How can I Show Only my Videos in Django-Rest-Framework?

I'm using Django and React to create YouTube clone.

And I have an admin panel where user can delete and edit his videos.

But the problem is that it showing my videos and other users videos.

How can make that the admin panel will show only my videos?


views.py Api Views

class AdminVideoDetail(generics.RetrieveAPIView):
    permission_classes = [IsAuthenticated]
    quesryset = Video.objects.all()
    serializer_class = VideoSerializer

videos.js Videos in the admin panel

import React from 'react';
import { makeStyles } from '@material-ui/core/styles';
import Container from '@material-ui/core/Container';
import Link from '@material-ui/core/Link';
import Paper from '@material-ui/core/Paper';
import Table from '@material-ui/core/Table';
import TableBody from '@material-ui/core/TableBody';
import TableCell from '@material-ui/core/TableCell';
import TableContainer from '@material-ui/core/TableContainer';
import TableHead from '@material-ui/core/TableHead';
import TableRow from '@material-ui/core/TableRow';
import DeleteForeverIcon from '@material-ui/icons/DeleteForever';
import EditIcon from '@material-ui/icons/Edit';
import Button from '@material-ui/core/Button';

const useStyles = makeStyles((theme) => ({
    cardMedia: {
        paddingTop: '56.25%', // 16:9
    },
    link: {
        margin: theme.spacing(1, 1.5),
    },
    cardHeader: {
        backgroundColor:
            theme.palette.type === 'light'
                ? theme.palette.grey[200]
                : theme.palette.grey[700],
    },
    videoTitle: {
        fontSize: '16px',
        textAlign: 'left',
    },
    videoText: {
        display: 'flex',
        justifyContent: 'left',
        alignItems: 'baseline',
        fontSize: '12px',
        textAlign: 'left',
        marginBottom: theme.spacing(2),
    },
}));

const Videos = (props) => {
    const { videos } = props;
    const classes = useStyles();
    if (!videos || videos.length === 0) return <Button href={'/admin/create'} variant="contained" color="primary">New Video</Button>;
    return (
        <React.Fragment>
            <Container maxWidth="md" component="main">
                <Paper className={classes.root}>
                    <TableContainer className={classes.container}>
                        <Table stickyHeader aria-label="sticky table">
                            <TableHead>
                                <TableRow>
                                    <TableCell>Id</TableCell>
                                    <TableCell align="left">Title</TableCell>
                                    <TableCell align="left">Action</TableCell>
                                </TableRow>
                            </TableHead>
                            <TableBody>
                                {videos.map((video) => {
                                    return (
                                        <TableRow>
                                            <TableCell component="th" scope="row">
                                                {video.id}
                                            </TableCell>
                                            <TableCell align="left">
                                                <Link
                                                    color="textPrimary"
                                                    href={'/video/' + video.id}
                                                    className={classes.link}
                                                >
                                                    {video.title}
                                                </Link>
                                            </TableCell>

                                            <TableCell align="left">
                                                <Link
                                                    color="textPrimary"
                                                    href={'/admin/edit/' + video.id}
                                                    className={classes.link}
                                                >
                                                    <EditIcon></EditIcon>
                                                </Link>
                                                <Link
                                                    color="textPrimary"
                                                    href={'/admin/delete/' + video.id}
                                                    className={classes.link}
                                                >
                                                    <DeleteForeverIcon></DeleteForeverIcon>
                                                </Link>
                                            </TableCell>
                                        </TableRow>
                                    );
                                })}
                                <TableRow>
                                    <TableCell colSpan={4} align="right">
                                        <Button
                                            href={'/admin/create'}
                                            variant="contained"
                                            color="primary"
                                        >
                                            New Video
                                        </Button>
                                    </TableCell>
                                </TableRow>
                            </TableBody>
                        </Table>
                    </TableContainer>
                </Paper>
            </Container>
        </React.Fragment>
    );
};
export default Videos;

If you want to look at the whole project, here is github: https://github.com/PHILLyaHI/diplom-work

Create a python module named permissions.py

add these line of code

from rest_framework import permissions



class IsOwnerOrReadOnly(permissions.BasePermission):
"""
    
"""

def has_object_permission(self, request, view, obj):
    # I check if the request is of type GET or OPTIONS
    #I return true, that the use is able to access on this views
    if request.method in permissions.SAFE_METHODS:
        return True
    return obj.owner == request.user

    """ 
       Instance must have an attribute named `owner` or you can change owner with the name of your models fields `user = models.ForeignKey(UserModel, on_delete=models.casscade).

"""

After, go in your views.py module, add

class AdminVideoDetail(generics.RetrieveAPIView):
permission_classes = [IsAuthenticated, IsOwnerOrReadOnly]
quesryset = Video.objects.all()
serializer_class = VideoSerializer

Only videos of owner will be fetch

Back to Top