I'm trying to Field-Level validation to validate branch field in ModelSerialzer but this method never called.
class UserProfileSerializer(serializers.ModelSerializer):
branch = serializers.ChoiceField(choices=Branch.choices)
class Meta:
model = UserProfile
exclude = ['user']
def validate_branch(self, branch):
print(branch)
return branch.upper()
class CustomRegisterSerializer(RegisterSerializer):
profile = UserProfileSerializer(source="userprofile")
#transaction.atomic
def create(self, validated_data):
validated_profile_data = validated_data.pop('profile')
user = User.objects.create(**validated_data)
UserProfile.objects.create(user=user, **validated_profile_data)
return user
I followed this drf docs.
The validators are run when is_valid is called. You can get some idea from the code mentioned below on how to call the is_valid() method. You can call it from views.py.
serializer = UserProfileSerializer(data="The data you want to send")
serializer.is_valid(raise_exception=True)
I have the following :
I am working with DRF, based JWT token.
I want to associate an experiment with a USER, i.e when a post request is arriving I want to be able to save that post request with the Foreginkey it needed for the author by the user whom sent the request.
The POST request is always authenticated and never anonymous, i.e request.user is always exist ( I can see it when debugging)
I tried to add the following
def create(self, request, **kwargs):
request.data["author"] = request.user
serializer = ExperimentsSerializers(data=request.data)
if serializer.is_valid():
serializer.save()
return....
But is_valid return always False ( the only time ts was true, was when I took out the author from the ExperimentsSerializers fields....
will be happy for any leads....
my code attached below
Model.py:
class User(AbstractUser):
pass
def __str__(self):
return self.username
class Experiments(models.Model):
name = models.CharField(max_length=40)
time = models.DateTimeField(default=timezone.now)
author = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
View.py:
filter_backends = [DjangoFilterBackend, filters.OrderingFilter]
serializer_class = ExperimentsSerializers
queryset = Experiments.objects.all()
filterset_fields = '__all__'
permission_classes = (permissions.IsAuthenticated,)
serializers.py
class ExperimentsSerializers(serializers.ModelSerializer):
class Meta:
model = models.Experiments
fields = '__all__'
You can just pass additional data with save arguments:
def create(self, request, **kwargs):
serializer = ExperimentsSerializers(data=request.data)
if serializer.is_valid():
serializer.save(author=request.user)
Note that you may need to specify author field as read_only so it would not be required in request body:
class ExperimentsSerializers(serializers.ModelSerializer):
class Meta:
model = models.Experiments
fields = '__all__'
read_only_fields = ['author']
One more approach can be to use
HiddenField with default value set to CurrentUserDefault
This way that field will not be exposed at the same time current user will be accessible and other operations can be done on that user context.
author = serializers.HiddenField(default=serializers.CurrentUserDefault())
Something like this:
class ExperimentsSerializers(serializers.ModelSerializer):
author = serializers.HiddenField(default=serializers.CurrentUserDefault())
class Meta:
model = models.Experiments
fields = '__all__'
Reference :
HiddenField - https://www.django-rest-framework.org/api-guide/fields/#hiddenfield
CurrentUserDefault - https://www.django-rest-framework.org/api-guide/validators/#currentuserdefault
I've tried something like this, it does not work.
class PostSerializer(serializers.ModelSerializer):
class Meta:
model = Post
def save(self):
user = self.context['request.user']
title = self.validated_data['title']
article = self.validated_data['article']
I need a way of being able to access request.user from my Serializer class.
You cannot access the request.user directly. You need to access the request object, and then fetch the user attribute.
Like this:
user = self.context['request'].user
Or to be more safe,
user = None
request = self.context.get("request")
if request and hasattr(request, "user"):
user = request.user
More on extra context can be read here
Actually, you don't have to bother with context. There is a much better way to do it:
from rest_framework.fields import CurrentUserDefault
class PostSerializer(serializers.ModelSerializer):
class Meta:
model = Post
def save(self):
user = CurrentUserDefault() # <= magic!
title = self.validated_data['title']
article = self.validated_data['article']
As Igor mentioned in other answer, you can use CurrentUserDefault. If you do not want to override save method just for this, then use doc:
from rest_framework import serializers
class PostSerializer(serializers.ModelSerializer):
user = serializers.PrimaryKeyRelatedField(read_only=True, default=serializers.CurrentUserDefault())
class Meta:
model = Post
CurrentUserDefault
A default class that can be used to represent the current user. In order to use this, the 'request' must have been provided as part of the context dictionary when instantiating the serializer.
in views.py
serializer = UploadFilesSerializer(data=request.data, context={'request': request})
This is example to pass request
in serializers.py
owner = serializers.HiddenField(
default=serializers.CurrentUserDefault()
)
Source From Rest Framework
Use this code in view:
serializer = UploadFilesSerializer(data=request.data, context={'request': request})
then access it with this in serializer:
user = self.context.get("request").user
For those who used Django's ORM and added the user as a foreign key, they will need to include the user's entire object, and I was only able to do this in the create method and removing the mandatory field:
class PostSerializer(serializers.ModelSerializer):
def create(self, validated_data):
request = self.context.get("request")
post = Post()
post.title = validated_data['title']
post.article = validated_data['article']
post.user = request.user
post.save()
return post
class Meta:
model = Post
fields = '__all__'
extra_kwargs = {'user': {'required': False}}
You can pass request.user when calling .save(...) inside a view:
class EventSerializer(serializers.ModelSerializer):
class Meta:
model = models.Event
exclude = ['user']
class EventView(APIView):
def post(self, request):
es = EventSerializer(data=request.data)
if es.is_valid():
es.save(user=self.request.user)
return Response(status=status.HTTP_201_CREATED)
return Response(data=es.errors, status=status.HTTP_400_BAD_REQUEST)
This is the model:
class Event(models.Model):
user = models.ForeignKey(to=settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
date = models.DateTimeField(default=timezone.now)
place = models.CharField(max_length=255)
You can not access self.context.user directly. First you have to pass the context inside you serializer. For this follow steps bellow:
Some where inside your api view:
class ApiView(views.APIView):
def get(self, request):
items = Item.object.all()
return Response(
ItemSerializer(
items,
many=True,
context=request # <- this line (pass the request as context)
).data
)
Then inside your serializer:
class ItemSerializer(serializers.ModelSerializer):
current_user = serializers.SerializerMethodField('get_user')
class Meta:
model = Item
fields = (
'id',
'name',
'current_user',
)
def get_user(self, obj):
request = self.context
return request.user # <- here is current your user
In GET method:
Add context={'user': request.user} in the View class:
class ContentView(generics.ListAPIView):
def get(self, request, format=None):
content_list = <Respective-Model>.objects.all()
serializer = ContentSerializer(content_list, many=True,
context={'user': request.user})
Get it in the Serializer class method:
class ContentSerializer(serializers.ModelSerializer):
rate = serializers.SerializerMethodField()
def get_rate(self, instance):
user = self.context.get("user")
...
...
In POST method:
Follow other answers (e.g. Max's answer).
You need a small edit in your serializer:
class PostSerializer(serializers.ModelSerializer):
class Meta:
model = Post
def save(self):
user = self.context['request'].user
title = self.validated_data['title']
article = self.validated_data['article']
Here is an example, using Model mixing viewsets. In create method you can find the proper way of calling the serializer. get_serializer method fills the context dictionary properly. If you need to use a different serializer then defined on the viewset, see the update method on how to initiate the serializer with context dictionary, which also passes the request object to serializer.
class SignupViewSet(mixins.UpdateModelMixin, mixins.CreateModelMixin, viewsets.GenericViewSet):
http_method_names = ["put", "post"]
serializer_class = PostSerializer
def create(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
self.perform_create(serializer)
headers = self.get_success_headers(serializer.data)
return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
def update(self, request, *args, **kwargs):
partial = kwargs.pop('partial', False)
instance = self.get_object()
kwargs['context'] = self.get_serializer_context()
serializer = PostSerializer(instance, data=request.data, partial=partial, **kwargs)
serializer.is_valid(raise_exception=True)
self.perform_update(serializer)
return Response(serializer.data)
The solution can be simple for this however I tried accessing using self.contenxt['request'].user but not working in the serializer.
If you're using DRF obviously login via token is the only source or maybe others that's debatable.
Moving toward a solution.
Pass the request.user instance while creating serializer.create
views.py
if serializer.is_valid():
watch = serializer.create(serializer.data, request.user)
serializer.py
def create(self, validated_data, usr):
return Watch.objects.create(user=usr, movie=movie_obj, action=validated_data['action'])
If you are using generic views and you want to inject current user at the point of saving the instance then you can override perform_create or perform_update:
def perform_create(self, serializer):
serializer.save(user=self.request.user)
user will be added as an attribute to kwargs and you can access it through validated_data in serializer
user = validated_data['user']
drf srz page
in my project it worked my user field was read only so i needed to get
user id in the create method
class CommentSerializer(serializers.ModelSerializer):
comment_replis = RecursiveField(many=True, read_only=True)
user = UserSerializer(read_only=True)
class Meta:
model = PostComment
fields = ('_all_')
def create(self, validated_data):
post = PostComment.objects.create(**validated_data)
print(self._dict_['_kwargs']['data']["user"]) # geting #request.data["user"] # <- mian code
post.user=User.objects.get(id=self._dict_['_kwargs']['data']["user"])
return post
in my project i tried this way and it work
The best way to get current user inside serializer is like this.
AnySerializer(data={
'example_id': id
}, context={'request': request})
This has to be written in views.py
And now in Serializer.py part
user = serializers.CharField(default=serializers.CurrentUserDefault())
This "user" must be your field in Model as any relation like foreign key
I have those models:
class ServiceCategory(models.Model):
class Meta:
db_table = 'service_categories'
category = models.CharField(max_length=24)
def __str__(self):
return self.category
class Service(models.Model):
class Meta:
db_table = 'services'
service = models.CharField(max_length=24)
category = models.ForeignKey('ServiceCategory')
def __str__(self):
return self.service
And their serializers:
class ServiceCategorySerializer(serializers.ModelSerializer):
class Meta:
model = ServiceCategory
fields = ('id', 'category')
class ServiceSerializer(serializers.ModelSerializer):
category = ServiceCategorySerializer()
class Meta:
model = Service
fields = ('id', 'service', 'category')
After this setup, I quickly bumped into a problem creating a new Service via its associated ServiceSerializer: I have to also pass a complete ServiceCategory with all its fields even though I only need its id. The ServiceCategory above looks simple enough but that's hardly the case since I've omitted a lot of its other fields for brevity.
So passing the complete attributes of a ServiceCategory into a form on the front end seemed terribly inefficient to me so I tried another approach:
class UpsertServiceSerializer(serializers.ModelSerializer):
category = serializers.IntegerField() # not ServiceCategorySerializer()
class Meta:
model = Service
fields = ('service', 'category')
def create(self, data):
c = ServiceCategory.objects.get(pk=data['category'])
return Service.objects.create(service=data['service'], category=c)
My intention is to use UpsertServiceSerializer for creates and updates, with ServiceSerializer now being used for reads. UpsertServiceSerializer worked without a problem in the Django shell — the create goes through with me having to pass just the id of the ServiceCategory instead of all its attributes and a new Service object is indeed added to the database — but when I make a POST request via Postman, I get this error:
TypeError at /services
int() argument must be a string, a bytes-like object or a number, not 'ServiceCategory'
So I tried a new version of UpsertServiceSerializer:
class UpsertServiceSerializer(serializers.Serializer):
service = serializers.CharField()
category = serializers.IntegerField()
def create(self, data):
c = ServiceCategory.objects.get(pk=data['category'])
return Service.objects.create(service=data['service'], category=c)
Notice that in the new version, I'm subclassing serializers.Serializer instead of serializers.ModelSerializer, and there's no class Meta inside it. This version is no different, it also passes in the Django shell but fails in the view with the same TypeError.
Here's the view:
#api_view(['GET', 'POST'])
def services(request):
if request.method == 'GET':
services = Service.objects.all()
serializer = ServiceSerializer(services, many=True)
return Response(serializer.data)
elif request.method == 'POST':
serializer = UpsertServiceSerializer(data=request.data)
if serializer.is_valid():
serializer.save()
return Response(serializer.data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
So what am I doing wrong?
It is common problem with understanding about how related fields work in serializer. ForeignKey by default use PrimaryKeyRelatedField so you don't need an IntegerField, even though you don't need overriding create method.
class UpsertServiceSerializer(serializers.ModelSerializer):
class Meta:
model = Service
fields = ('service', 'category')
Passing pk for category will just work. In the case when you need special layout for category model not a plain pk, you could write you own to_representation method.
class UpsertServiceSerializer(serializers.ModelSerializer):
...
def to_representation(self, instance):
representation = super(UpsertServiceSerializer, self).to_representation(instance)
representation['category'] = ServiceCategorySerializer(instance.category).data
return representation
I have already referred to many posts like these and a bug on github repo of DRF. I am still unclear if this is bug still exists as the info i fetched so far is not from recent posts. I am trying to create an api using django rest framework. below given is my code.
Serializers.py
class MemberSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ('username', 'email')
class TeamSerializer(serializers.ModelSerializer):
members = MemberSerializer(many=True)
class Meta:
model = Team
fields = ('name', 'members')
class TeamUpdateSerializer(serializers.ModelSerializer):
class Meta:
model = Team
fields = ('name', 'description', 'members', 'team_type', 'created_by')
Views.py
class TeamViewSet(viewsets.ModelViewSet):
queryset = Team.objects.all()
serializer_class = TeamSerializer
authentication_classes = (SessionAuthentication, BasicAuthentication)
permission_classes = (IsAuthenticated,)
def get_queryset(self):
queryset = Team.objects.filter(created_by=self.request.user)
return queryset
members is a M2M relationship to django user model. I can create a new object, get the details but upon updating an existing Team model bby adding a new user to member field, it says a user with that username exists. I can override save() method or switch to another serializer in the update() method of my modelserializer to solve the issue.
def update(self, request, *args, **kwargs):
partial = kwargs.pop('partial', False)
instance = self.get_object()
members = request.data['members']
member_list = list()
for member in members:
member_list.append(User.objects.get(username=member['username']).id)
request.data['members'] = member_list
serializer = TeamSerializerUpdate(instance, data=request.data, partial=partial)
serializer.is_valid(raise_exception=True)
self.perform_update(serializer)
return Response(serializer.data)
But I am not sure if that is the right thing to do. It would be very helpful if a workaround for this is devised.
TIA