我想同时拥有对/api/listings的公共访问权和私有访问权,以便可以对所有列表的前端进行只读访问。我还想读取,更新和删除我已经知道如何做的经过身份验证的用户自己的列表(注释,我知道我需要将权限更改为AllowAuthenticated)。我是否必须创建第二个API,并且由于公共API已经使用了/api/listings URI,我该怎么做,谢谢
# api.py
class ListingViewSet(viewsets.ModelViewSet):
permission_classes = [
permissions.AllowAny,
]
serializer_class = ListingSerializer
# This is how I can publicly access the api
queryset = Listing.objects.all()
# This is how I can have private access
# def get_queryset(self):
# return self.request.user.listings.all()
# def perform_create(self, serializer):
# serializer.save(owner=self.request.user)
# serializers.py
class ListingSerializer(serializers.ModelSerializer):
class Meta:
model = Listing
fields = '__all__'