我是Django REST Framework的新手。我尝试做的是在HTML中呈现Generic APIView(RetrieveUpdateDestroyAPIView),类似于在Browsable API中自动呈现ViewSet的方式。
关注官方documentation,我的myApp / views.py :
class AnnounceViewSet(viewsets.ModelViewSet):
"""
API endpoint that allows announces to be viewed or edited.
"""
queryset = Announce.objects.all()
serializer_class = AnnounceSerializer
permission_classes = (permissions.IsAuthenticatedOrReadOnly,
IsOwnerOrReadOnly,)
def perform_create(self, serializer): # without this, the POST request of the announce doesnt work
serializer.save(owner=self.request.user)
class AnnounceList(APIView):
renderer_classes = [TemplateHTMLRenderer]
template_name = 'myApp/announces_list.html'
permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
def get(self, request):
queryset = Announce.objects.all()
return Response({'announces': queryset})
class AnnounceDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = Announce.objects.all()
serializer_class = AnnounceSerializer
renderer_classes = [TemplateHTMLRenderer]
template_name = 'myApp/announce_detail.html'
permission_classes = (permissions.IsAuthenticatedOrReadOnly, IsOwnerOrReadOnly,)
在我的 urls.py :
中from django.conf.urls import url, include
from rest_framework import routers
from myApp import views
from django.contrib import admin
router = routers.DefaultRouter()
router.register(r'api/users', views.UserViewSet)
router.register(r'api/groups', views.GroupViewSet)
router.register(r'api/announces', views.AnnounceViewSet)
# Wire up our API using automatic URL routing.
# Additionally, we include login URLs for the browsable API.
urlpatterns = [
url(r'^admin/', admin.site.urls),
url(r'', include('myApp.urls')),
url(r'^', include(router.urls)),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
url(r'^accounts/', include('allauth.urls')),
url(r'^announces/$', views.AnnounceList.as_view(), name='announces-list'),
url(r'^announces/(?P<pk>[0-9]+)/$', views.AnnounceDetail.as_view(), name='announce-detail'),
当我使用Browsable API时,通过链接/ api / announces / 3 /,我可以正确地看到announce对象,具有正确的权限,具体取决于经过身份验证的用户。
但是当我去/ announces / 3 /时,我有这个错误:
NoReverseMatch at /announces/3/
Reverse for 'announce-detail' with keyword arguments '{'pk': ''}' not found. 3 pattern(s) tried: ['announces/(?P<pk>[0-9]+)/$', 'api/announces/(?P<pk>[^/.]+)\\.(?P<format>[a-z0-9]+)/?$', 'api/announces/(?P<pk>[^/.]+)/$']
这是我的 announce_detail.html 模板:
{% load rest_framework %}
{% block content %}
<form action="{% url 'announce-detail' pk=announce.pk %}" method="POST">
{% csrf_token %}
{% render_form serializer %}
<input type="submit" value="Save">
</form>
{% endblock content %}
如果我理解的话,Django REST视图(无论是ViewSet还是ViewAPI)用于以JSON格式检索/放置数据,而Django普通视图用于HTML常规渲染。但是,Django REST View也可用于普通的Django HTML呈现。通过具有公开的API端点,可以检索数据并由其他应用程序(相同的Web应用程序或其他Web应用程序/移动应用程序等...)使用。如果我错了,请纠正我。
我不明白为什么我收到错误... 谢谢你的帮助!
更新 创建一个正常的APIView之后,我设法渲染表单,并且权限得到了很好的尊重(当用户试图点击“保存”按钮时,当他/她不是所有者时,状态403禁止。但是,仍然是,字段显示为“可修改”,即我们可以在区域内输入文本,但如果不是进行修改的所有者,则“保存”按钮不会保存数据。
对myApp / views.py
class AnnounceDetail(APIView):
renderer_classes = [TemplateHTMLRenderer]
template_name = 'myApp/announce_detail.html'
permission_classes = (permissions.IsAuthenticatedOrReadOnly,
IsOwnerOrReadOnly,)
def get(self, request, pk):
announce = get_object_or_404(Announce, pk=pk)
self.check_object_permissions(self.request, announce) # required for IsOwnerOrReadOnly to work fine see https://stackoverflow.com/questions/25554415/django-rest-framework-ignoring-my-isownerorreadonly-permissions
serializer_context = {
'request': Request(request),
}
serializer = AnnounceSerializer(announce, context=serializer_context)
return Response({'serializer': serializer, 'announce': announce})
def post(self, request, pk):
announce = get_object_or_404(Announce, pk=pk)
self.check_object_permissions(self.request, announce) # required for IsOwnerOrReadOnly to work fine see https://stackoverflow.com/questions/25554415/django-rest-framework-ignoring-my-isownerorreadonly-permissions
serializer_context = {
'request': Request(request),
}
serializer = AnnounceSerializer(announce, context=serializer_context, data=request.data)
if not serializer.is_valid():
return Response({'serializer': serializer, 'announce': announce})
serializer.save()
return HttpResponseRedirect(reverse('announces-list')) # redirect to URL that is associated with the name announces-list
答案 0 :(得分:2)
<强> views.py
from django.shortcuts import get_object_or_404
from rest_framework.response import Response
class AnnounceDetail(generics.RetrieveUpdateDestroyAPIView):
queryset = Announce.objects.all()
serializer_class = AnnounceSerializer
renderer_classes = [TemplateHTMLRenderer]
template_name = 'myApp/announce_detail.html'
permission_classes = (permissions.IsAuthenticatedOrReadOnly, IsOwnerOrReadOnly,)
def retrieve(self, request, pk, *args, **kwargs):
announce = get_object_or_404(Announce, pk=pk)
serializer = self.get_serializer(announce) # typo fixed
return Response({'serializer': serializer, 'announce': announce})
<强> announce_detail.html
{% load rest_framework %}
{% load staticfiles %}
{% block content %}
<form action="{% url 'announce-detail' pk=announce.pk %}" data-method="PUT">
{% csrf_token %}
{% render_form serializer %}
<input type="submit" value="Save">
</form>
{% endblock content %}
<script>
window.drf = {
csrfHeaderName: "X-CSRFTOKEN",
csrfCookieName: "csrftoken"
};
</script>
<script src="{% static 'rest_framework/js/jquery-1.12.4.min.js' %}"></script>
<script src="{% static 'rest_framework/js/ajax-form.js' %}"></script>
<script src="{% static 'rest_framework/js/csrf.js' %}"></script>
<script src="{% static 'rest_framework/js/bootstrap.min.js' %}"></script>
<script src="{% static 'rest_framework/js/prettify-min.js' %}"></script>
<script src="{% static 'rest_framework/js/default.js' %}"></script>
<script>
$(document).ready(function() {
$('form').ajaxForm();
});
</script>