From 947c5476c42067fcdffc51689494d83244962444 Mon Sep 17 00:00:00 2001
From: barney <15270405776@163.com>
Date: Fri, 23 Sep 2022 00:08:03 +0800
Subject: [PATCH] =?UTF-8?q?=E8=B6=85=E9=93=BE=E6=8E=A5,=E7=94=A8=E6=88=B7?=
 =?UTF-8?q?=E6=9D=83=E9=99=90,=E5=88=86=E9=A1=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 article/migrations/0002_article_author.py |  21 +++++++++++++++++++++
 article/models.py                         |   8 ++++++++
 article/permissions.py                    |  16 ++++++++++++++++
 article/serializers.py                    |  16 +++++++++++++---
 article/views.py                          |   8 ++++++++
 db.sqlite3                                | Bin 135168 -> 139264 bytes
 drf_vue_blog/settings.py                  |   7 +++++++
 user_info/__init__.py                     |   0
 user_info/admin.py                        |   3 +++
 user_info/apps.py                         |   5 +++++
 user_info/migrations/__init__.py          |   0
 user_info/models.py                       |   3 +++
 user_info/serializers.py                  |  15 +++++++++++++++
 user_info/tests.py                        |   3 +++
 user_info/views.py                        |   3 +++
 15 files changed, 105 insertions(+), 3 deletions(-)
 create mode 100644 article/migrations/0002_article_author.py
 create mode 100644 article/permissions.py
 create mode 100644 user_info/__init__.py
 create mode 100644 user_info/admin.py
 create mode 100644 user_info/apps.py
 create mode 100644 user_info/migrations/__init__.py
 create mode 100644 user_info/models.py
 create mode 100644 user_info/serializers.py
 create mode 100644 user_info/tests.py
 create mode 100644 user_info/views.py

diff --git a/article/migrations/0002_article_author.py b/article/migrations/0002_article_author.py
new file mode 100644
index 0000000..3df5f6b
--- /dev/null
+++ b/article/migrations/0002_article_author.py
@@ -0,0 +1,21 @@
+# Generated by Django 3.1.3 on 2022-09-22 21:50
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ('article', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='article',
+            name='author',
+            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, related_name='articles', to=settings.AUTH_USER_MODEL),
+        ),
+    ]
diff --git a/article/models.py b/article/models.py
index c2e0efa..2181105 100644
--- a/article/models.py
+++ b/article/models.py
@@ -1,9 +1,17 @@
 from django.db import models
 from django.utils import timezone
+from django.contrib.auth.models import User
 
 
 # 博客文章 model
 class Article(models.Model):
+    # 作者
+    author = models.ForeignKey(
+        User,
+        null=True,
+        on_delete=models.CASCADE,
+        related_name='articles'
+        )
     # 标题
     title = models.CharField(max_length=100)
     # 正文
diff --git a/article/permissions.py b/article/permissions.py
new file mode 100644
index 0000000..c64cf88
--- /dev/null
+++ b/article/permissions.py
@@ -0,0 +1,16 @@
+from rest_framework import permissions
+
+
+class IsAdminUserOrReadOnly(permissions.BasePermission):
+    """
+    仅管理员用户可以进行修改
+    其他用户仅可进行查看
+    """
+    # 每次请求到来时被唤醒执行
+    def has_permission(self, request, view):
+        # 对其他仅允许GET, HEAD, OPTIONS请求
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        # 仅管理员可进行其他操作
+        return request.user.is_superuser
+
diff --git a/article/serializers.py b/article/serializers.py
index 0fe0a23..79831fb 100644
--- a/article/serializers.py
+++ b/article/serializers.py
@@ -1,19 +1,29 @@
 from rest_framework import serializers
 from article.models import Article
+from user_info.serializers import UserDescSerializer
+
 
 # 返回文章列表或创建一篇文章
 class ArticleListSerializer(serializers.ModelSerializer):
+    author = UserDescSerializer(read_only=True)
+    # 使用article的url.py中的view --> detail
+    url = serializers.HyperlinkedIdentityField(view_name="article:detail")
+
     class Meta:
         model = Article
         fields = [
-            'id',
+            'url',
             'title',
             'created',
             'body',
+            'author',
         ]
+        # read_only_fields = ['author']
+
+    # 返回文章详情
+
 
-# 返回文章详情
 class ArticleDetailSerializer(serializers.ModelSerializer):
     class Meta:
         model = Article
-        fields = '__all__'
+        fields = '__all__'
\ No newline at end of file
diff --git a/article/views.py b/article/views.py
index 710faf0..4e16769 100644
--- a/article/views.py
+++ b/article/views.py
@@ -7,6 +7,7 @@ from django.http import Http404
 from rest_framework import mixins
 from rest_framework import generics
 from rest_framework import status
+from article.permissions import IsAdminUserOrReadOnly
 
 
 @api_view(['GET', 'POST'])
@@ -27,9 +28,15 @@ def article_list(request):
 
 # 和article_list()功能相同
 class ArticleList(generics.ListCreateAPIView):
+    # 添加用户权限
+    permission_classes = [IsAdminUserOrReadOnly]
     queryset = Article.objects.all()
     serializer_class = ArticleListSerializer
 
+    def perform_create(self, serializer):
+        # 在序列化数据真正保存之前调用
+        serializer.save(author=self.request.user)
+
 
 # 第一种版本
 
@@ -89,5 +96,6 @@ class ArticleList(generics.ListCreateAPIView):
 
 # ArticleDetail类还可以简化为下面的代码
 class ArticleDetail(generics.RetrieveUpdateDestroyAPIView):
+    permission_classes = [IsAdminUserOrReadOnly]
     queryset = Article.objects.all()
     serializer_class = ArticleDetailSerializer
diff --git a/db.sqlite3 b/db.sqlite3
index 93fb8ecf30474e989dc23488cd696bf0767d946c..cbb09378a00382cc7bf11068bc4c33d4204dc9c2 100644
GIT binary patch
delta 1713
zcma)7>uVfU6u)<8n%P;{xvAMaYNVZPD^0rDWZttow%F-*w~r*-G{nTV%62yUns&3B
z?rxe#Dch7n5&d9UaIgsN2SKP++pbtq5b+-nL<AL5LrYsh4HUE=6!gyK(M^fyz+BFp
zd(Q9t&gFN{oV)5g_oegA_KimX0ABpAJOh`yMR?@q@plp7aV=D+#_bN*LX~g4>3SjP
z*#O!_-6)jIv22p#I3c!d$BfBRCSMRZLGW`yzaX#zugRPyDm|(ssX@N_T>E{p#Q+rQ
zgXm|}hdxKA(d#IMzC}W{gMAi-kO4M1bIGaL6U?PL9)j@0#0evp&c}?zxS5M(^JxNI
z1{-KMLu`R|>DXj3S#VS)d!KK_eRR;PJ^(7$dUtd;H4;9!%5@2sZiYnf3h=m@E*K><
zpDTK9aU|z-FpB`0%p&G?mnly>++eN?IGfyVC#}0D;wKX+Ay&*7f~;&4cm*HDwyDJ6
zsZigMq1<qPdYhq-AMNYU&qiKK^$B}sX9{B@1Eo`gvspQlnv@1)(-#gN8t(1QM8msg
zQxo;)CTLPnlldM|Rd`vR^FTMK<nl?T=I7NOPE;i|P+7=tbvh6x`4}x$H%{C|PKs!P
z7|T(8T>fP<E1sAMCX1)W;znlr<aoivIob5&>6v(5Q3F%O@d|O}<NeW*k{0FzSyK*;
z_U8rjz|2%|bYCcS@TC8cJ~BEKQ9}M=)E|jtC({0OxJHxb{G7rHD|C2CQpD=tR~FEJ
zmb`U?yy4pDXanTi#BangtMNE&b2-|muWHhZT+&;t$Z_~xU&Cd`i><N@FX$yBo=vW&
ziS>Nm&`?+(4zt7hp8hcFt%X?E;_y9B!(}*7160rN-buCkeDH#5O~>I@=(XO7!!Me<
zS?`j7V`jq3nz>Rkoh($!uGY!~wd3~DF?g7OJFV*}_zm1=mD4a(o_l5&)q2<m=VUXN
zNKQW`t>x>0(PBv@j`g1kJQcBdne2h+-tfz~`jRA{NWXTS>hrzqq3DyimgNL5+gZoF
z>-J~{exSMtTNjJyPxL!h#sb>1fq;-C?3Hqm1f(e!K5+s)0_ZO+pGP?89@<P2G$icB
zK@c?Uu0=!uzNcjr0qxZePC-GHpn;B>e2}KsldLQS1ep`C2#=ld8i_<Q;nmnPXV1P$
zTIH|doX3SrlIS5ozoLhj-5=;7vm0NqZiYm05ViKs!-KZ9&-#8Ic39PU=p_MwKKnC-
zEpX3b@4!8_HDIOg!1HZ3UCLe>u#dD2+FqQW`~)BMvTG#DxtSjT$#eo{j_E`nqF0zs
zT)KrRk5Uxq>e6+3B3~@AQ)Vf{+QS6Phb<+s$4DDyuD)AQ<77<|dIG8>a>~E&j5hoq
z;Bwu_6f`-YacYmisd6AtkGysVH+$Z<Nz}oE>(}pndhWqT7w^Ay@xl97c|nxqHH`2O
z<~2O0*A@|Q2R$}*H30Sl@T0GJ1?#m{EW7u$X%cRH6={&BfN#5~(>8_A-oR;AbRKRI
oag0(IX8#DVOVxN04=$Nk#X)CXVvTz(v19#2MUw(JF{lXgKlH%pYXATM

delta 781
zcmah{T}u>E7(VaJv^%@2bF@|0(A-@`Bz4`{nf;~<%~ldMhzhAL)?N2&_G{GLE$wEt
zsGFdYxi}<25e3l)ni~lPCG-P=s2~W<8$k*$0`a24CO>Yv>F^%TbIyVHeR!T{a*>_9
z%igT3bR&eU>fT$u)9oU-pAFr|w9!znXe(MuR?E7+RA0BsR6Rsm+=uWQ?!&L}d3+7e
z;84lRyKrk2P1_)n3}xeTFcis1*<f0ZQ$|d;L1-*54X2~Q-BT&pn=8sV+N=u|@`+#}
z7ahYNlt=c~c9lZ4?%y8OK->2kXQcR8C@;y`oN=CKcnx3)VX0I(62yumCpq3Pdi+jb
zhtJ2m1fQ}ZH?e>>ky_eP<>WV9+AMx=u#CzH?|6ofx+lcKNIEK|3VFx4Z+Il{ab9qU
ziHiz-=lQYzlW~78B1Yuc@knGKlMx*mTTn_5o*E6sglz9bcyvN^r1)H5;7r_+mjzxB
zY!2SWyDh>t3m4zPd!1gsv~_0%|99m495Yu|L1hthi(aSCQCY$bK`p!MNzZgw4e1$z
zPh>U&`^l9gc**ZD=#>X-1G$%iDrJl9B!^QFQ{J-8hC@?HtJc)k2A2(_F$_)6KzhRP
zdg1IaoS?x+p2Xlid?Cd+bZZczP6y1&8^b}OO#(I;)CZ%<Y=)~=VoiccsbRYo1{3hq
z!%}zy;h%UzRdNlR_R#=ZilITL)vGkAzcT;Ao7*xUU}zmsG_BK>Z+{h$nwFvp>r|^`
zOp5Pds;V4^k%sF;cox^=B=?cK&ULCuYv;Iry#_V6h+S(lH&$=IB#UOsOfpMgWdb@4
zBA-=6N=wkl1lXNxH*=I$k!2Z<F!(WINo*M|)vA8*KARv|1c#p&{SI%3)9rCNJukk(
M5BpA1_B`VM0A()TNdN!<

diff --git a/drf_vue_blog/settings.py b/drf_vue_blog/settings.py
index 66d4a7b..2cf0d36 100644
--- a/drf_vue_blog/settings.py
+++ b/drf_vue_blog/settings.py
@@ -27,6 +27,7 @@ INSTALLED_APPS = [
     'django.contrib.staticfiles',
     'rest_framework',
     'article',
+    'user_info',
 ]
 
 MIDDLEWARE = [
@@ -109,3 +110,9 @@ USE_TZ = False
 # https://docs.djangoproject.com/en/3.1/howto/static-files/
 
 STATIC_URL = '/static/'
+
+# 使用django_rest_framework中的分页功能
+REST_FRAMEWORK = {
+    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
+    'PAGE_SIZE': 3, # 每页3条记录
+}
\ No newline at end of file
diff --git a/user_info/__init__.py b/user_info/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/user_info/admin.py b/user_info/admin.py
new file mode 100644
index 0000000..8c38f3f
--- /dev/null
+++ b/user_info/admin.py
@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.
diff --git a/user_info/apps.py b/user_info/apps.py
new file mode 100644
index 0000000..1bf3bab
--- /dev/null
+++ b/user_info/apps.py
@@ -0,0 +1,5 @@
+from django.apps import AppConfig
+
+
+class UserInfoConfig(AppConfig):
+    name = 'user_info'
diff --git a/user_info/migrations/__init__.py b/user_info/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/user_info/models.py b/user_info/models.py
new file mode 100644
index 0000000..71a8362
--- /dev/null
+++ b/user_info/models.py
@@ -0,0 +1,3 @@
+from django.db import models
+
+# Create your models here.
diff --git a/user_info/serializers.py b/user_info/serializers.py
new file mode 100644
index 0000000..3783888
--- /dev/null
+++ b/user_info/serializers.py
@@ -0,0 +1,15 @@
+from django.contrib.auth.models import User
+from rest_framework import serializers
+
+
+class UserDescSerializer(serializers.ModelSerializer):
+    """文章列表中引用的嵌套序列化器"""
+
+    class Meta:
+        model = User
+        fields = [
+            'id',
+            'username',
+            # 'last_login',
+            # 'date_joined'
+        ]
diff --git a/user_info/tests.py b/user_info/tests.py
new file mode 100644
index 0000000..7ce503c
--- /dev/null
+++ b/user_info/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/user_info/views.py b/user_info/views.py
new file mode 100644
index 0000000..91ea44a
--- /dev/null
+++ b/user_info/views.py
@@ -0,0 +1,3 @@
+from django.shortcuts import render
+
+# Create your views here.