mirror of
https://github.com/encode/django-rest-framework.git
synced 2024-11-22 09:36:49 +03:00
Fixed the MultipleFieldLookupMixin example to properly check for object level permission.
This commit is contained in:
parent
71ad99e0b2
commit
b11f37eaf3
|
@ -330,7 +330,9 @@ For example, if you need to lookup objects based on multiple fields in the URL c
|
|||
for field in self.lookup_fields:
|
||||
if self.kwargs[field]: # Ignore empty fields.
|
||||
filter[field] = self.kwargs[field]
|
||||
return get_object_or_404(queryset, **filter) # Lookup the object
|
||||
obj = get_object_or_404(queryset, **filter) # Lookup the object
|
||||
self.check_object_permissions(self.request, obj)
|
||||
return obj
|
||||
|
||||
You can then simply apply this mixin to a view or viewset anytime you need to apply the custom behavior.
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user