用于在石墨烯中轻松创建允许的CRUD终结点的工具。
graphene-django-plus的Python项目详细描述
石墨烯django plus
在graphene-django中轻松创建允许的CRUD终结点的工具。
安装
pip install graphene-django-plus
为了利用这个lib提供的所有功能,建议安装 两个graphene-django-optimizer 以及django-guardian。
pip install graphene-django-optimizer django-guardian
它的功能
- 为django模型提供一些基类型,以改进对它们的查询:
- 未经验证的用户处理
- 使用graph-django-optimizer 自动优化
- 使用默认django permission system处理查询的权限
- 使用django guardian处理查询的对象权限
- 中继ID转换,以便查询可以使用全局ID而不是模型的ID
- 提供一组完整且简单的CRUD突变:
- 未经验证的用户处理
- 使用默认django permission system进行权限处理
- 使用django guardian 处理对象权限
- 基于模型的自动输入生成(无需编写自己的输入类型或使用
django forms
和drf serializers
) - 基于模型验证器的自动模型验证
- 为您的模型创建一些快速crud端点非常简单
- 易于扩展和覆盖功能
包含的内容
检查docs是否完整 API文档。
型号
graphene_django_plus.models.GuardedModel
:可以使用的django模型 直接或混合。它将提供.has_perm
方法和.objects.for_user
将由下面描述的ModelType
使用 检查对象权限。一些实用程序需要检查。
类型和查询
graphene_django_plus.types.ModelType
:这个加密graphene_django_plus.DjangoModelType
通过执行一些自动的prefetch
优化设置并检查查询的对象权限 当它从GuardedModel
继承时。graphene_django_plus.fields.CountableConnection
:这个加密graphene.relay.Connection
提供total_count
属性。
下面是一个示例,说明如何使用它们:
importgraphenefromgrapheneimportrelayfromgraphene_django.fieldsimportDjangoConnectionFieldfromgraphene_django_plus.modelsimportGuardedModelfromgraphene_django_plus.typesimportModelTypefromgraphene_django_plus.fieldsimportCountableConnectionclassMyModel(GuardedModel):classMeta:# guardian permissions for this modelpermissions=[('can_read',"Can read the this object's info."),]name=models.CharField(max_length=255)classMyModelType(ModelType):classMeta:model=MyModelinterfaces=[relay.Node]# Use our CountableConnectionconnection_class=CountableConnection# When adding this to a query, only objects with a `can_read`# permission to the request's user will be allowed to return to him# Note that `can_read` was defined in the model.# If the model doesn't inherid from `GuardedModel`, `guardian` is not# installed ot this list is empty, any object will be allowed.# This is empty by defaultobject_permissions=['can_read',]# If unauthenticated users should be allowed to retrieve any object# of this type. This is not dependant on `GuardedModel` and neither# `guardian` and is defined as `False` by defaultallow_unauthenticated=False# A list of Django model permissions to check. Different from# object_permissions, this uses the basic Django's permission system# and thus is not dependant on `GuardedModel` and neither `guardian`.# This is an empty list by default.permissions=[]classQuery(graphene.ObjectType):my_models=DjangoConnectionField(MyModelType)my_model=relay.Node.Field(MyModelType)
可以这样查询:
# All objects that the user has permission to see query { myModels { totalCount edges { node { id name } } } } # Single object if the user has permission to see it query { myModel(id: "<relay global ID>") { id name } }
突变
graphene_django_plus.mutations.BaseMutation
:使用relay
的碱基突变 以及一些基本的权限检查。只需将其.perform_mutation
重写为 进行变异。graphene_django_plus.mutations.ModelMutation
:模型突变 基于一个^ {CD18}}的存在创建和更新模型 输入中的属性。所有模型的字段都将被自动读取 从django,插入输入类型并验证。graphene_django_plus.mutations.ModelCreateMutation
:一个ModelMutation
通过从输入中排除id
字段来强制执行“仅创建”规则。graphene_django_plus.mutations.ModelUpdateMutation
:一个ModelMutation
通过在 输入。graphene_django_plus.mutations.ModelDeleteMutation
:将 只接收模型的ID并将其删除(如果授予权限,则为 当然)。
下面是一个示例,说明如何使用它们:
importgraphenefromgrapheneimportrelayfromgraphene_django_plus.modelsimportGuardedModelfromgraphene_django_plus.typesimportModelTypefromgraphene_django_plus.mutationsimport(ModelCreateMutation,ModelUpdateMutation,ModelDeleteMutation,)classMyModel(GuardedModel):classMeta:# guardian permissions for this modelpermissions=[('can_write',"Can update this object's info."),]name=models.CharField(max_length=255)classMyModelType(ModelType):classMeta:model=MyModelinterfaces=[relay.Node]classMyModelUpdateMutation(ModelUpdateMutation):classMeta:model=MyModel# Make sure only users with the given permissions can modify the# object.# If the model doesn't inherid from `GuardedModel`, `guardian` is not# installed ot this list is empty, any object will be allowed.# This is empty by default.object_permissions=['can_write',]# If unauthenticated users should be allowed to retrieve any object# of this type. This is not dependant on `GuardedModel` and neither# `guardian` and is defined as `False` by defaultallow_unauthenticated=False# A list of Django model permissions to check. Different from# object_permissions, this uses the basic Django's permission system# and thus is not dependant on `GuardedModel` and neither `guardian`.# This is an empty list by default.permissions=[]classMyModelDeleteMutation(ModelDeleteMutation):classMeta:model=MyModelobject_permissions=['can_write',]classMyModelCreateMutation(ModelCreateMutation):classMeta:model=MyModel@classmethoddefafter_save(cls,info,instance,cleaned_input=None):# If the user created the object, allow him to modify itassign_perm('can_write',info.context.user,instance)classMutation(graphene.ObjectType):my_model_create=MyModelCreateMutation.Field()my_model_update=MyModelUpdateMutation.Field()my_model_delete=MyModelDeleteMutation.Field()
这可用于创建/更新/删除,如:
# Create mutation mutation { myModelCreate(input: {name: "foobar"}) { myModel { name } errors { field message } } } # Update mutation mutation { myModelUpdate(input: {id: "<relay global ID>" name: "foobar"}) { myModel { name } errors { field message } } } # Delete mutation mutation { myModelDelete(input: {id: "<relay global ID>"}) { myModel { name } errors { field message } } }
任何验证错误都将出现在errors
返回值中。
许可证
该项目获得麻省理工学院许可(更多信息请参见LICENSE
)
贡献
请随意分叉项目并向我发送具有新功能的拉取请求, 更正和翻译。我们很乐意合并它们并发布新版本 尽快。