django-rest-framework-role-filters

How to install

pip install djangorestframework-role-filters

Why i wrote this project?

I want work easily with roles without multiple ifs in code

How to use

Create role_filters.py with your roles definitions

from rest_framework_role_filters.role_filters import RoleFilter

from .serializers import PostSerializerForUser


class AdminRoleFilter(RoleFilter):
    role_id = 'admin'


class UserRoleFilter(RoleFilter):
    role_id = 'user'

    def get_allowed_actions(self, request, view, obj=None):
        # This example returns same list both for "global permissions" check,
        # and for "object" permissions, but different list may be returned
        # if `obj` argument is not None, and this list will be used to check
        # if action is allowed during call to `ViewSet.check_object_permissions`
        return ['create', 'list', 'retrieve', 'update', 'partial_update']

    def get_queryset(self, request, view, queryset):
        queryset = queryset.filter(user=request.user)
        return queryset

    def get_serializer_class(self, request, view):
        return PostSerializerForUser

    def get_serializer(self, request, view, serializer_class, *args, **kwargs):
        fields = (
            'body',
            'created_at',
            'id',
            'serializer_name',
            'title',
            'updated_at',
            'user',
        )
        return serializer_class(*args, fields=fields, **kwargs)

Create viewset and override get_role_id method

from rest_framework_role_filters.viewsets import RoleFilterModelViewSet

from .models import Post
from .role_filters import AdminRoleFilter, UserRoleFilter
from .serializers import PostSerializer


class PostViewSet(RoleFilterModelViewSet):
    queryset = Post.objects.all()
    serializer_class = PostSerializer
    role_filter_classes = [AdminRoleFilter, UserRoleFilter]

    def get_role_id(self, request):
        return request.user.role.role_id

    def perform_create(self, serializer):
        serializer.save(user=self.request.user)

If role_id is 'admin':

All actions are allowed
The default queryset is returned - Post.objects.all()
The default serializer_class is used - PostSerializer
The default viewset get_serializer method is used

If role_id is 'user':

Only actions 'create', 'list', 'retrieve', 'update', 'partial_update' are allowed
The queryset is filtered by user
The serializer_class=PostSerializerForUser is used
The serializer initializing with fields kwargs (e.g. for modified serializer as described in DRF: Dynamically modifying fields)

Check testapp example code implementation.

Name		Name	Last commit message	Last commit date
Latest commit History 32 Commits
.github/workflows		.github/workflows
rest_framework_role_filters		rest_framework_role_filters
testproject		testproject
.gitignore		.gitignore
.pre-commit-config.yaml		.pre-commit-config.yaml
CHANGES.rst		CHANGES.rst
LICENSE		LICENSE
MANIFEST.in		MANIFEST.in
Makefile		Makefile
README.rst		README.rst
pyproject.toml		pyproject.toml
requirements-dev.txt		requirements-dev.txt
requirements.txt		requirements.txt
setup.py		setup.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

django-rest-framework-role-filters

How to install

Why i wrote this project?

How to use

About

Releases

Packages

Contributors 5

Languages

License

allisson/django-rest-framework-role-filters

Folders and files

Latest commit

History

Repository files navigation

django-rest-framework-role-filters

How to install

Why i wrote this project?

How to use

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Contributors 5

Languages

Packages