Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/manfred-kaiser/restframework-serializer-permissions

Drop in replacement for Django Restframework Serializers to add permission based field serialization.
https://github.com/manfred-kaiser/restframework-serializer-permissions

django django-rest-framework permissions serialization

Last synced: about 1 month ago
JSON representation

Drop in replacement for Django Restframework Serializers to add permission based field serialization.

Host: GitHub
URL: https://github.com/manfred-kaiser/restframework-serializer-permissions
Owner: manfred-kaiser
License: gpl-3.0
Created: 2021-04-01T08:30:14.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2021-04-06T13:24:00.000Z (over 3 years ago)
Last Synced: 2024-10-06T23:16:41.656Z (about 1 month ago)
Topics: django, django-rest-framework, permissions, serialization
Language: Python
Homepage:
Size: 28.3 KB
Stars: 12
Watchers: 2
Forks: 1
Open Issues: 2
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE

Awesome Lists containing this project

README

        restframework-serializer-permissions

====================================

Drop in replacement for [Django Restframework Serializers](https://www.django-rest-framework.org/api-guide/serializers/) to add permission based field serialization.

Installation

------------

Install this module into your environment:

    $ pip install restframework-serializer-permissions

Example

-------

This example uses a ModelSerializer as described in [DRF Docs](https://www.django-rest-framework.org/api-guide/serializers/#modelserializer)

```python

# import permissions from rest_framework

from rest_framework.permissions import AllowAny, IsAuthenticated

# import serializers from serializer_permissions instead of rest_framework

from serializer_permissions  import serializers

# import you models

from myproject.models import ShoppingItem, ShoppingList

class ShoppingItemSerializer(serializers.ModelSerializer):

    item_name = serializers.CharField()

    class Meta:

        # metaclass as described in drf docs

        model = ShoppingItem

        fields = ('item_name', )

class ShoppingListSerializer(serializers.ModelSerializer):

    # Allow all users to list name

    list_name = serializers.CharField(permission_classes=(AllowAny, ))

    # Only allow authenticated users to retrieve the comment

    list_comment = serializers.CharField(permissions=(IsAuthenticated, ))

    # show owner only, when the current user has 'auth.view_user' permission

    owner = serializers.CharField(permissions=('auth.view_user', ), hide=True)

    # serializer which is only available, when the user is authenticated

    items = ShoppingItemSerializer(many=True, permissions=(IsAuthenticated, ), hide=True)

    class Meta:

        # metaclass as described in drf docs

        model = ShoppingItem

        fields = ('list_name', 'list_comment', 'owner', 'items', )

```

You can also define your own permissions classes as described in the  [DRF documentation](https://www.django-rest-framework.org/api-guide/permissions/#custom-permissions) and specify multiple r`permission_classes` and r`permissions` on a field or serializer: all provided permissions must be satisfied for the visitor to retrieve the given field.

Compatibility

-------------

This package should be compatible with:

* Django Rest Framework 3

* Django 2.x, 3.x

* Python 3.6, 3.7, 3.8