django rest框架添加用戶並創建db中的數據

Question

每一個，我現在在我的項目（django 1.8 +）上使用django rest框架（3.4），我可以創建新用戶，但我不能使用新用戶來創建數據分貝（我可以做的形式確定），但是，我可以創建數據分貝由管理員。我必須讓新用戶在db中創建數據，我該怎麼做？謝謝任何回覆的人。

models.py

class ProductsTbl(models.Model): 
    model_number = models.CharField(
     max_length=255, 
     blank=True, 
     unique=True, 
     error_messages={ 
      'unique': "這 model number 已經被註冊了 ." 
     } 
    ) 
    name = models.CharField(max_length=255, blank=True, null=True) 
    material = models.CharField(max_length=255, blank=True, null=True) 
    color = models.CharField(max_length=255, blank=True, null=True) 
    feature = models.TextField(blank=True, null=True) 
    created = models.DateTimeField(editable=False) 
    modified = models.DateTimeField(auto_now=True) 
    release = models.DateTimeField(blank=True, null=True) 
    twtime = models.DateTimeField(blank=True, null=True) 
    hktime = models.DateTimeField(blank=True, null=True) 
    shtime = models.DateTimeField(blank=True, null=True) 
    jptime = models.DateTimeField(blank=True, null=True) 
    suggest = models.TextField(blank=True, null=True) 
    description = models.TextField(blank=True, null=True) 
    cataloggroup = models.ManyToManyField(CatalogGroup) 
    place = models.ManyToManyField(Place) 
    scale = models.ManyToManyField(Scale) 
    slug = models.SlugField(unique=True) 
    user = models.ForeignKey(User, blank=True, null=True) 
    useredit = models.CharField(max_length=32, blank=True, null=True) 

    def __unicode__(self): 
     return self.name 

    def save(self, *args, **kwargs): 
     ''' On save, update timestamps ''' 

     if not self.id: 
      self.created = timezone.now() 

     return super(ProductsTbl, self).save(*args, **kwargs) 

API/serializers.py

from rest_framework import serializers 
from ..models import * 
from django.contrib.auth.models import User 
from django.contrib.auth import get_user_model 


UserModel = get_user_model() 

class ProductsTblSerializer(serializers.ModelSerializer): 
    class Meta: 
     model = ProductsTbl 
     fields = ('model_number', 
     'created', 
     'name', 
     'release', 
     'twtime', 
     'hktime', 
     'shtime', 
     'jptime', 
     'feature', 
     'material', 
     'suggest', 
     'description', 
     'cataloggroup', 
     'place', 
     'scale', 
     'slug', 
     'user') 



class UserSerializer(serializers.ModelSerializer): 

    password = serializers.CharField(write_only=True) 

    def create(self, validated_data): 

     user = UserModel.objects.create(
      username=validated_data['username'] 
     ) 
     user.set_password(validated_data['password']) 
     user.save() 

     return user 

    class Meta: 
     model = UserModel 

API/urls.py

from django.conf.urls import url, include 
from . import views 


urlpatterns = [ 
    url(r'^productsTbls/$', views.ProductsTblListView.as_view(), name='productsTbls_list'), 
    url(r'^productsTbls/(?P<pk>\d+)/$', views.ProductsTblDetailView.as_view(), name='productsTbls_detail'), 
    url(r'^productsTbls/pdelete/(?P<id>[-\w]+)/$',views.api_delete_product,name='api_delete_p'), 
    url(r'^productsTbls/register/$', views.CreateUserView.as_view(), name='productsTbls_register'), 

] 

API/views.py

from rest_framework import generics 
from ..models import * 
from .serializers import ProductsTblSerializer 
from django.contrib.auth.decorators import login_required 
from django.http import Http404, HttpResponse 
from django.shortcuts import render, redirect 
from rest_framework.renderers import JSONRenderer 
from rest_framework.parsers import JSONParser 
from django.views.decorators.csrf import csrf_exempt 
from django.forms import modelformset_factory 
from django.template.defaultfilters import slugify 
from rest_framework import permissions 
from rest_framework.generics import CreateAPIView 
from django.contrib.auth import get_user_model 
from .serializers import UserSerializer 





class ProductsTblListView(generics.ListCreateAPIView): 
    queryset = ProductsTbl.objects.order_by('-created') 
    serializer_class = ProductsTblSerializer 



class ProductsTblDetailView(generics.RetrieveUpdateDestroyAPIView): 
    queryset = ProductsTbl.objects.all() 
    serializer_class = ProductsTblSerializer 


class CreateUserView(CreateAPIView): 

    model = get_user_model() 
    permission_classes = [ 
     permissions.AllowAny # Or anon users can't register 
    ] 
    serializer_class = UserSerializer 




@csrf_exempt 
@login_required 
def api_delete_product(request, id): 
    # grab the image 
    dp = ProductsTbl.objects.get(id=id) 
    # security check 
    if dp.user != request.user: 
     raise Http404 
    # delete the image 
    dp.delete() 
    # refresh the edit page 
    return redirect('/api/productsTbls/') 

settings.py

........ 

REST_FRAMEWORK = { 
    'DEFAULT_PERMISSION_CLASSES': [ 
     'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly' 
    ] 
} 

Answer 1

我改變了settings.py那麼它可以工作

settings.py

...... 
REST_FRAMEWORK = { 
    'DEFAULT_PERMISSION_CLASSES': [ 
     'rest_framework.permissions.AllowAny', 
     #'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly' 
    ] 
} 

Answer 2

我認爲從管理門戶網站，你需要提供權限您爲每個方法PUT創建的用戶，POST，GET或提供AllowAny許可（哪位能給訪問所有爲任何請求創建用戶）。欲瞭解更多詳情，請參閱this