一:订单管理:
<一>:获取订单列表:
1:定义序列化器:
class OrderListSerializers(serializers.ModelSerializer):
class Meta:
model = OrderInfo
fields = ["order_id", "create_time"]
2:定义视图和路由:
from rest_framework.viewsets import ModelViewSet
from apps.meiduo_admin.paginations import MyPage
from apps.meiduo_admin.serializers.order_serializers import OrderListSerializers
from apps.orders.models import OrderInfo
class OrderModelView(ModelViewSet):
queryset = OrderInfo.objects.all()
serializer_class = OrderListSerializers
pagination_class = MyPage
def get_queryset(self):
keyword = self.request.query_params.get('keyword')
if keyword:
return self.queryset.filter(order_id__contains=keyword)
return self.queryset.all()
# 订单路由
re_path(r'^orders/$', OrderModelView.as_view({"get": "list"})),
3:测试:
<二>:获取订单页面的详情页:
1:定义序列化器:此时我的‘序列化器中有一个针对OrderInfo的序列化器了,但是这个序列化器能够胜任这个获取单详情的任务吗??
class OrderListSerializers(serializers.ModelSerializer):
class Meta:
model = OrderInfo
fields = ["order_id", "create_time"]
这只有两个字段的肯定不能完成,需要针对这个模型类再次定义一个序列化器。
上图可以发现只有user 和 skus是特殊的。skus又需要定义一个序列化器。类推可以得到三个序列化器
class SKUSimpleSerializer(serializers.ModelSerializer):
class Meta:
model = SKU
fields = [
'name',
'default_image'
]
class OrderGoodsModelSerializer(serializers.ModelSerializer):
# 当前订单商品对象关联的"单一的"SKU对象
sku = SKUSimpleSerializer()
class Meta:
model = OrderGoods
fields = [
'count',
'price',
'sku'
]
class OrderDetialSerializers(serializers.ModelSerializer):
user = serializers.StringRelatedField()
skus = OrderGoodsModelSerializer(many=True)
class Meta:
model = OrderInfo
fields = "__all__"
2:定义视图:
现在的视图是:
class OrderModelView(ModelViewSet):
queryset = OrderInfo.objects.all()
serializer_class = OrderListSerializers
pagination_class = MyPage
def get_queryset(self):
keyword = self.request.query_params.get('keyword')
if keyword:
return self.queryset.filter(order_id__contains=keyword)
return self.queryset.all()
但是此时存在一个问题:我同一个视图,需要对应两个序列化器,我应该如何做呢??
class OrderModelView(ModelViewSet):
queryset = OrderInfo.objects.all()
serializer_class = OrderListSerializers
pagination_class = MyPage
def get_queryset(self):
keyword = self.request.query_params.get('keyword')
if keyword:
return self.queryset.filter(order_id__contains=keyword)
return self.queryset.all()
def get_serializer_class(self):
# 功能:获取操作数据使用序列化器类;默认返回类属性serializer_class
# 区分2个逻辑
# (1)、如果调用的是获取列表数据接口self.list, 使用OrderSimpleSerializer
# (2)、如果调用的是获取单一详情数据接口self.retrieve, 使用OrderDetailSerializer
# 知识点:self.action属性就是当前请求的视图函数的名称!
if self.action == "list":
return OrderListSerializers
elif self.action == "retrieve":
return OrderDetialSerializers
return self.get_serializer_class
路由:
re_path(r'^orders/(?P<pk>\d+)/$', OrderView.as_view({'get':'retrieve'})),
3:测试:
<三>: 修改订单状态:
elif self.action == 'partial_update':
return OrderDetialSerializers
re_path(r'^orders/(?P<pk>\d+)/status/$', OrderModelView.as_view({'patch':'partial_update'})),
测试:
二:系统管理:
<一>: django的权限设置:
1、Django中的用户权限和分组设计
- (1)、消费者用户和公司运营人员使用同一张用户表来记录,使用字段
is_staff来区别(is_staff=True表示运营人员,否则为普通消费者用户) - (2)、
is_superuser=True表示运营的管理员; - (3)、平台普通用户的权限是:
用户自己权限 + 所在组的权限 - (4)、Django把数据库表操作,划分为增删改查权限;
2、判断用户拥有的权限
user.has_perm('<权限应用>.<权限的codename>')
- True: 有该权限
- False: 没有该权限
3、获取用户所有权限
user.user_permissions.all()
<二>: 获取权限列表:
1:序列化器:
from django.contrib.auth.models import Permission,ContentType
from rest_framework import serializers
class PermModelSerializer(serializers.ModelSerializer):
class Meta:
model = Permission
fields = [
'id',
'name',
'codename',
'content_type'
]
2:路由和视图:
from django.contrib.auth.models import Permission
from rest_framework.viewsets import ModelViewSet
from apps.meiduo_admin.paginations import MyPage
from apps.meiduo_admin.serializers.perm_serialziers import PermModelSerializer
class PermView(ModelViewSet):
queryset = Permission.objects.all()
serializer_class = PermModelSerializer
pagination_class = MyPage
# 用户权限路由
re_path(r'^permission/perms/$', PermView.as_view({'get': 'list'})),
3:测试:
<三>: 新增权限—首先要返回可选的类型:
1:定义序列化器:
class PermContentTypeSerializer(serializers.ModelSerializer):
class Meta:
model = ContentType
fields = [
'id',
'name'
]
2:定义视图:
from apps.meiduo_admin.paginations import MyPage
from apps.meiduo_admin.serializers.perm_serialziers import PermModelSerializer, PermContentTypeSerializer
class PermContentTypeView(ListAPIView):
queryset = ContentType.objects.all()
serializer_class = PermContentTypeSerializer
re_path(r'^permission/content_types/$', PermContentTypeView.as_view()),
3:测试:
<四>: 新增,删除,修改权限信息:
1:增加查询过滤:
class PermView(ModelViewSet):
queryset = Permission.objects.all()
serializer_class = PermModelSerializer
pagination_class = MyPage
def get_queryset(self):
return self.queryset.order_by('pk')
2:路由:
urlpatterns = [
# ....
# 权限管理
re_path(r'^permission/perms/$', PermView.as_view({'get': 'list', 'post': 'create'})),
re_path(r'^permission/perms/(?P<pk>\d+)/$', PermView.as_view({
'get': 'retrieve',
'put': 'update',
'delete': 'destroy'
})),
# 新增权限可选类型
re_path(r'^permission/content_types/$', PermContentTypeView.as_view()),
]
<五>:用户组管理—获取用户组列表:
1:序列化器:
class GroupModelSerializer(serializers.ModelSerializer):
class Meta:
model = Group
fields = [
'id',
'name',
# 假设模型类序列化器可以完成该字段的校验和新建中间表数据;
'permissions'
]
2:模型类和路由:
class GroupView(ModelViewSet):
queryset = Group.objects.all()
serializer_class = GroupModelSerializer
pagination_class = MyPage
re_path(r'^permission/groups/$', GroupView.as_view({'get': 'list'})),
3:测试:
六:新增分组:
注意:新增分组,同时要付给权限:
先实现返回全部权限列表:
class GroupPermSimpleSerializer(serializers.ModelSerializer):
class Meta:
model = Permission
fields = [
'id',
'name'
]
class GroupPermView(ListAPIView):
queryset = Permission.objects.all()
serializer_class = GroupPermSimpleSerializer
# 新增分组可选权限
re_path(r'^permission/simple/$', GroupPermView.as_view()),
测试:
1:此时我们映射所有的路由验证:
urlpatterns = [
# ....
# 分组管理
re_path(r'^permission/groups/$', GroupView.as_view({'get': 'list', 'post': 'create'})),
re_path(r'^permission/groups/(?P<pk>\d+)/$', GroupView.as_view({
'get': 'retrieve',
'put': 'update',
'delete': 'destroy'
})),
# 新增分组可选权限
re_path(r'^permission/simple/$', GroupPermView.as_view()),
]
测试发现全部可以。
三:特殊的一个问题:
我们在新建分组表的时候,显然要将前端传入的权限信息也插入中间表中,为什么这次就可以顺利插入呢?
这个ManyToMany类型对象,在进行反序列化的时候会将前端传过来的id,例如[1,2,3],转换成1,2,3的对象,并且会向关联的中间表中也插入数据。
四:管理员管理:
1:
from django.contrib.auth.models import Group
from django.contrib.auth.hashers import make_password
from rest_framework import serializers
from apps.users.models import User
class AdminGroupSerializer(serializers.ModelSerializer):
class Meta:
model = Group
fields = [
'id',
'name'
]
class AdminUserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = [
'id',
'username',
'email',
'mobile',
'password',
'groups',
'user_permissions'
]
extra_kwargs = {
'password': {'write_only': True}
}
def validate(self, attrs):
raw_password = attrs.get('password')
secret_password = make_password(raw_password)
attrs['password'] = secret_password
attrs['is_staff'] = True
return attrs
from rest_framework.generics import ListAPIView
from rest_framework.viewsets import ModelViewSet
from ..serializers.admin_serializers import *
from ..paginations import MyPage
class AdminGroupView(ListAPIView):
queryset = Group.objects.all()
serializer_class = AdminGroupSerializer
class AdminUserView(ModelViewSet):
queryset = User.objects.filter(is_staff=True)
serializer_class = AdminUserSerializer
pagination_class = MyPage
urlpatterns = [
# ....
# 管理员用户
re_path(r'^permission/admins/$', AdminUserView.as_view({'get': 'list', 'post': 'create'})),
re_path(r'^permission/admins/(?P<pk>\d+)/$', AdminUserView.as_view({
'get': 'retrieve',
'put': 'update',
'delete': 'destroy'
})),
# 新增管理员可选权限
re_path(r'^permission/groups/simple/$', AdminGroupView.as_view()),
]
浙公网安备 33010602011771号