encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2024-11-10 19:56:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixed the MultipleFieldLookupMixin example to properly check for object level permission.

Browse Source
This commit is contained in:
Irvan 2017-09-07 11:06:44 +08:00
parent 71ad99e0b2
commit b11f37eaf3
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/api-guide/generic-views.md
View File

@ -330,7 +330,9 @@ For example, if you need to lookup objects based on multiple fields in the URL c
for field in self.lookup_fields: for field in self.lookup_fields:
if self.kwargs[field]: # Ignore empty fields. if self.kwargs[field]: # Ignore empty fields.
filter[field] = self.kwargs[field] filter[field] = self.kwargs[field]
return get_object_or_404(queryset, **filter) # Lookup the object obj = get_object_or_404(queryset, **filter) # Lookup the object
self.check_object_permissions(self.request, obj)
return obj
You can then simply apply this mixin to a view or viewset anytime you need to apply the custom behavior. You can then simply apply this mixin to a view or viewset anytime you need to apply the custom behavior.