I use drf_yasg swagger for my Django API.
I would like to know how to easily disable the schema and model.
screenshot
here is my code:
from .models import Articles
from .serializers import ArticlesSerializer
from rest_framework import viewsets
from rest_framework.response import Response
from rest_framework import status
from rest_framework.authentication import SessionAuthentication,TokenAuthentication, BasicAuthentication
from rest_framework.views import APIView
from rest_framework.permissions import IsAuthenticated
from rest_framework.parsers import JSONParser
from django.utils.decorators import method_decorator
from django.contrib.auth import authenticate, login, logout
from rest_framework.decorators import api_view
from drf_yasg.utils import swagger_auto_schema
from drf_yasg import openapi
#swagger_auto_schema(methods=['get'], operation_description="description", manual_parameters=[
openapi.Parameter('category', openapi.IN_QUERY, "category1, category2, category3", type=openapi.TYPE_STRING),
openapi.Parameter('name', openapi.IN_QUERY, "full name", type=openapi.TYPE_STRING),
], responses={
200: openapi.Response('Response', ArticlesSerializer),
}, tags=['Articles'])
# desactivate POST methode on swagger
#swagger_auto_schema(method='POST', auto_schema=None)
#api_view(['GET','POST'])
def articles(request):
"""
List all articles.
"""
if request.user.is_authenticated:
if request.method == 'GET':
articles = Articles.objects.all()
serializer = ArticlesSerializer(Articles, many=True)
return JsonResponse(serializer.data, safe=False)
elif request.method == 'POST':
data = JSONParser().parse(request)
serializer = ArticlesSerializer(data=data)
if serializer.is_valid():
serializer.save()
return JsonResponse(serializer.data, status=201)
return JsonResponse(serializer.errors, status=400)
return JsonResponse({"status":"403", "message":"User not authenticated"})
If i add this
class UserList(APIView):
swagger_schema = None
i got error:
AssertionError: `method` or `methods` can only be specified on #action or #api_view views
Code Edited:
the articles function is pretty simple nothing related to the API, only Python code.
Here the views Class is also pretty simple.
Class Views:
from django.db import models
class Articles(models.Model):
STATUS = (
(1, 'PENDING'),
(2, 'COMPLETED'),
(3, 'DECLINED'),
(0, 'BANNED'),
)
name = models.CharField(max_length=100)
...
status = models.PositiveSmallIntegerField(
choices = STATUS,
default = 1,
)
I only have half of the answer, to disable Models I added this to my setting.py
SWAGGER_SETTINGS = {
'DEFAULT_FIELD_INSPECTORS': [
'drf_yasg.inspectors.CamelCaseJSONFilter',
'drf_yasg.inspectors.InlineSerializerInspector',
'drf_yasg.inspectors.RelatedFieldInspector',
'drf_yasg.inspectors.ChoiceFieldInspector',
'drf_yasg.inspectors.FileFieldInspector',
'drf_yasg.inspectors.DictFieldInspector',
'drf_yasg.inspectors.SimpleFieldInspector',
'drf_yasg.inspectors.StringDefaultFieldInspector',
],
}
Credit goes to this guys, and here is the documentation for more details.
I finally figured it out.
I just had to overwrite the responses parameter with either plain text, markdown or html.
#swagger_auto_schema(methods=['get'], operation_description="Get article information ", manual_parameters=[
openapi.Parameter('id', openapi.IN_QUERY, "Article Id", type=openapi.TYPE_STRING),
], responses={ 200: '**Example:** \
<div class="highlight-code"><pre>{ <br>\
"category": "string", <br>\
"image": "string",<br>\
"link": "string",<br>\
"birth_date": "string",<br>\
}</pre></div>'},
tags=['Get Articles'])
To have the same css effect (background black) you can add this custom CSS in the file ...\site-packages\drf_yasg\static\drf-yasg\style.css
.swagger-ui .markdown .highlight-code pre{
color: #fff;
font-weight: 400;
white-space: pre-wrap;
background: #41444e;
padding: 15px;
}
Related
I solved the problem while writing this question but I wanted to post it so maybe someone needs this answer
Hello my friends.
i am new to django testing.
while i'm testing my views i faced this error in some views.
This is my views.py:
def all_programs(request):
programs = Program.objects.all()
return render(request, 'orders/all_programs.html', {'programs': programs})
def checkout(request, slug):
if request.method == 'POST':
# get data from form and save it
program = get_object_or_404(Program, slug=slug)
dates = ProgramDate.objects.filter(program=program)
return render(request, 'orders/checkout.html', {'program': program, 'dates': dates})
This is urls.py:
from django.urls import path
from django.views.generic import RedirectView
from .views import *
app_name = 'orders'
urlpatterns = [
path('', RedirectView.as_view(url='https://www.another-website.net')),
path('tests/', all_programs, name='all_programs'),
path('checkout/<str:slug>/', checkout, name='checkout'),
path('checkout/return_page/', ReturnPage.as_view(), name='return_page'),
]
And this is test_views.py:
from django.test import TestCase
from django.shortcuts import reverse
class TestViews(TestCase):
def test_all_programs(self):
response = self.client.get(reverse('orders:all_programs'))
self.assertTemplateUsed(response, 'orders/all_programs.html')
def test_checkout(self): # error id here
response = self.client.get(reverse('orders:all_programs', kwargs={'slug': 'test'})) # I tried this
# response = self.client.get('http://127.0.0.1:8000/checkout/test/') #and this
self.assertTemplateUsed(response, 'orders/checkout.html')
The solution in this case is:
The test in Django does not use the default database but rather creates its own database that does not have any records (I completely forgot that), so you must create records before you start tests that relate to the database.
in this case i must create new program before test:
class TestViews(TestCase):
_program = {
'name': 'test_program',
'price': 1000,
'abbreviation': 'test',
'description': 'test_program',
'slug': 'test_program',
'id_from_zoho': 1000,
}
def test_checkout(self):
program = Program(**self._program)
program.save()
response = self.client.get(reverse('orders:checkout', kwargs={'slug': program.slug}))
self.assertTemplateUsed(response, 'orders/checkout.html')
I have a very basic Django Rest API.
I don't know how to have some HTML views, in the same django project, which uses API (finally keeping API returning JSON only).
I followed this, but it seems to change the API View (in this case, curl will retrieve HTML and not JSON) :
https://www.django-rest-framework.org/api-guide/renderers/#templatehtmlrenderer
Do I need another Django App ? Another Django project ? Some JS ?
EDIT :
Ok, I've seen it's possible, thanks to rrebase.
But I can't retrieve the JSON with Curl, here my views.py
from rest_framework import generics
from rest_framework.renderers import TemplateHTMLRenderer, JSONRenderer
from rest_framework.response import Response
from rest_framework.views import APIView
from rest_framework.permissions import IsAdminUser
from . import models
from . import serializers
class UserListView(generics.ListAPIView):
renderer_classes = [JSONRenderer, TemplateHTMLRenderer]
template_name = 'profile_list.html'
def get(self, request):
queryset = models.CustomUser.objects.all()
serializer_class = serializers.UserSerializer
return Response({'profiles': queryset})
My models.py
from django.db import models
from django.contrib.auth.models import AbstractUser
class CustomUser(AbstractUser):
def __str__(self):
return self.email
I get an error "Object of type 'CustomUser' is not JSON serializable" when I request the API (http://127.0.0.1:8000/api/v1/users/)
Sorry, it's some different that initial question...
Yes, you can have both. The link you provided to docs has the following:
You can use TemplateHTMLRenderer either to return regular HTML pages using REST framework, or to return both HTML and API responses from a single endpoint.
When making an API request, set the ACCEPT request-header accordingly to html or json.
Finally I made some conditions in my view, and it's working
class UserListView(generics.ListAPIView):
renderer_classes = [JSONRenderer, TemplateHTMLRenderer]
permission_classes = (IsAdminUser,)
def get(self, request):
queryset = CustomUser.objects.all()
if request.accepted_renderer.format == 'html':
data = {'profiles': queryset}
return Response(data, template_name='profile_list.html')
else:
serializer = UserSerializer(queryset, many=True)
data = serializer.data
return Response(data)
I am trying to get the right query parameters shown in the swagger documentation produced by django-rest-swagger
from rest_framework.filters import BaseFilterBackend
from rest_framework.compat import coreapi, coreschema
from django.utils.encoding import force_text
from django.utils.translation import ugettext_lazy as _
from enum import Enum
class MyChoices(Enum):
ONE = 'ONE'
TWO = 'TWO'
class KeyFilter(BaseFilterBackend):
key_param = 'key'
default_key = 'psc'
key_title = _('Key')
key_description = _('Specify the aggregation key.')
def filter_queryset(self, request, queryset, view):
key = request.query_params.pop(self.key_param, [self.default_key])[0]
return ConsumptionAggregate(queryset).aggregate(key)
def get_schema_fields(self, view):
assert coreapi is not None, 'coreapi must be installed to use `get_schema_fields()`'
assert coreschema is not None, 'coreschema must be installed to use `get_schema_fields()`'
return [
coreapi.Field(
name=self.key_param,
required=False,
location='query',
schema=coreschema.Enum(
MyChoices,
title=force_text(self.key_title),
description=force_text(self.key_description)
)
)
]
But that is not being displayed as a dropdown.
How can we have choices being rendered as dropdowns?
Try:
schema=coreschema.Enum(
('ONE', 'TWO'),
title=force_text(self.key_title),
description=force_text(self.key_description)
)
views.py
from django.shortcuts import render, HttpResponse, get_object_or_404
from django.http import JsonResponse
from .models import Locker
from .serializers import LockerSerializer
from rest_framework.response import Response
from rest_framework import status
from rest_framework.views import APIView
from django.core import serializers
def locker_data_response(request):
if request.method == 'GET':
locker_mac_address = request.GET.get('locker_mac_address') # this will return None if not found
locker_information = get_object_or_404(Locker, locker_mac_address = locker_mac_address)
print(locker_information)
locker_information_serialize = LockerSerializer(locker_information)
print(locker_information_serialize)
return JsonResponse(locker_information_serialize.data)
elif request.method == 'POST':
locker_all_information_in_json = serializers.get_deserializer(request.POST())
print(locker_all_information_in_json)
json data
{
"id": 1,
"locker_name": "H15_c6d730",
"locker_mac_address": "CE:B2:FE:30:D7:C6",
"locker_rssi": -78,
"locker_protocol_type": "5",
"locker_protocol_version": "3",
"locker_scene": "2",
"locker_group_id": "0",
"locker_org_id": "0",
"locker_type": 5,
"locker_is_touch": true,
"locker_is_setting_mode": false,
"locker_is_wrist_band": false,
"locker_is_unlock": false,
"locker_tx_power_level": "-65",
"locker_battery_capacity": "57",
"locker_date": 1518500996721,
"locker_device": "CE:B2:FE:30:D7:C6",
"locker_scan_record": "terterwer"
}
I am trying to send the json in this format from mobile device to my server.I check the get method, it works perfectly. But how can i post this json in my server and how can i get the json data in my server side?
Change your views to something like this,
def locker_data_response(request):
# ----
# ----
# ----
if request.method == 'POST':
post_data = request.data # your post data will be here
locker_all_information_in_json = serializers.get_deserializer(post_data)
# do stuff with post data
#return json_data
request.data holds the POST data to the view
I would like to limit the access to myweb/api in django rest framework.
I've tried:
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.IsAuthenticated',
)
}
But it limits all the requests however I want to limit access only to myweb/api page
You could add liberal permissions in settings.py file and add more restrictive ones in the specific api view.
In settings.py, add something like :
'DEFAULT_PERMISSION_CLASSES': (
'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
),
of you could also use AllowAny permission.
You can set the authentication policy on a per-view, or per-viewset basis, using the APIView class based views.
from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response
from rest_framework.views import APIView
class ExampleView(APIView):
permission_classes = (IsAuthenticated,)
def get(self, request, format=None):
content = {
'status': 'request was permitted'
}
return Response(content)
Or, if you're using the #api_view decorator with function based views.
from rest_framework.decorators import api_view, permission_classes
from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response
#api_view('GET')
#permission_classes((IsAuthenticated, ))
def example_view(request, format=None):
content = {
'status': 'request was permitted'
}
return Response(content)
When you set new permission classes through class attribute or decorators you're telling the view to ignore the default list set over the settings.py file.