1 创建user/serializers.py 写序列化器
from rest_framework import serializers from user.models import User def address_validate(data): return data class UserSerializer(serializers.ModelSerializer): address=serializers.CharField(max_length=255,min_length=5,validators=[address_validate]) def validate_address(self,data): if data == "测试": raise serializers.ValidationError('请填写实际地址') return data def validate_phone(self,data): model=self.root.Meta.model num=User.objects.filter(phone=data).count if num>0: raise serializers.ValidationError('手机号') return data def validate(self,attrs): return attrs class Meta: model=User fields='__all__' read_only_fields=('',) extra_kwargs={ "address":{ "min_length":5, "default":"默认测试地址" } } class UserInfoSerializer(serializers.Serializer): id = serializers.CharField(read_only=True)# 普通字段,设置id为只读字段,不能修改 username = serializers.CharField(min_length=3,max_length=20,error_messages= {'required': '该字段必填'})# 显示普通字段 img = serializers.ImageField(required=False) nick_name = serializers.CharField(max_length=20) address = serializers.CharField(max_length=255) xxx = serializers.SerializerMethodField(read_only=True)# 自定义显示(显示多对 class Meta: model=User def get_xxx(self,row): users=row.username return users def create(self, validated_data): return User.objects.create(**validated_data) def update(self,instance,validated_data): if validated_data.get('username'): instance.username = validated_data['username'] instance.save() return instance def validate(self,attrs): print(attrs) if attrs.get("ussername")=='admin': raise serializers.ValidationError('不能创建admin用户') return attrs
from rest_framework import serializers
from user.model import User
def address_validate(data):
#独立校验器
#raise serializers.ValidationError('请填写实际地址') # 有错就出异常
# 没错就返回数据
return data
class UserSerializer(serializers.ModelSerializer):
#独立校验器,重新设定字段,替换掉模型中的设定,重新设定地址的长度为5
address=serializers.CharField(max_length=255,min_length5,validators=[ address_validate])
#单一字段验证,验证地址
def validate_address(self,data):
if data =="测试":
raise serializers.ValidationError("请填写实际地址") #有错就抛出异常
return data #没错就返回结果
def validate_phone(self,data):
#不符合手机号格式
#raise serializers.ValidationError('手机号格式不正确')
model=self.root.Meta.model
num=model.objects.filter(phone=data).count()
if num > 0:
raise serializers.ValidationError('手机号已存在')
return data
#3 所有属性验证器
def validate(self,attrs):
#attrs:{"username":"zhangsan","phone":"188888212"....}
#所有属性验证器
#self.context 中有request和view 上下文
#self.context ['View'].action 可以取到动作
#attrs 是需要序列化的数据
#raise serializers.ValidationError('xxx错误') #有问题报错
return attrs
class Meta:
model=User
#fields=('id', ) #临时添加字段也需要写这里
fiedls='__all__'
read_only_fields=(' ', )
extra_kwargs={
"address" : {
"min_lenggth" : 5, #给地址增加 最小长度限制
“default” : " 默认测试地址", #增加默认值
}
2 user/views.py
from django.shortcuts import render # Create your views here. from django.http import HttpResponse from django_filters.rest_framework import DjangoFilterBackend from rest_framework import viewsets from rest_framework.authentication import BasicAuthentication, SessionAuthentication from rest_framework.filters import OrderingFilter from rest_framework.decorators import action from rest_framework.permissions import AllowAny, IsAdminUser, IsAuthenticatedOrReadOnly, IsAuthenticated from rest_framework.response import Response from rest_framework.throttling import UserRateThrottle from rest_framework.pagination import PageNumberPagination from rest_framework.views import APIView from rest_framework.permissions import BasePermission, SAFE_METHODS from user.models import User from user.serializers import UserSerializer, UserUnActiveSerializer def index(request): # 需要认证才能访问的视图 return HttpResponse('hello') # 分页 (局部):自定义分页器 局部 class PageNum(PageNumberPagination): # 查询字符串中代表每页返回数据数量的参数名,默认值 :None page_size_query_param = 'page_size' # 查询字符串中代表的页码的参数名,有默认值 :page # page_query_param = ' page' # 一页中最多的结果条数 max_page_size = 2 # 自定义权限(局部) class MyPermission(BasePermission): #has_permission 是用户对这个视图有没有 GET,PUT,PATCH,DELETE权限的分别判断 def has_permission(self, request, view): print('has_perm') # print(view.kwargs.get('pk'), request.user.id) ''' 判断用户对模型有没有访问权''' # 任何用户对使用此权限类的视图都没有访问权限 print(request) if request.user.is_superuser: # 管理员对用户模型有访问权 return True elif view.kwargs.get('pk') == str(request.user.id): # 携带的id和用户的id相同有访问权 return True return False # has_object_permission 是用户过了has_permission 判断有权限以后,再判断这个用户有没有对一个具体的 # 对象有没有操作权限 #这样设置以后,即使是django admin 管理员也只能查询自己user标的信息,不能查询其他用户的单条信息 # has_object_permission def has_object_permission(self, request, view, obj): print('has_object_perm') """ 获取单个数据时,判断用户对某个数据对象是否有访问权限 """ if request.user.id == obj.id: return True return False class UserViewSet(viewsets.ModelViewSet): """ 完成产品的增删改查 """ ##2权限:自定义权限类 # permission_class = (IsAuthenticated,) queryset =User.objects.all() serializer_class=UserSerializer # 优先使用 get_serializer_class 返回的序列化器 # 1.认证: 自定义认证类, 自定义会覆盖全局配置 authentication_classes = (BasicAuthentication, SessionAuthentication) # # 2.权限: 自定义权限类 permission_classes = (MyPermission,) # #3 分页:自定义分页器 覆盖全局配置 pagination_class=PageNum # #4 限流,自定义限流类 throttle_classes=[ UserRateThrottle] #5过滤,指定过滤方法类,排序方法类一个或多个 filter_backends=(DjangoFilterBackend,OrderingFilter) #同时支过滤和帕西 #5.1 指定排序字段,不设置,排序功能不起效 ordering_fields= ('date_joined' ,'id')#?ordering= -id #5.2 指定过滤字段,不设置,过滤功能不起效 filter_fields={ 'username','phone','is_active'} #?username=tom&phone=&is_active=true #根据不同的请求,获得不同的序列化器 def get_serializer_class(self): if self.action == 'unactived': return UserUnActiveSerializer else: return UserSerializer @action(methods=['get'],detail=False) def unactived(self,request,*args,**kwargs): #获取查询集,过滤出喂激活的用户 qs=self.queryset.filter(is_active=False) #使用序列化器,序列化查询集 ser=self.get_serializer(qs,many=True) return Response(ser.data) @action(methods=['get'],detail=False) def actived(self,request,*args,**kwargs): #获取查询集,过滤出未激活的用户 qs=self.queryset.filter(is_active=True) #使用序列化器,序列化查询集, ser=self.get_serializer(qs,many=True) return Response(ser.data)
3 urse/urls.py
from django.urls import path,include from user import views from rest_framework.routers import SimpleRouter,DefaultRouter from rest_framework.authtoken.views import obtain_auth_token from rest_framework_jwt.views import obtain_jwt_token, refresh_jwt_token # 自动生成路由器方法,必须使用视图集 router=DefaultRouter() router.register(r'user',views.UserViewSet) urlpatterns = [ path('index/',views.index), path('api-auth/',include('rest_framework.urls',namespace='rest_framework')), ] urlpatterns += router.urls # 模块地址
from django.urls import include,path
from user import view
from rest_framework.routers import SimpleRouter ,DefaultRouter
#自动生成路由器方法,必须使用视图集
#router = DefaultRouter ()
router.register(r'user',view.UserViewSet)
urlpatterns = [
path('index/', views.index),
path('api-auth/',include('rest_framework.urls', namespace="rest_framework") #认证地址
]
urlpatterns +=router.urls #模块地址