1๐
โ
You should override get_queryset() method to restrict results based on admin auth group.
class LocalDealsViewSet(viewsets.ModelViewSet):
"""
API endpoint that allows local_deals to be viewed.
"""
throttle_classes = (UserRateThrottle,)
serializer_class = LocalDealsSerializer
def get_queryset(self):
# check here if 'list' request and user not in admin auth group
if self.action == 'list' and self.request.user not in admin auth_group:
# exclude results with 'user_provider_id' in [1,3]
return LocalDeals.objects.all().exclude(user_provider_id__in=[1,3])
# Otherwise return all results
return LocalDeals.objects.all()
๐คRahul Gupta
Source:stackexchange.com