我想让用户能够在 Django Rest API 中使用 PUT 请求仅更新某些属性。举个例子,如果我有以下模型并且只希望用户能够更新他们的名字和姓氏,我将如何去做呢?models.py:class User(models.Model): email = models.EmailField('email address', unique = True) first_name = models.TextField(max_length = 10) last_name = models.TextField(max_length = 20)(请注意,他们不应该能够更改自动设置的“id”字段)serializers.py:class UserSerializer(serializers.ModelSerializer): class Meta: model = User fields = ['id', 'email', 'first_name', 'last_name']views.py:class SingleUser(APIView): def put(self, request, user_id): user = User.objects.get(pk = user_id) serializer = UserEditSerializer(user, data = request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data, status = status.HTTP_200_OK) return Response(serializer.errors, status = status.HTTP_400_BAD_REQUEST)强制用户只能更改这些属性的子集的最佳方法是什么?
3 回答
慕少森
TA贡献2019条经验 获得超9个赞
您可以在序列化器上设置只读字段:
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ['id', 'email', 'first_name', 'last_name']
read_only_fields = ['id', 'email']
确保在 put 函数中将序列化器设置为部分:
serializer = UserEditSerializer(user, data = request.data, partial=True)
您还可以完全省略序列化程序中的字段,这将使用户根本无法使用这些字段。
PIPIONE
TA贡献1829条经验 获得超9个赞
创建一个单独的序列化器并使用它
# serializers.py
class UserPutSerializer(serializers.ModelSerializer): # new serializer class
class Meta:
model = User
fields = ['first_name', 'last_name'] # define required fields
#views.py
class SingleUser(APIView):
def put(self, request, user_id):
user = User.objects.get(pk=user_id)
serializer = UserPutSerializer(user, data=request.data) # use new serializer here
if serializer.is_valid():
serializer.save()
return Response(serializer.data, status=status.HTTP_200_OK)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
添加回答
举报
0/150
提交
取消