Merge pull request #5398 from dolphinigle/master

Fixed the MultipleFieldLookupMixin example to properly check for object level permission
2024-11-22 09:36:49 +03:00 · 2017-09-07 07:45:58 +02:00 · 2017-09-07 07:45:58 +02:00 · e2b5cef52c
commit e2b5cef52c
parent 71ad99e0b2 b11f37eaf3
1 changed files with 3 additions and 1 deletions
--- a/docs/api-guide/generic-views.md
+++ b/docs/api-guide/generic-views.md
@ -330,7 +330,9 @@ For example, if you need to lookup objects based on multiple fields in the URL c
            for field in self.lookup_fields:
                if self.kwargs[field]: # Ignore empty fields.
                    filter[field] = self.kwargs[field]
-            return get_object_or_404(queryset, **filter)  # Lookup the object
+            obj = get_object_or_404(queryset, **filter)  # Lookup the object
+            self.check_object_permissions(self.request, obj)
+            return obj

 You can then simply apply this mixin to a view or viewset anytime you need to apply the custom behavior.