Serializers¶

This module provides enhanced serializer utilities for Django REST Framework.

It extends ModelSerializer with:

deterministic field ordering
role based field permissions
update protection for sensitive fields

`OrderedFieldsMixin`¶

Ensures predictable field ordering in API responses.

FIELD_ORDER = ("id", "name", "created_at")

Behavior¶

If FIELD_ORDER is defined:

Fields listed in FIELD_ORDER appear first
Remaining fields follow original serializer order

`RoleBasedReadOnlyFieldsMixin`¶

Controls field editability based on user role.

NON_EDITABLE_FIELDS_BY_ROLE = {
    "user": {"is_admin"},
    "staff": set(),
}

`NoUpdateFieldsMixin`¶

Prevents specific fields from being updated after creation.

class Meta:
    no_update_fields = ["email"]

Behavior¶

Action	Behavior
create	fields are writable
update	fields become read-only
partial_update	fields become read-only

Validation rule¶

no_update_fields must be:

list
or tuple

Otherwise a TypeError is raised.

How it works¶

Reads request.user.user_type
Matches against role configuration
Marks matching fields as read_only

`ModelSerializer` (Core Base)¶

The main serializer base class used in drf-corekit.

Features¶

Ordered field output
Role based read only fields
Immutable fields after creation

Combined Usage Example¶

from drf_corekit.serializers import ModelSerializer

class UserSerializer(ModelSerializer):
    class Meta:
        model = User
        fields = "__all__"
        no_update_fields = ["email"]

Serializers¶

OrderedFieldsMixin¶

Behavior¶

RoleBasedReadOnlyFieldsMixin¶

NoUpdateFieldsMixin¶

Behavior¶

Validation rule¶

How it works¶

ModelSerializer (Core Base)¶

Features¶

Combined Usage Example¶

`OrderedFieldsMixin`¶

`RoleBasedReadOnlyFieldsMixin`¶

`NoUpdateFieldsMixin`¶

`ModelSerializer` (Core Base)¶