def get(self, request, post_id=None, format=None): start, num_of_records = self.paginator(request) ################################################# # You can overwrite start and num_of_records here # start = 0; num_of_records = 100 # ####################################### # get list of items owned by a specific user # Don't need any authentication params = request.GET order_by = None order_by_model = None bounds = {} if params.get("user_id"): if request.user.is_anonymous(): Q_perm = Q(visibility="Public") else: Q_perm = reduce(operator.or_, [ Q(visibility="Public"), Q(visibility="Ex-owners", previous_owners=request.user) ]) Q_kwargs = reduce(operator.and_, [ Q(owner__id=params["user_id"]), Q_perm, ]) return run_and_respond( retrieve_records, Item, ItemSerializer, start, num_of_records, Q_kwargs, ) if params.get("tags"): tags = params.get("tags").split(",") kwargs_tags = reduce( operator.and_, [Q(tags=tag) for tag in tags] ) kwargs_tags_private = reduce( operator.and_, [Q(tags=tag) for tag in tags] ) sqs = (SearchQuerySet().models(self.model) .filter(kwargs_tags).filter_or(kwargs_tags_private) .filter(owner=request.user) ) print("\tReturned %s search results: %s" % (sqs.count(), sqs)) if not sqs: return Response(status=st.HTTP_404_NOT_FOUND) sqs = [sq.object for sq in sqs] return Response(data=self.serializer(sqs, many=True).data) # get list of items of the current authenticated user elif not request.user.is_anonymous(): if params.get("order_by"): # <order_by> is the field name that is ordering by order_by = params['order_by'] # <order_by_model> is the field type # e.g. customized_char_fields # Use Item.customized_fields() to normalize the names order_by_model = params["order_by_model"] for key, val in Item.customized_fields().items(): if order_by_model == val.__name__: order_by_model = key bounds = {} if "lower_bound" in params: lower_bound = params["lower_bound"] bounds["%s__value__gt" % (order_by_model)] = lower_bound if "upper_bound" in params: upper_bound = params["upper_bound"] bounds["%s__value__lt" % (order_by_model)] = upper_bound data, status = retrieve_records( Item, ItemSerializer, start, num_of_records, owner=request.user, order_by_model=order_by_model, order_by=order_by, **bounds ) return Response(data=data, status=status) # unauthenticated user cannot get any item list else: return Response( status=st.HTTP_401_UNAUTHORIZED, data={"error_message": "Please log in."} )