added swagger auto schema decorator for FBV to display API parameters in...

added swagger auto schema decorator for FBV to display API parameters in document; fixed custom permission issue

added swagger auto schema decorator for FBV to display API parameters in...
added swagger auto schema decorator for FBV to display API parameters in document; fixed custom permission issue
b8829a5d · Administrator · ddbc168d · b8829a5d · b8829a5d · b8829a5d
Commit b8829a5d authored Jun 04, 2024 by Administrator
--- a/django_rest/settings.py
+++ b/django_rest/settings.py
@@ -46,7 +46,8 @@ INSTALLED_APPS = [

 INSTALLED_APPS += [
    'rest_framework',
-    'my_app'
+    'my_app',
+    'drf_yasg'
 ]


@@ -151,7 +152,7 @@ STATICFILES_DIRS = [
 ]

 REST_FRAMEWORK = {
-    "DEFAULT_SCHEMA_CLASS": "rest_framework.schemas.coreapi.AutoSchema",
+    "DEFAULT_SCHEMA_CLASS": "rest_framework.schemas.openapi.AutoSchema",
    "DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.PageNumberPagination",
    "PAGE_SIZE": 50,
    "DATETIME_FORMAT": "%Y-%m-%d %H:%M:%S",

--- a/django_rest/urls.py
+++ b/django_rest/urls.py
@@ -18,9 +18,33 @@ from django.contrib import admin
 from django.urls import path, include
 from rest_framework.documentation import include_docs_urls

+# 使用drf_yasg
+from rest_framework import permissions
+from drf_yasg.views import get_schema_view
+from drf_yasg import openapi
+
 urlpatterns = [
    path('admin/', admin.site.urls),
    path('my_app/', include('my_app.urls')),
    path('docs/', include_docs_urls(title="DRF API文档", description="Django REST Framework快速入门")),
-    path('api-auth', include('rest_framework.urls'))
+    path('api-auth', include('rest_framework.urls')),
 ]
+
+# 使用drf_yasg
+schema_view = get_schema_view(
+    openapi.Info(
+        title="Swagger API",
+        default_version='v1',
+        description="API description",
+        terms_of_service="https://yourwebsite.com/terms/",
+        contact=openapi.Contact(email="contact@yourwebsite.com"),
+        license=openapi.License(name="BSD License"),
+    ),
+    public=True,
+    permission_classes=(permissions.AllowAny,),  # 设置谁可以访问此文档，默认为 AllowAny，可按需调整权限
+)
+
+urlpatterns += [
+    path('swagger/', schema_view.with_ui('swagger', cache_timeout=0), name='schema-swagger-ui'),
+    path('redoc/', schema_view.with_ui('redoc', cache_timeout=0), name='schema-redoc'),
+]
\ No newline at end of file
--- a/my_app/permissions.py
+++ b/my_app/permissions.py
@@ -5,11 +5,6 @@ class CustomPermission(permissions.BasePermission):
    Custom permission to only allow owners of an object to edit it.
    """

-    def has_object_permission(self, request, view, obj):
-        # Read permissions are allowed to any request,
-        # so we'll always allow GET, HEAD or OPTIONS requests.
-        if request.method in permissions.SAFE_METHODS:
-            return True
-
-        # Write permissions are only allowed to the owner of the snippet.
-        return request.user != None
\ No newline at end of file
+    def has_permission(self, request, view):
+        # 只检查用户是否认证，如果是则返回True，允许访问
+        return request.user and request.user.is_authenticated
\ No newline at end of file
--- a/my_app/urls.py
+++ b/my_app/urls.py
@@ -3,6 +3,9 @@ from django.urls import path
 from my_app import views

 urlpatterns = [
+    # FBV
+    path('fbv/demo_user/', views.demo_user_list, name='FBV List User'),
+    path('fbv/demo_user/<int:pk>/', views.demo_user_detail, name='FBV Detail User'),
    # CBV
    path('cbv/demo_user/', views.DemoUserList.as_view(), name='CBV List User'),
    path('cbv/demo_user/<int:pk>/', views.DemoUserDetail.as_view(), name='CBV Detail User'),

--- a/my_app/views.py
+++ b/my_app/views.py
@@ -16,6 +16,61 @@ from rest_framework import status

 # Import for custom permission
 from my_app.permissions import CustomPermission
+from my_app import permissions
+from rest_framework.permissions import IsAuthenticated, AllowAny
+
+# Import for FBV
+from rest_framework.decorators import api_view, permission_classes
+from drf_yasg.utils import swagger_auto_schema
+
+"""
+FBV - Function based views
+"""
+@swagger_auto_schema(method='post', request_body=DemoUsersSerializer)
+@api_view(['GET', 'POST'])
+@permission_classes([CustomPermission])
+def demo_user_list(request, format=None):
+
+    if request.method == 'GET':
+        demoUser = DemoUsers.objects.all()
+        serializer = DemoUsersSerializer(demoUser, many=True)
+        return Response(serializer.data, status=status.HTTP_200_OK)
+
+    elif request.method == 'POST':
+        serializer = DemoUsersSerializer(data=request.data)
+        if serializer.is_valid():
+            serializer.save(created_by=request.user) # TODO
+            return Response(serializer.data, status=status.HTTP_201_CREATED)
+        else:
+            return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+
+@swagger_auto_schema(methods=['put'], request_body=DemoUsersSerializer)
+@api_view(['GET', 'PUT', 'DELETE'])
+@permission_classes([CustomPermission])
+def demo_user_detail(request, pk, format=None):
+
+    try:
+        demoUser = DemoUsers.objects.get(pk=pk)
+    except DemoUsers.DoesNotExist:
+        return Response(status=status.HTTP_404_NOT_FOUND)
+
+    if request.method == 'GET':
+        serializer = DemoUsersSerializer(demoUser)
+        return Response(serializer.data)
+    
+    elif request.method == 'PUT':
+        serializer = DemoUsersSerializer(demoUser, request.data)
+        if serializer.is_valid:
+            serializer.save(last_updated_by=request.user)
+            return Response(serializer.data)
+        else:
+            return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+    
+    elif request.method == 'DELETE':
+        demoUser.delete()
+        return Response(status=status.HTTP_204_NO_CONTENT)
+

 """
 CBV - Class based views