-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: DEV-3430: Adding CreateOnlyFieldsMixin and adding to BaseUserSerializer to make email only writeable on create #3027
Conversation
…alizer to make email only writeable on create
✅ Linked to Bug DEV-3430 · Insufficient Authorization Checks – E-Mail Field |
Codecov ReportBase: 77.80% // Head: 77.51% // Decreases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## develop #3027 +/- ##
===========================================
- Coverage 77.80% 77.51% -0.29%
===========================================
Files 137 146 +9
Lines 9951 10790 +839
===========================================
+ Hits 7742 8364 +622
- Misses 2209 2426 +217
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
The approach here was to create a mixin that allows developers to define
create_only_fields
in a Serializer's Meta class.I believe this feature doesn't exist in the codebase yet and I think it's likely it will be reused.
The behavior when a "create_only" field is added on an update operation is that the requests completes successfully while ignoring any fields that were "create_only". This is analogous to how django-rest-api Serializer handles
read_only
fields.