class GenericApiView(ApiView)
queryset = User.objects
serializer_class = None
lookup_field = 'pk'
lookup_url_kwarg = None
filter_backends = api_settings.DEFAULT_FILTER_BACKENDS or [FilterBackend]
(custom)
permission_classes (ApiView)= eg:[IsAuthenticated]=>(from rest_framework.permissions)
pagination_class = api_settings.DEFAULT_PAGINATION_CLASS
"拿到该模型的查询集"
def get_queryset(self):
...
Eg:queryset=self.queryset.all()
return queryset
"对查询集进行条件过滤"
def filter_queryset(self, queryset):
for backend in list(self.filter_backends):
# FilterBackend().filter_queryset(self.request, queryset, self)
queryset = backend().filter_queryset(self.request, queryset, self)
return queryset
"根据主键查询出对应的模型"
def get_object(self):
#拿到过模型滤后的查询集
queryset = self.filter_queryset(self.get_queryset())
"用默认lookup_field='Pk'去kwargs里面找对应的值"
"或者自定义lookup_url_kwarg 一个key名去 kwargs里面找对应的值"
filter_kwargs = {self.lookup_field: self.kwargs[lookup_url_kwarg]} "{ pk: self.kwargs[lookup_field or lookup_url_kwarg]}"" self.kwargs[lookup_url_kwarg] 从url kwargs中取pk那个键的值"
#根据参数对从查询集中找到对应的模型
obj = get_object_or_404(queryset, **filter_kwargs)
#权限校验"
self.check_object_permissions(self.request, obj) return obj
"ApiView"
def check_object_permissions(self, request, obj):
for permission in self.get_permissions():
# 调用权限类里面has_object_permission()方法,没权限就报错 eg: IsAuthenticated().has_object_permission
if not permission(eg:IsAuthenticated()).has_object_permission(request, self, obj):
self.permission_denied(
request,
message=getattr(permission, 'message', None),
code=getattr(permission, 'code', None)
)
"遍历permission_classes配置的权限类并实例化"
def get_permissions(self):
return [permission() for permission in self.permission_classes]
GenericApiView 源码解析
于 2023-10-14 20:57:23 首次发布