1、在model表中添加用户user
owner = models.ForeignKey('auth.User', related_name='snippets', on_delete=models.CASCADE)
2、在序列化表中添加如下关联信息
对应表
owner = serializers.ReadOnlyField(source='owner.username')
用户表
snippets = serializers.PrimaryKeyRelatedField(many=True, queryset=Snippet.objects.all())
3、添加permission文件
from rest_framework import permissions class IsOwnerOrReadOnly(permissions.BasePermission): """ Custom permission to only allow owners of an object to edit it. """ def has_object_permission(self, request, view, obj): # Read permissions are allowed to any request, # so we'll always allow GET, HEAD or OPTIONS requests. if request.method in permissions.SAFE_METHODS: return True # Write permissions are only allowed to the owner of the snippet. return obj.owner == request.user
4、在views中添加访问权限
permission_classes = (permissions.IsAuthenticatedOrReadOnly,)
permission_classes = (permissions.IsAuthenticatedOrReadOnly, IsOwnerOrReadOnly,)