- Language: en
- Documentation version: development
Single object mixins¶
Provides a mechanism for looking up an object associated with the current HTTP request.
Methods and Attributes
The model that this view will display data for. Specifying
model = Foois effectively the same as specifying
queryset = Foo.objects.all(), where
Foo’s default manager.
QuerySetthat represents the objects. If provided, the value of
querysetsupersedes the value provided for
The name of the field on the model that contains the slug. By default,
The name of the URLConf keyword argument that contains the slug. By default,
The name of the URLConf keyword argument that contains the primary key. By default,
Designates the name of the variable to use in the context.
get_object()to perform its lookup using both the primary key and the slug. Defaults to
This attribute can help mitigate insecure direct object reference attacks. When applications allow access to individual objects by a sequential primary key, an attacker could brute-force guess all URLs; thereby obtaining a list of all objects in the application. If users with access to individual objects should be prevented from obtaining this list, setting
Truewill help prevent the guessing of URLs as each URL will require two correct, non-sequential arguments. Simply using a unique slug may serve the same purpose, but this scheme allows you to have non-unique slugs.
Returns the single object that this view will display. If
querysetis provided, that queryset will be used as the source of objects; otherwise,
get_queryset()will be used.
get_object()looks for a
pk_url_kwargargument in the arguments to the view; if this argument is found, this method performs a primary-key based lookup using that value. If this argument is not found, it looks for a
slug_url_kwargargument, and performs a slug lookup using the
get_object()will perform its lookup using both the primary key and the slug.
Returns the queryset that will be used to retrieve the object that this view will display. By default,
get_queryset()returns the value of the
querysetattribute if it is set, otherwise it constructs a
QuerySetby calling the
all()method on the
modelattribute’s default manager.
Return the context variable name that will be used to contain the data that this view is manipulating. If
context_object_nameis not set, the context name will be constructed from the
model_nameof the model that the queryset is composed from. For example, the model
Articlewould have context object named
Returns context data for displaying the list of objects.
The base implementation of this method requires that the
self.objectattribute be set by the view (even if
None). Be sure to do this if you are using this mixin without one of the built-in views that does so.
It returns a dictionary with these contents:
object: The object that this view is displaying (
self.objectwill also be stored under the name returned by
get_context_object_name(), which defaults to the lowercased version of the model name.
Context variables override values from template context processors
Any variables from
get_context_data()take precedence over context variables from context processors. For example, if your view sets the
User, the default context object name of
userwould override the
uservariable from the
django.contrib.auth.context_processors.auth()context processor. Use
get_context_object_name()to avoid a clash.
A mixin class that performs template-based response rendering for views that operate upon a single object instance. Requires that the view it is mixed with provides
self.object, the object instance that the view is operating on.
self.objectwill usually be, but is not required to be, an instance of a Django model. It may be
Noneif the view is in the process of constructing a new instance.
Methods and Attributes
The field on the current object instance that can be used to determine the name of a candidate template. If either
template_name_fielditself or the value of the
template_name_fieldon the current object instance is
None, the object will not be used for a candidate template name.
The suffix to append to the auto-generated candidate template name. Default suffix is
Returns a list of candidate template names. Returns the following list:
- the value of
template_nameon the view (if provided)
- the contents of the
template_name_fieldfield on the object instance that the view is operating upon (if available)
- the value of