Skip to content

Instantly share code, notes, and snippets.

@rsudip90 rsudip90/views.py
Created May 12, 2019

Embed
What would you like to do?
drf serializer classes dynamic -- views.py -- custom user limited info
from rest_framework import viewsets
from .mixins import GetSerializerClassMixin
from .models import User, Company, SystemUserRole
from .serializers import (
CompanySerializer,
CompanyDetailSerializer,
UserSerializer,
UserDetailSerializer,
)
class CompanyViewSet(GetSerializerClassMixin, viewsets.ModelViewSet):
"""
API endpoint that allows companies to be viewed or edited.
"""
queryset = Company.objects.all()
serializer_class = CompanyDetailSerializer
serializer_action_classes = {
'list': CompanySerializer,
}
filterset_fields = ("country", "state", "city", )
search_fields = ("name", "email", )
ordering_fields = ("name", "country", )
ordering = ("-created_at", )
# class UserViewSet(GetSerializerClassMixin, viewsets.ModelViewSet):
# """
# API endpoint that allows users to be viewed or edited.
# """
# queryset = User.objects.all()
# serializer_class = UserDetailSerializer
# serializer_action_classes = {
# 'list': UserSerializer,
# }
# filterset_fields = ("country", "state", "city", "zipcode", "company", )
# search_fields = ("first_name", "last_name", "email", )
# ordering_fields = ("first_name", "last_name", "email", )
# ordering = ("-created_at", )
class UserViewSet(viewsets.ModelViewSet):
"""
API endpoint that allows users to be viewed or edited.
"""
queryset = User.objects.all()
serializer_class = UserSerializer
serializer_detail_class = UserDetailSerializer
filterset_fields = ("country", "state", "city", "zipcode", "company", )
search_fields = ("first_name", "last_name", "email", )
ordering_fields = ("first_name", "last_name", "email", )
ordering = ("-created_at", )
def get_serializer_class(self):
"""
Special case to see the user full details.
Unless user is request.user or SYS_ADMIN for user's company
only show basic details of user.
"""
lookup = self.lookup_url_kwarg or self.lookup_field
if lookup and lookup in self.kwargs:
# get detailed endpoint value from url e.g, "/users/2/" => 2
user_pk = self.kwargs[lookup]
lookup_user = User.objects.filter(pk=user_pk).first()
# if current user is looking at the details
if self.request.user == lookup_user:
return self.serializer_detail_class
# if current user is sys admin of the requested user's company
if (self.request.user.system_role == SystemUserRole.SYS_ADMIN and
self.request.user.company == lookup_user.company):
return self.serializer_detail_class
return super().get_serializer_class()
else:
return super().get_serializer_class()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.