Merge pull request #5398 from dolphinigle/master

Fixed the MultipleFieldLookupMixin example to properly check for object level permission
This commit is contained in:
Carlton Gibson 2017-09-07 07:45:58 +02:00 committed by GitHub
commit e2b5cef52c

View File

@ -330,7 +330,9 @@ For example, if you need to lookup objects based on multiple fields in the URL c
for field in self.lookup_fields:
if self.kwargs[field]: # Ignore empty fields.
filter[field] = self.kwargs[field]
return get_object_or_404(queryset, **filter) # Lookup the object
obj = get_object_or_404(queryset, **filter) # Lookup the object
self.check_object_permissions(self.request, obj)
return obj
You can then simply apply this mixin to a view or viewset anytime you need to apply the custom behavior.