Last active
November 9, 2016 15:47
-
-
Save osw4l/74e02e7f093acd09ac6ff27cd9d88991 to your computer and use it in GitHub Desktop.
filter content by request user
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # models | |
| from django.db import models | |
| from django.contrib.auth.models import User | |
| # Create your models here. | |
| class Task(models.Model): | |
| owner = models.ForeignKey('auth.User', related_name='tasks') | |
| completed = models.BooleanField(default=False) | |
| title = models.CharField(max_length=100) | |
| description = models.TextField() | |
| #serializers | |
| from rest_framework import serializers | |
| from ..models import Task | |
| class TaskSerializer(serializers.ModelSerializer): | |
| owner = serializers.ReadOnlyField(source='owner.username') | |
| class Meta: | |
| model = Task | |
| fields = ('id', 'title', 'description', 'completed', 'owner') | |
| # permisions | |
| from rest_framework.permissions import BasePermission, SAFE_METHODS | |
| class IsOwnerOrReadOnly(BasePermission): | |
| def has_object_permission(self, request, view, obj): | |
| if request.method in SAFE_METHODS: | |
| return True | |
| return obj.owner == request.user | |
| # views | |
| from django.contrib.auth import authenticate | |
| from rest_framework import status | |
| from rest_framework.decorators import api_view | |
| from rest_framework.generics import (ListCreateAPIView, RetrieveUpdateDestroyAPIView) | |
| from rest_framework.permissions import IsAuthenticated | |
| from rest_framework.response import Response | |
| from .permisions import IsOwnerOrReadOnly | |
| from .serializers import TaskSerializer | |
| from ..models import Task | |
| class TaskMixin(object): | |
| queryset = Task.objects.all() | |
| serializer_class = TaskSerializer | |
| permission_classes = (IsOwnerOrReadOnly, IsAuthenticated,) | |
| def pre_save(self, obj): | |
| obj.owner = self.request.user | |
| def perform_create(self, serializer): | |
| serializer.save(owner=self.request.user) | |
| class TaskList(TaskMixin, ListCreateAPIView): | |
| def get(self, request, *args, **kwargs): | |
| tasks = Task.objects.filter(owner=self.request.user) | |
| serializer = TaskSerializer(tasks, many=True) | |
| return Response({'tasks': serializer.data}) | |
| class TaskDetail(TaskMixin, RetrieveUpdateDestroyAPIView): | |
| pass | |
| @api_view(['GET', 'POST']) | |
| def login(request): | |
| if request.method == 'GET': | |
| return Response({'hola': 'bienvenido a mi api'}, status=status.HTTP_200_OK) | |
| if request.method == 'POST': | |
| username = request.data['user'] | |
| password = request.data['password'] | |
| user = authenticate(username=username, password=password) | |
| if user is not None: | |
| if user.is_active: | |
| return Response({'user': True}, status=status.HTTP_202_ACCEPTED) | |
| return Response({'error': 'usuario o contraseña invalidos'}, status=status.HTTP_200_OK) | |
| #urls | |
| from django.conf.urls import url, include | |
| from .views import categoria_detail, categoria_list, tarea_detail, tarea_list | |
| from rest_framework import routers | |
| from .viewsets import TareaViewSet, CategoriaViewSet | |
| from rest_framework.urlpatterns import format_suffix_patterns | |
| router = routers.DefaultRouter() | |
| router.register(r'tareas-api', TareaViewSet) | |
| router.register(r'categorias-api', CategoriaViewSet) | |
| urlpatterns = [ | |
| url(r'^categorias/$', categoria_list), | |
| url(r'^tareas/$', tarea_list), | |
| url(r'^categoria/(?P<pk>[0-9]+)$', categoria_detail), | |
| url(r'^tarea/(?P<pk>[0-9]+)$', tarea_detail), | |
| ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment