Censor
class Censor(public=None, private=None, user=None, use_permissions=False)
Created from the arguments given to GenericQuery
.
Allow to completely hide specific fields of specific models in the resulting rows.
Hidden fields will never appear in the resulting rows, and trying to interact with them (filtering, joins, aggregation...) will produce the same error as if the field did not exist.
Censor instance take two dictionary mapping Model
to a list of
public / private fields.
A field will be censored if:
model
has defined public fields andfield
is not in the list.model
has defined private fields andfield
is in the list.field
is a related field,self.use_permissions
isTrue
, and the givenuser
does not have theview
permission on the related model.
Public and private fields can also be defined project-wide in settings.py
using DGEQ_PUBLIC_FIELDS
and
DGEQ_PRIVATE_FIELDS
.
If model
has been defined in both this instance of Censor
(through
public
and private
arguments) and in the corresponding settings, the
definition in the arguments prevails.
If model
has both explicitly defined public and private fields, private
fields are ignored.
If use_permissions
is set to True
, user
must be given else
ValueError
will be raised.
Parameters:
public
(Dict[Type[models.Model], Iterable[str]]
) - Adict
mapping aModel
to a list of its public fields.private
(Dict[Type[models.Model], Iterable[str]]
) - Adict
mapping aModel
to a list of its private fields.user
(User
) - User used to check permissions.use_permission
(bool
) - Whether theview
permission of relatedModel
will be checked.