50 lines
1.6 KiB
Python
50 lines
1.6 KiB
Python
from django.db.models import ProtectedError
|
|
from rest_framework import status
|
|
from rest_framework.exceptions import PermissionDenied
|
|
from rest_framework.permissions import IsAuthenticated
|
|
from rest_framework.response import Response
|
|
from rest_framework.viewsets import ModelViewSet
|
|
|
|
from .models import Brand
|
|
from .serializers import BrandSerializer
|
|
|
|
|
|
class BrandViewSet(ModelViewSet):
|
|
"""
|
|
品牌视图集:所有已认证用户可读,仅管理员可写
|
|
"""
|
|
serializer_class = BrandSerializer
|
|
permission_classes = [IsAuthenticated]
|
|
|
|
def get_queryset(self):
|
|
queryset = Brand.objects.all()
|
|
search = self.request.query_params.get('search')
|
|
if search:
|
|
queryset = queryset.filter(name__icontains=search)
|
|
return queryset
|
|
|
|
def _check_admin(self, action_verb):
|
|
if self.request.user.role != 'admin':
|
|
raise PermissionDenied(f"只有管理员可以{action_verb}品牌")
|
|
|
|
def perform_create(self, serializer):
|
|
self._check_admin("创建")
|
|
serializer.save()
|
|
|
|
def perform_update(self, serializer):
|
|
self._check_admin("修改")
|
|
serializer.save()
|
|
|
|
def destroy(self, request, *args, **kwargs):
|
|
if request.user.role != 'admin':
|
|
raise PermissionDenied("只有管理员可以删除品牌")
|
|
instance = self.get_object()
|
|
try:
|
|
instance.delete()
|
|
except ProtectedError:
|
|
return Response(
|
|
{"detail": "该品牌下存在材料,无法删除"},
|
|
status=status.HTTP_400_BAD_REQUEST,
|
|
)
|
|
return Response(status=status.HTTP_204_NO_CONTENT)
|