On 05/19/2016 02:17 AM, Finucane, Stephen wrote:
>On 18 May 22:30, Andy Doan wrote:
This exports person objects via the REST API.
Security Constraints:
* The API is read-only to authenticated users
> Question: we currently expose all users from 'api.py' for use by the
> in Selectize auto-complete widgets in the patch list page. I get the
> reasons for *not* exposing this information publically, but is there
> a way to replace 'api.py' functionality with this API?
> Then again, maybe we don't can't anyway, as the REST API is currently
> optional.
yeah, I could remove the restriction, but it probably doesn't matter too
much either way. Maybe its dumb for me to keep it this way? (I've left
as-is for v4 though).
+class PatchworkViewSet(ModelViewSet):
>+ pagination_class = LinkHeaderPagination
>+
>+ def get_queryset(self):
>+ return self.serializer_class.Meta.model.objects.all()
>+
>+
>+class PeopleViewSet(PatchworkViewSet):
>+ permission_classes = (AuthenticatedReadOnly, )
>+ serializer_class = PersonSerializer
>+
>+ def get_queryset(self):
>+ qs = super(PeopleViewSet, self).get_queryset()
>+ return qs.select_related('user__username')
I don't really get why we moved from the 'queryset' parameter to the
'get_queryset' function. Would the below not work?
queryset = People.objects.select_related('user__username')
This works though, so I'm happy to keep it as is.
That works, but you wind up with lots of boilerplate code import the
model into both the view and serializer module. This allows you to just
use the model class defined by the serializer you are tied to.
_______________________________________________
Patchwork mailing list
Patchwork@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/patchwork
