其更好地使用不同的viewsets为
/users/{user-id} - PublicProfileViewset
/users/self - MyProfileViewSet
的原因是不同的权限和不同的查询集两个视图集中交易。例如,PublicProfileViewset可以被任何没有登录的人访问。但是MyprofileViewset只能由登录用户访问。它类似于公开的个人资料和你自己的github个人资料。
对于PublicProfileViewset,
你可以简单的使用路由器。不幸的是,我不知道如何将用户的MyProfileViewset
这里简单的路由器的用户对象是从request
对象本身采取像request.user
views.py
class PublicUserProfileViewSet(viewsets.ReadOnlyModelViewSet):
"""
Public end-points to get information about any user
NOTE: All end-points provided here is read-only
"""
queryset = User.objects.public()
serializer_class = UserSerializer
permission_classes = (permissions.AllowAny,)
lookup_field = 'user_id'
lookup_url_kwarg = 'pk'
class MyProfileViewSet(viewsets.ModelViewSet):
"""
End-points to get all details about logged in user
and update the profile of logged in user
"""
queryset = User.objects.all()
permission_classes = (permissions.IsAuthenticated,)
serializer_class = UserSerializer
urls.py
router = routers.SimpleRouter()
router.register(r'users', PublicProfileViewSet)
urlpatterns = router.urls
urlpatterns += [
url(r'^users/me/$', MyProfileViewSet.as_view(
{'get': 'retrieve', 'put': 'update', 'patch': 'partial_update', 'delete': 'delete'}),
name='myprofile'),
]