>From what I've seen you're using a Django Filters framework or REST
Framework, if so, in my opinion I would develop two API's and control their
access to the constraints which would make them secure. One of these apis
would make one general query and the other specific.
Em quarta-feira, 22 de maio de 2019 21:39:23 UTC-3, Rounak Jain escreveu:
>
> I am new to Django. Below code returns objects created by the logged in
> user. If the user's role property has value 'super', then I want all the
> objects to be shown. If the user's role property is 'inter', then I want to
> show all objects except objects created by 'super'. Where is the right
> place to do this conditional querying?
> Thanks
>
> #views.py
>
> class TaskViewSet(ModelViewSet):
> serializer_class = TaskSerializer
> def get_queryset(self):
> return Task.objects.all().filter(created_by=self.request.user)
> def perform_create(self, serializer):
> serializer.save(created_by=self.request.user)
>
> #serializers.py
>
> class TaskSerializer(ModelSerializer):
>
> class Meta:
> model = Task
> fields = ('id', 'name', 'status', 'created_by')
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/6842bc37-1870-437f-ab19-03d3e1cd3ab0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
