I am new to DRF.
While creating the twitter app I faced a problem with serializers. Since the user is required - I need somehow to pass the actual user to the TweetSerializer class. I have tried different methods that did not work.
This is giving me an error
owner = serializers.HiddenField(default=serializers.CurrentUserDefault())
error image
error image continued
also i have tried to se the user by passing it tot he serializer constructor
serializer = TweetSerializer(owner=request.user)
also did not work
class TweetSerializer(serializers.ModelSerializer):
try:
owner = serializers.HiddenField(
default=serializers.CurrentUserDefault()
)
except Exception as exception:
print(exception)
class Meta:
model = Tweet
fields = '__all__'
read_only_fields = ['owner']
def validate(self, attrs):
if len(attrs['content']) > MAX_TWEET_LENGTH:
raise serializers.ValidationError("This tweet is too long")
return attrs
class Tweet(models.Model):
id = models.AutoField(primary_key=True)
owner = models.ForeignKey('auth.User', related_name='tweets', on_delete=models.CASCADE)
content = models.TextField(blank=True, null=True)
image = models.FileField(upload_to='images/', blank=True, null=True)
class Meta:
ordering = ['-id']
#api_view(['POST'])
def tweet_create_view(request, *args, **kwargs):
serializer = TweetSerializer(data=request.POST)
user = request.user
if serializer.is_valid():
serializer.save()
else:
print(serializer.errors)
return JsonResponse({}, status=400)
try:
pass
except Exception as e:
print(str(e))
return JsonResponse({}, status=400, safe=False)
return JsonResponse({}, status=201)
The solution was to pass a context as I read from drf documentation for CurrentUserDefault()
#api_view(['POST'])
def tweet_create_view(request, *args, **kwargs):
context = {
"request" : request
}
serializer = TweetSerializer(data=request.POST, context=context)
if serializer.is_valid():
serializer.save()
return JsonResponse({}, status=201)
A default class that can be used to represent the current user. In order to use this, the 'request' must have been provided as part of the context dictionary when instantiating the serializer.
Related
I am trying to upload a csv file and then using it to populate a table in the database (creating multiple objects).
serializers.py:
def instantiate_batch_objects(data_list, user):
return [
WorkData(
work=db_obj['work'],
recordTime=db_obj['recordTime'],
user=user
) for db_obj in data_list
]
class FileUploadSerializer(serializers.ModelSerializer):
filedata = serializers.FileField(write_only=True)
class Meta:
model = WorkData
fields = ['user', 'filedata']
def create(self, validated_data):
file = validated_data.pop('filedata')
data_list = csv_file_parser(file)
batch = instantiate_batch_objects(data_list, validated_data['user'])
work_data_objects = WorkData.objects.bulk_create(batch)
# print(work_data_objects[0])
return work_data_objects
views.py:
class FileUploadView(generics.CreateAPIView):
queryset = WorkData.objects.all()
permission_classes = [IsAuthenticated]
serializer_class = FileUploadSerializer
# I guess, this is not need for my case.
def get_serializer(self, *args, **kwargs):
print(kwargs.get('data'))
if isinstance(kwargs.get('data', {}), list):
kwargs['many'] = True
return super().get_serializer(*args, **kwargs)
models.py
class WorkData(models.Model):
user = models.ForeignKey(
settings.AUTH_USER_MODEL,
on_delete=models.CASCADE,
related_name='work_data',
)
work = models.IntegerField(blank=False, null=False)
recordTime = models.DateTimeField(blank=False, null=True)
When I upload the file and post it I get this error:
Got AttributeError when attempting to get a value for field user on serializer FileUploadSerializer. The serializer field might be named incorrectly and not match any attribute or key on the list instance. Original exception text was: 'list' object has no attribute 'user'.
But I can see table is populated successfully in the database. What should I return from create method of FileUploadSerializer?
OK, after trying an example myself I was able to reproduce the errors, I have a better understanding of why this is happing now.
First, let's put the implementation of create() on the view class here
def create(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
self.perform_create(serializer)
headers = self.get_success_headers(serializer.data)
return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
The original error of Got AttributeError when attempting to get a value for field user... etc happened because the create() in the FileUploadView is returning serializer.data which is expecting fields user and filedata but create() on FileUploadSerializer is returning a list of objects so you can see now why this is happening.
You can solve this by overriding create() on FileUploadView and serialize the returned serializer data with a WorkDataSerializer that you will create
For ex:
def create(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
self.perform_create(serializer)
headers = self.get_success_headers(serializer.data)
workData = WorkDataSerializer(data=serializer.data)
return Response(workData.data, status=status.HTTP_201_CREATED, headers=headers)
OR, you can do it on serializer level - which I prefer -
For example:
class FileUploadSerializer(serializers.ModelSerializer):
filedata = serializers.FileField(write_only=True)
created_objects_from_file = serializers.SerializerMethodField()
def get_created_objects_from_file(self, obj):
file = self.validated_data.pop('filedata')
data_list = csv_file_parser(file)
batch = instantiate_batch_objects(data_list, self.validated_data['user'])
work_data_objects = WorkData.objects.bulk_create(batch)
return WorkDataSerializer(work_data_objects, many = True).data
class Meta:
model = WorkData
fields = ['user', 'filedata']
class WorkDataSerializer(serializers.Serializer):
# fields of WorkData model you want to return
This should work with no problems, note that SerializerMethodField is read_only by default
see https://www.django-rest-framework.org/api-guide/fields/#serializermethodfield
I am trying to write a nested serializer which would add serialize 2 models in the same view. Serialization seems to work fine since changes get reflected in the database but I am not able to get the many-to-many related field data in the response. I have been trying to figure out what the issue might be but still no progress.
Here is my code:
Model
class User(AbstractBaseUser):
AccountName = models.ManyToManyField(Account,
through='User_Account',
through_fields=('user', 'acc'),
related_name='AccountData',
blank=True)
EmailId = models.EmailField(max_length=128, blank=False, null=False)
USERNAME_FIELD = 'EmailId'
REQUIRED_FIELDS = ['AccountName']
class Account(models.Model):
AccountName = models.TextField(max_length=100, blank=False, null=False)
Serializer
class AccountCreationSerializer(ModelSerializer):
class Meta:
model = Account
fields = ["AccountName"]
class SignUpSerializer1(ModelSerializer):
AccountData = AccountCreationSerializer(read_only=True, many=True)
class Meta:
model = User
fields = ['EmailId', 'AccountData', 'password']
extra_kwargs = {'password': {'write_only': True, 'required': True}}
def validate(self, attrs):
attrs = super(SignUpSerializer1, self).validate(attrs=attrs)
attrs.update({"AccountData": self.initial_data.get("AccountData")})
return attrs
def create(self, validated_data):
AccountName_data = validated_data.pop('AccountData')
acc = Account.objects.create(AccountName=AccountName_data)
userAcc = User.objects.create_user(**validated_data)
if acc:
userAcc.AccountName.add(acc)
print("added")
return userAcc
View
class SignUpView(APIView):
serializer_class1 = SignUpSerializer1
def post(self, request, *args, **kwargs):
if request.data['CreateAccount']:
serializer = self.serializer_class1(data=request.data)
is_valid_serializer = serializer.is_valid(raise_exception=True)
if is_valid_serializer:
with transaction.atomic():
serializer.save()
return Response(serializer.data, status=status.HTTP_200_OK)
else:
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
else:
raise Exception("Bad error")
Request1
"EmailId" : "xyz#gmail.com",
"AccountData":{"AccountName":"TestAcc1"},
"CreateAccount": true,
"password" : "xyz"
Response
"EmailId": "xyz#gmail.com",
#After Removing read_only=true from AccountData
Request2
"EmailId" : "xyz#gmail.com",
"AccountData":{"AccountName":"TestAcc1"},
"CreateAccount": true,
"password" : "xyz"
Response
{"AccountData":{"non_field_errors":["Expected a list of items but got type \"dict\"."]}}
Request3
"EmailId" : "xyz#gmail.com",
"AccountData":[{"AccountName":"TestAcc1"}],
"CreateAccount": true,
"password" : "xyz"
Response
Got AttributeError when attempting to get a value for field `AccountData` on serializer `SignUpSerializer1`.
The serializer field might be named incorrectly and not match any attribute or key on the `User` instance.
Original exception text was: 'User' object has no attribute 'AccountData'.
There is no response data fo AccountName in the response. And when I try print(User.objects.get(EmailId = serializer.data['AccountName'])) ====> None.
How should I get the field populated in the correct way in my response?
Thanks!
You need to specify source argument, since model's field called AccountName, not AccountData:
class SignUpSerializer1(ModelSerializer):
AccountData = AccountCreationSerializer(many=True, source="AccountName")
If I need to change some field values before saving to the database as I think models method clear() is suitable. But I can't call him despite all my efforts.
For example fields email I need set to lowercase and fields nda I need set as null
models.py
class Vendors(models.Model):
nda = models.DateField(blank=True, null=True)
parent = models.OneToOneField('Vendors', models.DO_NOTHING, blank=True, null=True)
def clean(self):
if self.nda == "":
self.nda = None
class VendorContacts(models.Model):
....
vendor = models.ForeignKey('Vendors', related_name='contacts', on_delete=models.CASCADE)
email = models.CharField(max_length=80, blank=True, null=True, unique=True)
def clean(self):
if self.email:
self.email = self.email.lower()
serializer.py
class VendorContactSerializer(serializers.ModelSerializer):
class Meta:
model = VendorContacts
fields = (
...
'email',)
class VendorsSerializer(serializers.ModelSerializer):
contacts = VendorContactSerializer(many=True)
class Meta:
model = Vendors
fields = (...
'nda',
'contacts',
)
def create(self, validated_data):
contact_data = validated_data.pop('contacts')
vendor = Vendors.objects.create(**validated_data)
for data in contact_data:
VendorContacts.objects.create(vendor=vendor, **data)
return vendor
views.py
class VendorsCreateView(APIView):
"""Create new vendor instances from form"""
permission_classes = (permissions.AllowAny,)
serializer_class = VendorsSerializer
def post(self, request, *args, **kwargs):
serializer = VendorsSerializer(data=request.data)
try:
serializer.is_valid(raise_exception=True)
serializer.save()
except ValidationError:
return Response({"errors": (serializer.errors,)},
status=status.HTTP_400_BAD_REQUEST)
else:
return Response(request.data, status=status.HTTP_200_OK)
As I learned from the documentation
Django Rest Framework serializers do not call the Model.clean when
validating model serializers
In dealing with this problem, I found two ways to solve it.
1. using the custom method at serializer. For my case, it looks like
class VendorsSerializer(serializers.ModelSerializer):
contacts = VendorContactSerializer(many=True)
class Meta:
model = Vendors
fields = (...
'nda',
'contacts',
)
def create(self, validated_data):
contact_data = validated_data.pop('contacts')
vendor = Vendors.objects.create(**validated_data)
for data in contact_data:
VendorContacts.objects.create(vendor=vendor, **data)
return vendor
def validate(self, attrs):
instance = Vendors(**attrs)
instance.clean()
return attrs
Using full_clean() method. For me, it looks like
class VendorsSerializer(serializers.ModelSerializer):
contacts = VendorContactSerializer(many=True)
class Meta:
model = Vendors
fields = (...
'nda',
'contacts',
)
def create(self, validated_data):
contact_data = validated_data.pop('contacts')
vendor = Vendors(**validated_data)
vendor.full_clean()
vendor.save()
for data in contact_data:
VendorContacts.objects.create(vendor=vendor, **data)
return vendor
But in both cases, the clean() method is not called. I really don't understand what I'm doing wrong.
In my case I had the same problem but with validation feature
I used the way below and it works for me (not excludes the way found above):
class CustomViewClass(APIView):
def post(self, request, format=None):
prepared_data_variable = 'some data in needed format'
serializer = CustomSerializer(data=request.data)
if serializer.is_valid(self):
serializer.validated_data['field_name'] = prepared_data_variable
serializer.save()
return Response(data=serializer.data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
This string is key for my solution serializer.validated_data['field_name'] = prepared_data_variable
For DRF you can change your serializer before save as below...
First of all, you should check that serializer is valid or not, and if it is valid then change the required object of the serializer and then save that serializer.
if serializer.is_valid():
serializer.object.user_id = 15 # For example
serializer.save()
UPD!
views.py
class VendorsCreateView(APIView):
"""Create new vendor instances from form"""
permission_classes = (permissions.AllowAny,)
serializer_class = VendorsSerializer
def post(self, request, *args, **kwargs):
data = request.data
if data['nda'] == '':
data['nda'] = None
for contact in data['contacts']:
if contact['email']:
print(contact['email'])
contact['email'] = contact['email'].lower()
serializer = VendorsSerializer(data=request.data)
try:
serializer.is_valid(raise_exception=True)
serializer.save()
except ValidationError:
return Response({"errors": (serializer.errors,)},
status=status.HTTP_400_BAD_REQUEST)
To answer your question: just override save() method for your models as written in docs. There you can assign any values to your model instance directly before saving it in database.
Also, you should probably use models.EmailField for your email fields which will get rid of your lower() check.
I am building an API using Django Rest Framework for my car-sharing app. I want to let not owner users to have access to update "participants" field in race, so they can join. Other fields should be available only to owner. I was reading about django-guardian, but i don't realy understand how to implement it. Here's my model:
from django.db import models
from django.contrib.auth.models import User
class Race(models.Model):
owner = models.ForeignKey("auth.User", related_name = 'races', on_delete=models.CASCADE)
origin_long = models.DecimalField(max_digits=8, decimal_places=3)
origin_lat = models.DecimalField(max_digits=8, decimal_places=3)
destination_long = models.DecimalField(max_digits=8, decimal_places=3)
destination_lat = models.DecimalField(max_digits=8, decimal_places=3)
start_time = models.TimeField(auto_now=False, auto_now_add=False)
participants = models.ManyToManyField(User,blank=True)
schedule = models.DurationField(blank=True,null=True)
subs = models.ManyToManyField(User, related_name='subs',blank=True)
cost = models.DecimalField(max_digits=5, decimal_places=2)
def __str__(self):
return self.user.get_full_name()
Thank you in advance.
I don't think Django has anyway to have field level permission by default.
But we can tweak and restrict the fields through the serializers.py and views.py .
In views.py
class RaceUpdateView(UpdateAPIView):
lookup_field = 'pk'
serializer_class = RaceUpdateSerializer
queryset = Race.objects.all()
permission_classes = [IsAuthenticated]
model = Race
def put(self, request, pk):
try:
try:
race_obj = self.get_object()
except Exception as error:
context = {'error': "Race Id does not exist", 'success': "false", 'message': 'Race Id does not exist.'}
return Response(context, status=status.HTTP_404_NOT_FOUND)
#I don't know how you are checking owner. So i kept it this way.
if request.user.id != race_obj.owner.id:
#passing the fields which are to be used by the serializer.
serializer = RaceUpdateSerializer(race_obj, data=request.data, partial=True, fields=('participants',))
else:
serializer = RaceUpdateSerializer(race_obj, data=request.data, partial=True)
if serializer.is_valid():
try:
serializer.save()
except Exception as error:
context = {"success": False, "message": "Update Failed. %s" % str(error), "error": str(error)}
return Response(context, status=status.HTTP_400_BAD_REQUEST)
context = {"success": True, "message": "Updated Successful", "error": "", "data": serializer.data}
return Response(context, status=status.HTTP_200_OK)
context = {"success": False, "message": "Updated Failed, Invalid Input Data", "error": str(serializer.errors)}
return Response(context, status=status.HTTP_400_BAD_REQUEST)
except Exception as error:
context = {'error': str(error), 'success': "false", 'message': 'Failed To Update Race.'}
return Response(context, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
In serializers.py
class RaceUpdateSerializer(ModelSerializer):
class Meta:
model = Race
fields = '__all__'
def __init__(self, *args, **kwargs):
# Don't pass the 'fields' arg up to the superclass
fields = kwargs.pop('fields', None)
# Instantiate the superclass normally
super(RaceUpdateSerializer, self).__init__(*args, **kwargs)
if fields is not None:
# Drop any fields that are not specified in the `fields` argument.
allowed = set(fields)
existing = set(self.fields)
for field_name in existing - allowed:
self.fields.pop(field_name)
This way only the mentioned fields which is called from the views.py will be used while updating.
serializer = RaceUpdateSerializer(race_obj, data=request.data, partial=True, fields=('participants',))
It will achieve the task that you are trying to do.
Note - You can allow multiple fields this way as well
serializer = RaceUpdateSerializer(race_obj, data=request.data, partial=True, fields=('field1','field2'))
I am getting not null contraint failed error while posting a group. How should i fix it? I don't want to show the user in the api so i have not used it in the serializer fields. Do i have to compulsorily add it there?
Here is my model, serializer and APIView
class DeviceGroup(models.Model):
token = models.UUIDField(default=uuid.uuid4, unique=True, editable=False)
name = models.CharField(max_length=250, blank=False, null=False)
owner = models.ForeignKey(User, blank=False, null=False)
class DeviceGroupSerializer(serializers.ModelSerializer):
id = serializers.UUIDField(source='token', format='hex', read_only=True)
class Meta:
model = DeviceGroup
fields = ['id','name']
class DevicesGroupsAPIView(APIView):
permission_classes = (permissions.IsAuthenticated,)
serializer_class = DeviceGroupSerializer
def get_object(self, user, token):
try:
return BaseDevice.objects.filter(owner=user).get(token=token)
except ObjectDoesNotExist:
return error.RequestedResourceNotFound().as_response()
def get(self, request, format=None):
"""
Returns a list of groups
"""
reply = {}
try:
groups = DeviceGroup.objects.filter(owner=request.user)
reply['data'] = DeviceGroupSerializer(groups, many=True).data
except:
reply['data'] = []
return Response(reply, status.HTTP_200_OK)
def post(self, request, format=None):
"""
create a new group
"""
print('request.data', request.data)
print('user', request.user)
serializer = DeviceGroupSerializer(data=request.data)
print('serializer', serializer)
if serializer.is_valid():
serializer.save()
return Response(serializers.data, status.HTTP_200_OK)
return Response(serializer.errors, status.HTTP_204_NO_CONTENT)
see this carefully, user is not in request.data:
serializer = DeviceGroupSerializer(data={
'name':request.data['name'],
'owner':request.user.id,
})
also check that the serializer allows the owner to be used
from django.contrib.auth.models import User
class DeviceGroupSerializer(serializers.ModelSerializer):
id = serializers.UUIDField(source='token', format='hex', read_only=True)
owner = serializers.PrimaryKeyRelatedField(queryset=User.objects.all())
class Meta:
model = DeviceGroup
fields = ['id','name', 'owner']