diff --git a/docs/api-guide/pagination.md b/docs/api-guide/pagination.md index 41887ffd8..010a094df 100644 --- a/docs/api-guide/pagination.md +++ b/docs/api-guide/pagination.md @@ -24,14 +24,16 @@ Pagination can be turned off by setting the pagination class to `None`. ## Setting the pagination style -The pagination style may be set globally, using the `DEFAULT_PAGINATION_CLASS` and `PAGE_SIZE` setting keys. For example, to use the built-in limit/offset pagination, you would do something like this: +The pagination style may be set globally, using the `DEFAULT_PAGINATION_CLASS`, `PAGE_SIZE` and `MAX_PAGE_SIZE` setting keys. For example, to use the built-in limit/offset pagination, you would do something like this: REST_FRAMEWORK = { 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination', - 'PAGE_SIZE': 100 + 'PAGE_SIZE': 100, + 'MAX_PAGE_SIZE': 250, } -Note that you need to set both the pagination class, and the page size that should be used. Both `DEFAULT_PAGINATION_CLASS` and `PAGE_SIZE` are `None` by default. +Note that you need to set both the pagination class, and the page size and limit that should be used. +`DEFAULT_PAGINATION_CLASS`, `PAGE_SIZE`, `MAX_PAGE_SIZE` are `None` by default. You can also set the pagination class on an individual view by using the `pagination_class` attribute. Typically you'll want to use the same pagination style throughout your API, although you might want to vary individual aspects of the pagination, such as default or maximum page size, on a per-view basis. diff --git a/rest_framework/pagination.py b/rest_framework/pagination.py index a543ceeb5..e45799da0 100644 --- a/rest_framework/pagination.py +++ b/rest_framework/pagination.py @@ -172,6 +172,10 @@ class PageNumberPagination(BasePagination): # The default page size. # Defaults to `None`, meaning pagination is disabled. page_size = api_settings.PAGE_SIZE + # The maximum page size. + # Defaults to `None`, meaning page size is unlimited. + # It's recommended that you would set a limit to avoid api abuse. + page_size = api_settings.MAX_PAGE_SIZE django_paginator_class = DjangoPaginator @@ -382,7 +386,7 @@ class LimitOffsetPagination(BasePagination): limit_query_description = _('Number of results to return per page.') offset_query_param = 'offset' offset_query_description = _('The initial index from which to return the results.') - max_limit = None + max_limit = api_settings.MAX_PAGE_SIZE template = 'rest_framework/pagination/numbers.html' def paginate_queryset(self, queryset, request, view=None): diff --git a/rest_framework/settings.py b/rest_framework/settings.py index b0d7bacec..ee9ee61f1 100644 --- a/rest_framework/settings.py +++ b/rest_framework/settings.py @@ -65,6 +65,7 @@ DEFAULTS = { # Pagination 'PAGE_SIZE': None, + "MAX_PAGE_SIZE": None, # Filtering 'SEARCH_PARAM': 'search',