123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315 |
- """
- Provides generic filtering backends that can be used to filter the results
- returned by list views.
- """
- import operator
- from functools import reduce
-
- from django.core.exceptions import ImproperlyConfigured
- from django.db import models
- from django.db.models.constants import LOOKUP_SEP
- from django.db.models.sql.constants import ORDER_PATTERN
- from django.template import loader
- from django.utils.encoding import force_str
- from django.utils.translation import gettext_lazy as _
-
- from rest_framework.compat import coreapi, coreschema, distinct
- from rest_framework.settings import api_settings
-
-
- class BaseFilterBackend:
- """
- A base class from which all filter backend classes should inherit.
- """
-
- def filter_queryset(self, request, queryset, view):
- """
- Return a filtered queryset.
- """
- raise NotImplementedError(".filter_queryset() must be overridden.")
-
- def get_schema_fields(self, view):
- assert coreapi is not None, 'coreapi must be installed to use `get_schema_fields()`'
- assert coreschema is not None, 'coreschema must be installed to use `get_schema_fields()`'
- return []
-
- def get_schema_operation_parameters(self, view):
- return []
-
-
- class SearchFilter(BaseFilterBackend):
- # The URL query parameter used for the search.
- search_param = api_settings.SEARCH_PARAM
- template = 'rest_framework/filters/search.html'
- lookup_prefixes = {
- '^': 'istartswith',
- '=': 'iexact',
- '@': 'search',
- '$': 'iregex',
- }
- search_title = _('Search')
- search_description = _('A search term.')
-
- def get_search_fields(self, view, request):
- """
- Search fields are obtained from the view, but the request is always
- passed to this method. Sub-classes can override this method to
- dynamically change the search fields based on request content.
- """
- return getattr(view, 'search_fields', None)
-
- def get_search_terms(self, request):
- """
- Search terms are set by a ?search=... query parameter,
- and may be comma and/or whitespace delimited.
- """
- params = request.query_params.get(self.search_param, '')
- params = params.replace('\x00', '') # strip null characters
- params = params.replace(',', ' ')
- return params.split()
-
- def construct_search(self, field_name):
- lookup = self.lookup_prefixes.get(field_name[0])
- if lookup:
- field_name = field_name[1:]
- else:
- lookup = 'icontains'
- return LOOKUP_SEP.join([field_name, lookup])
-
- def must_call_distinct(self, queryset, search_fields):
- """
- Return True if 'distinct()' should be used to query the given lookups.
- """
- for search_field in search_fields:
- opts = queryset.model._meta
- if search_field[0] in self.lookup_prefixes:
- search_field = search_field[1:]
- # Annotated fields do not need to be distinct
- if isinstance(queryset, models.QuerySet) and search_field in queryset.query.annotations:
- return False
- parts = search_field.split(LOOKUP_SEP)
- for part in parts:
- field = opts.get_field(part)
- if hasattr(field, 'get_path_info'):
- # This field is a relation, update opts to follow the relation
- path_info = field.get_path_info()
- opts = path_info[-1].to_opts
- if any(path.m2m for path in path_info):
- # This field is a m2m relation so we know we need to call distinct
- return True
- return False
-
- def filter_queryset(self, request, queryset, view):
- search_fields = self.get_search_fields(view, request)
- search_terms = self.get_search_terms(request)
-
- if not search_fields or not search_terms:
- return queryset
-
- orm_lookups = [
- self.construct_search(str(search_field))
- for search_field in search_fields
- ]
-
- base = queryset
- conditions = []
- for search_term in search_terms:
- queries = [
- models.Q(**{orm_lookup: search_term})
- for orm_lookup in orm_lookups
- ]
- conditions.append(reduce(operator.or_, queries))
- queryset = queryset.filter(reduce(operator.and_, conditions))
-
- if self.must_call_distinct(queryset, search_fields):
- # Filtering against a many-to-many field requires us to
- # call queryset.distinct() in order to avoid duplicate items
- # in the resulting queryset.
- # We try to avoid this if possible, for performance reasons.
- queryset = distinct(queryset, base)
- return queryset
-
- def to_html(self, request, queryset, view):
- if not getattr(view, 'search_fields', None):
- return ''
-
- term = self.get_search_terms(request)
- term = term[0] if term else ''
- context = {
- 'param': self.search_param,
- 'term': term
- }
- template = loader.get_template(self.template)
- return template.render(context)
-
- def get_schema_fields(self, view):
- assert coreapi is not None, 'coreapi must be installed to use `get_schema_fields()`'
- assert coreschema is not None, 'coreschema must be installed to use `get_schema_fields()`'
- return [
- coreapi.Field(
- name=self.search_param,
- required=False,
- location='query',
- schema=coreschema.String(
- title=force_str(self.search_title),
- description=force_str(self.search_description)
- )
- )
- ]
-
- def get_schema_operation_parameters(self, view):
- return [
- {
- 'name': self.search_param,
- 'required': False,
- 'in': 'query',
- 'description': force_str(self.search_description),
- 'schema': {
- 'type': 'string',
- },
- },
- ]
-
-
- class OrderingFilter(BaseFilterBackend):
- # The URL query parameter used for the ordering.
- ordering_param = api_settings.ORDERING_PARAM
- ordering_fields = None
- ordering_title = _('Ordering')
- ordering_description = _('Which field to use when ordering the results.')
- template = 'rest_framework/filters/ordering.html'
-
- def get_ordering(self, request, queryset, view):
- """
- Ordering is set by a comma delimited ?ordering=... query parameter.
-
- The `ordering` query parameter can be overridden by setting
- the `ordering_param` value on the OrderingFilter or by
- specifying an `ORDERING_PARAM` value in the API settings.
- """
- params = request.query_params.get(self.ordering_param)
- if params:
- fields = [param.strip() for param in params.split(',')]
- ordering = self.remove_invalid_fields(queryset, fields, view, request)
- if ordering:
- return ordering
-
- # No ordering was included, or all the ordering fields were invalid
- return self.get_default_ordering(view)
-
- def get_default_ordering(self, view):
- ordering = getattr(view, 'ordering', None)
- if isinstance(ordering, str):
- return (ordering,)
- return ordering
-
- def get_default_valid_fields(self, queryset, view, context={}):
- # If `ordering_fields` is not specified, then we determine a default
- # based on the serializer class, if one exists on the view.
- if hasattr(view, 'get_serializer_class'):
- try:
- serializer_class = view.get_serializer_class()
- except AssertionError:
- # Raised by the default implementation if
- # no serializer_class was found
- serializer_class = None
- else:
- serializer_class = getattr(view, 'serializer_class', None)
-
- if serializer_class is None:
- msg = (
- "Cannot use %s on a view which does not have either a "
- "'serializer_class', an overriding 'get_serializer_class' "
- "or 'ordering_fields' attribute."
- )
- raise ImproperlyConfigured(msg % self.__class__.__name__)
-
- return [
- (field.source.replace('.', '__') or field_name, field.label)
- for field_name, field in serializer_class(context=context).fields.items()
- if not getattr(field, 'write_only', False) and not field.source == '*'
- ]
-
- def get_valid_fields(self, queryset, view, context={}):
- valid_fields = getattr(view, 'ordering_fields', self.ordering_fields)
-
- if valid_fields is None:
- # Default to allowing filtering on serializer fields
- return self.get_default_valid_fields(queryset, view, context)
-
- elif valid_fields == '__all__':
- # View explicitly allows filtering on any model field
- valid_fields = [
- (field.name, field.verbose_name) for field in queryset.model._meta.fields
- ]
- valid_fields += [
- (key, key.title().split('__'))
- for key in queryset.query.annotations
- ]
- else:
- valid_fields = [
- (item, item) if isinstance(item, str) else item
- for item in valid_fields
- ]
-
- return valid_fields
-
- def remove_invalid_fields(self, queryset, fields, view, request):
- valid_fields = [item[0] for item in self.get_valid_fields(queryset, view, {'request': request})]
- return [term for term in fields if term.lstrip('-') in valid_fields and ORDER_PATTERN.match(term)]
-
- def filter_queryset(self, request, queryset, view):
- ordering = self.get_ordering(request, queryset, view)
-
- if ordering:
- return queryset.order_by(*ordering)
-
- return queryset
-
- def get_template_context(self, request, queryset, view):
- current = self.get_ordering(request, queryset, view)
- current = None if not current else current[0]
- options = []
- context = {
- 'request': request,
- 'current': current,
- 'param': self.ordering_param,
- }
- for key, label in self.get_valid_fields(queryset, view, context):
- options.append((key, '%s - %s' % (label, _('ascending'))))
- options.append(('-' + key, '%s - %s' % (label, _('descending'))))
- context['options'] = options
- return context
-
- def to_html(self, request, queryset, view):
- template = loader.get_template(self.template)
- context = self.get_template_context(request, queryset, view)
- return template.render(context)
-
- def get_schema_fields(self, view):
- assert coreapi is not None, 'coreapi must be installed to use `get_schema_fields()`'
- assert coreschema is not None, 'coreschema must be installed to use `get_schema_fields()`'
- return [
- coreapi.Field(
- name=self.ordering_param,
- required=False,
- location='query',
- schema=coreschema.String(
- title=force_str(self.ordering_title),
- description=force_str(self.ordering_description)
- )
- )
- ]
-
- def get_schema_operation_parameters(self, view):
- return [
- {
- 'name': self.ordering_param,
- 'required': False,
- 'in': 'query',
- 'description': force_str(self.ordering_description),
- 'schema': {
- 'type': 'string',
- },
- },
- ]
|