET /drones/ HTTP/1.1" 500 107476
[03/Nov/2019 18:01:42]“GET/HTTP/1.1”200 10070
内部服务器错误:/dones/
回溯(最近一次呼叫最后一次):
文件“/home/martin/python/learn_rest/lib/python3.5/site packages/django/core/handlers/exception.py”,第34行,在内部
响应=获取响应(请求)
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/django/core/handlers/base.py”,第115行,在get\u响应中
response=self.process\u异常\u由\u中间件(e,请求)
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/django/core/handlers/base.py”,第113行,在get\u响应中
响应=包装的回调(请求,*回调参数,**回调参数)
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/django/views/decorators/csrf.py”,第54行,包装视图
返回视图函数(*args,**kwargs)
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/django/views/generic/base.py”,第71行,在视图中
返回自调度(请求,*args,**kwargs)
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/rest\u framework/views.py”,第505行,在分派中
响应=自身处理异常(exc)
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/rest\u framework/views.py”,第465行,在handle\u exception中
自举未捕获异常(exc)
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/rest\u framework/views.py”,第476行,在raise\u uncaught\u异常中
加薪
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/rest\u framework/views.py”,第493行,在dispatch中
self.initial(请求,*args,**kwargs)
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/rest\u framework/views.py”,第411行,初始
自我检查权限(请求)
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/rest\u framework/views.py”,第331行,检查权限
在self.get_permissions()中获取权限:
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/rest\u framework/views.py”,第278行,在get\u权限中
返回[permission(),以获得self.permission\u类中的权限]
文件“/home/martin/python/learn\u rest/lib/python3.5/site packages/rest\u framework/views.py”,第278行,在
返回[permission(),以获得self.permission\u类中的权限]
TypeError:“str”对象不可调用
[2019年11月3日18:01:45]“GET/drones/HTTP/1.1”500 107476
- Python版本:3.5.3
- Django版本:2.2.6
- Django Rest框架版本:3.10.3
非常感谢您的帮助请尝试直接将
权限\u类
的值设置为权限类,例如:
from rest_framework import permissions
#import your custome permission module
class DroneDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = Drone.objects.all()
serializer_class = DroneSerializer
name = 'drone-detail'
permission_classes = (
permissions.IsAuthenticatedOrReadOnly,
custompermission.IsCurrentUserOwnerOrReadOnly,
)
尝试将
permission\u classes
的值直接设置为权限类,例如:
from rest_framework import permissions
#import your custome permission module
class DroneDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = Drone.objects.all()
serializer_class = DroneSerializer
name = 'drone-detail'
permission_classes = (
permissions.IsAuthenticatedOrReadOnly,
custompermission.IsCurrentUserOwnerOrReadOnly,
)
这解决了我的问题。非常感谢你的帮助:)解决了我的问题。非常感谢您的帮助:)