class django.views.generic.detail.SingleObjectMixin
Provides a mechanism for looking up an object associated with the current HTTP request.
Methods and Attributes
-
model
-
The model that this view will display data for. Specifying
model = Foo
is effectively the same as specifyingqueryset = Foo.objects.all()
, whereobjects
stands forFoo
’s default manager.
-
queryset
-
A
QuerySet
that represents the objects. If provided, the value ofqueryset
supersedes the value provided formodel
.Warning
queryset
is a class attribute with a mutable value so care must be taken when using it directly. Before using it, either call itsall()
method or retrieve it withget_queryset()
which takes care of the cloning behind the scenes.
-
slug_field
-
The name of the field on the model that contains the slug. By default,
slug_field
is'slug'
.
-
slug_url_kwarg
-
The name of the URLConf keyword argument that contains the slug. By default,
slug_url_kwarg
is'slug'
.
-
pk_url_kwarg
-
The name of the URLConf keyword argument that contains the primary key. By default,
pk_url_kwarg
is'pk'
.
-
context_object_name
-
Designates the name of the variable to use in the context.
-
query_pk_and_slug
-
If
True
, causesget_object()
to perform its lookup using both the primary key and the slug. Defaults toFalse
.This attribute can help mitigate insecure direct object reference attacks. When applications allow access to individual objects by a sequential primary key, an attacker could brute-force guess all URLs; thereby obtaining a list of all objects in the application. If users with access to individual objects should be prevented from obtaining this list, setting
query_pk_and_slug
toTrue
will help prevent the guessing of URLs as each URL will require two correct, non-sequential arguments. Simply using a unique slug may serve the same purpose, but this scheme allows you to have non-unique slugs.
-
get_object(queryset=None)
-
Returns the single object that this view will display. If
queryset
is provided, that queryset will be used as the source of objects; otherwise,get_queryset()
will be used.get_object()
looks for apk_url_kwarg
argument in the arguments to the view; if this argument is found, this method performs a primary-key based lookup using that value. If this argument is not found, it looks for aslug_url_kwarg
argument, and performs a slug lookup using theslug_field
.When
query_pk_and_slug
isTrue
,get_object()
will perform its lookup using both the primary key and the slug.
-
get_queryset()
-
Returns the queryset that will be used to retrieve the object that this view will display. By default,
get_queryset()
returns the value of thequeryset
attribute if it is set, otherwise it constructs aQuerySet
by calling theall()
method on themodel
attribute’s default manager.
-
get_context_object_name(obj)
-
Return the context variable name that will be used to contain the data that this view is manipulating. If
context_object_name
is not set, the context name will be constructed from themodel_name
of the model that the queryset is composed from. For example, the modelArticle
would have context object named'article'
.
-
get_context_data(**kwargs)
-
Returns context data for displaying the list of objects.
The base implementation of this method requires that the
self.object
attribute be set by the view (even ifNone
). Be sure to do this if you are using this mixin without one of the built-in views that does so.It returns a dictionary with these contents:
-
object
: The object that this view is displaying (self.object
). -
context_object_name
:self.object
will also be stored under the name returned byget_context_object_name()
, which defaults to the lowercased version of the model name.
Context variables override values from template context processors
Any variables from
get_context_data()
take precedence over context variables from context processors. For example, if your view sets themodel
attribute toUser
, the default context object name ofuser
would override theuser
variable from thedjango.contrib.auth.context_processors.auth()
context processor. Useget_context_object_name()
to avoid a clash. -
-
get_slug_field()
-
Returns the name of a slug field to be used to look up by slug. By default this simply returns the value of
slug_field
.
Please login to continue.