CreateModelMixin along with all other mixin classes (Eg. ListModelMixin, UpdateModelMixin etc) are defined in rest_framework/mixins.py file. These mixin classes provide all the basic CRUD operations on a model. You just need to define a serializer_class and queryset in your generic view to perform all these operations. DRF has separated out these common functionality in separate … Read more
No that is not possible. If you need to access more than one value you have to use the Object-level validation (see docs): class Keys_Serializer(serializers.Serializer): key_id = serializers.IntegerField(required=True) key_name = serializers.CharField(required=True) value_id = serializers.IntegerField(required=False) def validate(self, data): # here you can access all values key_id = data[‘key_id’] value_id = data[‘value_id’] # perform you validation if … Read more
Ahmed Hosny was correct in his answer. It required the many parameter to be set to True to work. So final version of the CartSerializer looked like this: class CartSerializer(serializers.ModelSerializer): cartitem_set = CartItemSerializer(read_only=True, many=True) # many=True is required class Meta: model = Cart depth = 1 fields = ( ‘id’, ‘date_created’, ‘voucher’, ‘carrier’, ‘currency’, ‘cartitem_set’, … Read more
The key is to subclass PrimaryKeyRelatedField and overload the get_queryset method, using the user information from the request context: class UserFilteredPrimaryKeyRelatedField(serializers.PrimaryKeyRelatedField): def get_queryset(self): request = self.context.get(‘request’, None) queryset = super(UserFilteredPrimaryKeyRelatedField, self).get_queryset() if not request or not queryset: return None return queryset.filter(user=request.user) You can then use this new serializer just like the (unfiltered) original: class MySerializer(serializers.ModelSerializer): … Read more
You have mistyped the comma in DEFAULT_PERMISSION_CLASSES value, due to which Django takes it as a string, instead of a tuple. Solution: REST_FRAMEWORK = { … ‘DEFAULT_PERMISSION_CLASSES’: ( ‘rest_framework.permissions.IsAdminUser’, ), … }
Normally when you make a request via a form you want the form being submitted to your view to originate from your website and not come from some other domain. To ensure that this happens, you can put a csrf token in your form for your view to recognize. If you add @csrf_exempt to the … Read more
You can’t use the browsable api with TokenAuthentication. You have to add SessionAuthtication to your settings (http://www.django-rest-framework.org/api-guide/authentication/#sessionauthentication): REST_FRAMEWORK = { ‘DEFAULT_AUTHENTICATION_CLASSES’: ( ‘rest_framework.authentication.TokenAuthentication’, ‘rest_framework.authentication.SessionAuthentication’, ),
I think one password field is enough. If you want to check the user’s twice password input is same, do it in the front-end. You can override a create method from serializer like following. from rest_framework import serializers class UserSerializer(serializers.ModelSerializer): password = serializers.CharField(write_only=True) class Meta: model = User fields = (‘first_name’, ‘last_name’, ’email’, ‘mobile’, ‘password’) … Read more
Now DRF allows permissions to be composed using bitwise operators: & -and- and | -or-. From the docs: Provided they inherit from rest_framework.permissions.BasePermission, permissions can be composed using standard Python bitwise operators. For example, IsAuthenticatedOrReadOnly could be written: from rest_framework.permissions import BasePermission, IsAuthenticated from rest_framework.response import Response from rest_framework.views import APIView class ReadOnly(BasePermission): def has_permission(self, … Read more
New swagger from rest_framework.filters import BaseFilterBackend import coreapi class SimpleFilterBackend(BaseFilterBackend): def get_schema_fields(self, view): return [coreapi.Field( name=”query”, location=’query’, required=False, type=”string” )] class MyViewSet(viewsets.ViewSet): filter_backends = (SimpleFilterBackend,) def list(self, request, *args, **kwargs): # print(request.GET.get(‘query’)) # Use the query param in your view return Response({‘hello’: ‘world’}, status.HTTP_200_OK)