Django 石墨烯中继限制对用户拥有的对象的查询
Django graphene relay restricting queries to objects owned the user
我正在做关于继电器过滤的石墨烯教程,来自:http://docs.graphene-python.org/projects/django/en/latest/filtering/
用户仅限于查询他们之前创建的对象。我正在使用石墨烯 2、django 2 和 django-filter 1.11。
class AnimalFilter(django_filters.FilterSet):
# Do case-insensitive lookups on 'name'
name = django_filters.CharFilter(lookup_expr=['iexact']) #changed this to work
class Meta:
model = Animal
fields = ['name', 'genus', 'is_domesticated']
@property
def qs(self):
# The query context can be found in self.request.
return super(AnimalFilter, self).qs.filter(owner=self.request.user)
我正在插入 self.request.user
部分,用户数据已加载到该部分。当我进行如下查询时:
query {
allAnimalss {
edges {
node {
id,
name
}
}
}
}
我在查询字段中收到错误:
{
"errors": [
{
"message": "'NoneType' object has no attribute 'user'",
"locations": [
{
"line": 2,
"column": 3
}
]
}
],
"data": {
"allAnimals": null
}
}
如果我删除过滤器,它会正常工作。教程提到"owned by the authenticated user (set in context.user)."这是什么意思?
我尝试将 get_context_data 函数添加到 views.py
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['user'] = self.request.user
return context
并且还将 self.request.user
更改为 self.context.user
但它不起作用
您可以在解析器方法中通过 info.context 访问请求,从而访问用户。文档对此的解释不是很好,但是 here you can see an example
def resolve_something(self, info, something_id):
# Here info.context is the django request object
something = Something.objects.get(something_id)
if info.context.user.id == something.user_id:
# The user owns this object!
return something
# Return None or raise an exception here maybe since it's not the owner
return None
我正在做关于继电器过滤的石墨烯教程,来自:http://docs.graphene-python.org/projects/django/en/latest/filtering/ 用户仅限于查询他们之前创建的对象。我正在使用石墨烯 2、django 2 和 django-filter 1.11。
class AnimalFilter(django_filters.FilterSet):
# Do case-insensitive lookups on 'name'
name = django_filters.CharFilter(lookup_expr=['iexact']) #changed this to work
class Meta:
model = Animal
fields = ['name', 'genus', 'is_domesticated']
@property
def qs(self):
# The query context can be found in self.request.
return super(AnimalFilter, self).qs.filter(owner=self.request.user)
我正在插入 self.request.user
部分,用户数据已加载到该部分。当我进行如下查询时:
query {
allAnimalss {
edges {
node {
id,
name
}
}
}
}
我在查询字段中收到错误:
{
"errors": [
{
"message": "'NoneType' object has no attribute 'user'",
"locations": [
{
"line": 2,
"column": 3
}
]
}
],
"data": {
"allAnimals": null
}
}
如果我删除过滤器,它会正常工作。教程提到"owned by the authenticated user (set in context.user)."这是什么意思?
我尝试将 get_context_data 函数添加到 views.py
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['user'] = self.request.user
return context
并且还将 self.request.user
更改为 self.context.user
但它不起作用
您可以在解析器方法中通过 info.context 访问请求,从而访问用户。文档对此的解释不是很好,但是 here you can see an example
def resolve_something(self, info, something_id):
# Here info.context is the django request object
something = Something.objects.get(something_id)
if info.context.user.id == something.user_id:
# The user owns this object!
return something
# Return None or raise an exception here maybe since it's not the owner
return None