请帮忙!我已经安装了允许get请求的视图类permission_class,但是当我发送get请求时,我得到消息:get方法不允许
i haveviews.py文件:
class WomenAPIList(generics.ListCreateAPIView):
queryset = Women.objects.all()
serializer_class = WomenSerializer
permission_classes = (IsAuthenticatedOrReadOnly, )
class WomenAPIUpdate(generics.UpdateAPIView):
queryset = Women.objects.all()
serializer_class = WomenSerializer
permission_classes = (IsAuthenticated, )
# authentication_classes = (TokenAuthentication, )
class WomenAPIDestroy(generics.RetrieveDestroyAPIView):
queryset = Women.objects.all()
serializer_class = WomenSerializer
permission_classes = (IsAdminOrReadOnly, )
class WomenAPIUpdate(generics.UpdateAPIView):
queryset = Women.objects.all()
serializer_class = WomenSerializer
permission_classes = (IsAuthenticated, )
# authentication_classes = (TokenAuthentication, )
urlpatterns = [
path('admin/', admin.site.urls),
path('api/v1/drf-auth/', include('rest_framework.urls')),
path('api/v1/women/', WomenAPIList.as_view()),
path('api/v1/women/<int:pk>/', WomenAPIUpdate.as_view()),
path('api/v1/womendelete/<int:pk>/', WomenAPIDestroy.as_view()),
path('api/v1/auth/', include('djoser.urls')),
re_path(r'^auth/', include('djoser.urls.authtoken')),
path('api/v1/token/', TokenObtainPairView.as_view(), name='token_obtain_pair'),
path('api/v1/token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
path('api/v1/token/verify/', TokenVerifyView.as_view(), name='token_verify'),
]
对于WomenAPIUpdate我已经安装了下一个url:
path('api/v1/women/<int:pk>/', WomenAPIUpdate.as_view()),
但是当我对这个url进行get请求时,我得到消息:" get方法是不允许的">(我在使用Postaman和Browser时得到相同的消息)。
这是我的models.py文件:
class Women(models.Model):
title = models.CharField(max_length=255)
content = models.TextField(blank=True)
time_create = models.DateTimeField(auto_now_add=True)
time_update = models.DateTimeField(auto_now=True)
is_published = models.BooleanField(default=True)
cat_id = models.ForeignKey('Category', on_delete=models.PROTECT, null=True)
car_id = models.BooleanField(default=True)
user = models.ForeignKey(User, verbose_name='Пользователь', on_delete=models.CASCADE)
def __str__(self):
return self.title
class Category(models.Model):
name = models.CharField(max_length=100, db_index=True)
def __str__(self):
return self.name
我尝试创建自己的权限类,在使用集成元组SAFE_METHODS期间允许GET方法并将它们安装到WomenAPIUpdate类中,但它没有工作:
class IsAdminOrReadOnly(BasePermission):
def has_permission(self, request, view):
if request.method in permissions.SAFE_METHODS:
return True
return bool(request.user and request.user.is_staff)
class IsOwnerOrReadOnly(permissions.BasePermission):
def has_object_permission(self, request, view, obj):
if request.method in permissions.SAFE_METHODS:
return True
return obj.user == request.user
SAFE_METHOD元组:
SAFE_METHODS = ('GET', 'HEAD', 'OPTIONS')
它工作直到我创建身份验证设置并将它们安装在settings.py文件:
REST_FRAMEWORK = {
'DEFAULT_RENDERER_CLASSES': [
'rest_framework.renderers.JSONRenderer',
'rest_framework.renderers.BrowsableAPIRenderer',
],
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.AllowAny',
],
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework_simplejwt.authentication.JWTAuthentication',
'rest_framework.authentication.BasicAuthentication',
'rest_framework.authentication.SessionAuthentication',
]
}
您需要像这样应用这两种情况....
与浏览器(会话和基本都与浏览器一起工作,但有时你只能应用一个)(处理会话)
REST_FRAMEWORK = {
'DEFAULT_RENDERER_CLASSES': [
'rest_framework.renderers.JSONRenderer',
'rest_framework.renderers.BrowsableAPIRenderer',
],
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.AllowAny',
],
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.BasicAuthentication',
# -------------- OR -------------------------
'rest_framework.authentication.SessionAuthentication',
]
}
With Postmen (Handle JWT Token)
REST_FRAMEWORK = {
'DEFAULT_RENDERER_CLASSES': [
'rest_framework.renderers.JSONRenderer',
'rest_framework.renderers.BrowsableAPIRenderer',
],
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.AllowAny',
],
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework_simplejwt.authentication.JWTAuthentication',
]
}
对于WomenAPIUpdate使用的视图继承generics.UpdateAPIView,这将只允许PUT or PATCH方法,这意味着它将只允许您UPDATE对象,而不是FETCH/GET数据。
如果你试图在postman中使用GET方法,它会抛出错误。
获取一个对象,要么继承generics.RetrieveAPIView,要么继承
改变这
class WomenAPIUpdate(generics.UpdateAPIView):
class WomenAPIUpdate(generics.RetrieveUpdateAPIView):