Persisting the user that makes a request and configuring permission policies
We want to be able to list all the users and retrieve the details for a single user. We will create subclasses of the two following generic class views declared in the rest_framework.generics
module:
ListAPIView
: Implements theget
method that retrieves a listing ofqueryset
RetrieveAPIView
: Implements theget
method to retrieve a model instance
Open the views.py
file in the games_service/games
folder. Add the following code after the last line that declares the imports, before the declaration of the GameCategoryList
class. The code file for the sample is included in the restful_python_2_07_04
folder, in the Django01/games-service/games/views.py
file:
from django.contrib.auth.models import User from rest_framework import permissions from games.serializers import UserSerializer from games.customized_permissions import IsOwnerOrReadOnly class UserList(generics.ListAPIView): queryset = User.objects.all()...