我有以下看法-
class File_List(generics.ListAPIView):
model = cdx_composites_csv
serializer_class = cdx_compositesSerializer
def get_queryset(self):
"""
This view should return a list of all the purchases for
the user as determined by the username portion of the URL.
"""
filename = self.request.GET.get('filename')
model = get_model('markit', filename)
filedate = self.request.GET.get('filedate')
queryset = model.objects.using('markitdb').filter(Date__contains=filedate)
return queryset
现在忽略这个模型被列了两次,这是我以后需要弄清楚的同一个模型。你知道吗
对于权限,如果发生以下情况,我希望它拒绝访问。你知道吗
我的电脑里有一个扩展的授权型号.py你知道吗
class FileIndex(models.Model):
filename = models.CharField(max_length=256)
filetype = models.CharField(max_length=16)
vendorid = models.IntegerField()
vendorname = models.CharField(max_length=256)
tablename = models.CharField(max_length=256)
class Meta:
db_table = 'file_index'
verbose_name = 'File/Vendor Index'
verbose_name_plural = 'File/Vendor Indicies'
def __str__(self):
return self.filename
class UserFile(models.Model):
userid = models.ForeignKey(User)
fileid = models.ForeignKey(FileIndex)
grant_date = models.DateTimeField()
revoke_date = models.DateTimeField(blank=True)
class Meta:
db_table = 'auth_files'
verbose_name = 'User File Matrix'
verbose_name_plural = 'User File Matricies'
我想说的是,如果文件名没有出现在与用户相关的地方,访问将被拒绝。你知道吗
在SQL中,只需返回用户有权访问的文件名列表-
select * from auth_files af
inner join auth_user au on au.id = af.userid
inner join file_index fi on fi.id = af.fileid
where au.user = 'user logged in'
然后我想告诉它,如果请求中的文件名在上述查询返回的文件名列表中,那么是的,用户可以做他们想做的事情。你知道吗
更新-像这样调整-
class File_List(generics.ListAPIView):
model = cdx_composites_csv
serializer_class = cdx_compositesSerializer
def get_queryset(self):
# authorized_files = UserFile.objects.filter(userid=self.request.user).values_list('fileid')
"""
This view should return a list of all the purchases for
the user as determined by the username portion of the URL.
"""
filename = self.request.GET.get('filename')
model = get_model('markit', filename)
filedate = self.request.GET.get('filedate')
if FileIndex.objects.filter(filename=filename).exists():
queryset = model.objects.using('markitdb').filter(Date__contains=filedate)
return queryset
我现在得到以下错误-
'NoneType' object is not iterable
在您看来,您可以这样检查:
相关问题 更多 >
编程相关推荐