Prevent from exposing fields of database

Paritosh Gupta

unread,

Jun 22, 2015, 10:59:10 AM6/22/15

to django-res...@googlegroups.com

While model serializing how can we use alternative field names in order to prevent them from exposing our db field names.

class SocialSerializer(serializers.ModelSerializer):

class Meta:

model = UserSocialAuth

fields = ('provider','uid')

this directly expose the name.

Paritosh Gupta

unread,

Jun 22, 2015, 11:05:26 AM6/22/15

to django-res...@googlegroups.com

I found this in doucumentation, but can anyone give an elaborate example to understand better

http://www.django-rest-framework.org/api-guide/serializers/#the-field_class-and-field_kwargs-api

http://www.django-rest-framework.org/api-guide/serializers/#customizing-field-mappings

Both these topics have hint to modify the fields but i am finding it hard tto implement.

Thanks

Kevin Brown

unread,

Jun 22, 2015, 1:37:50 PM6/22/15

to django-res...@googlegroups.com

You can use the `source` argument on fields, which allows you to define a field on the serializer that pulls data from (and puts data into) a different field on the model.

http://www.django-rest-framework.org/api-guide/fields/#source

Django REST framework does not provide any helper methods for aliasing fields aside from the `source` argument.

--
You received this message because you are subscribed to the Google Groups "Django REST framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-rest-fram...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Paritosh Gupta

unread,

Jun 23, 2015, 5:54:16 AM6/23/15

to django-res...@googlegroups.com

Thanks for you prompt reply,

Gone through it, worked like charm, though have one query

http://www.django-rest-framework.org/api-guide/serializers/#specifying-fields-explicitly

when we specify fields explicitly does it over ride the kwargs even if we dun provide any kwrgs in sericalizer. For instance:

If i have mention in my model


class Account(models.Model)get_absolute_url = models.CharField(max_length=200, blank=False)

class AccountSerializer(serializers.ModelSerializer):
    url = serializers.CharField(source='get_absolute_url', read_only=True)
    class Meta:

model = Account

Now when i specify get_absolute_url as source in serializer and does not mention max_length or any other kwargs. will it override the initial condition of max_length=200 or only when if i will provide the same kwargs in serializer field.

--
You received this message because you are subscribed to a topic in the Google Groups "Django REST framework" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/django-rest-framework/elhWXxMiF_M/unsubscribe.
To unsubscribe from this group and all its topics, send an email to django-rest-fram...@googlegroups.com.

Tom Christie

unread,

Jun 24, 2015, 6:55:41 AM6/24/15

to django-res...@googlegroups.com, 14k...@gmail.com

> will it override the initial condition of max_length=200 or only when if i will provide the same kwargs in serializer field.

You'll need to explicitly include any & all keyword arguments on the field if specifying it explicitly.

Worth noting that I'd tend to always just treat `ModelSerializer` as a simple shortcut. In my companies own projects we'll almost always use explicit serializer classes. There's extra verbosity then, but it's actually less complex than relying on implictly generated ModelSerializer fields, and it gives you the kind of decoupling of model fields from API representation that you're looking for in the use case you've outlined.

Paritosh Gupta

unread,

Jun 24, 2015, 12:01:23 PM6/24/15

to django-res...@googlegroups.com

Really insightful, back to square one, loose coupled and dry principle of django.

One more quest relevant to serializer:

My use case:

Usually serializer gives all the fields untill we ask fields explicitly as query parameters.

I want few data while calling list and other data when i call "detail view" as we use the data from list view itself for same detail view. General use case mobile application.

Any suggestion on that:

Case 1:

Using generic views, explicitly give fields in querystring.

Case2:

Use APIVIEW with different serializer in list view and detail view.

Case3:

or any other case which gives field only and only when asked in query parameter.

As i want url to be minimum dun want to extent it for general cases.

--

Chris Foresman

unread,

Jun 25, 2015, 12:42:10 PM6/25/15

to django-res...@googlegroups.com

The easiest thing to do is create two serializers; one that is a "summary" for your list view, and one that has full details for your retrieve/get view.

Then you can write a get_serializer_class() method that specifies which Serializer to use depending on request.method.

To unsubscribe from this group and all its topics, send an email to django-rest-framework+unsub...@googlegroups.com.

Reply all

Reply to author

Forward