From 51d5fde5c98f2a53adf529093f103e0b1c5ff01b Mon Sep 17 00:00:00 2001
From: Yaser Amiri <yaser.amiri95@gmail.com>
Date: Thu, 9 Aug 2018 12:17:43 +0430
Subject: [PATCH 1/3] Update views.py

message field of Permission class is not going to be ignored when the user is not authenticated
---
 rest_framework/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rest_framework/views.py b/rest_framework/views.py
index 70af84816..c25b6c38c 100644
--- a/rest_framework/views.py
+++ b/rest_framework/views.py
@@ -173,7 +173,7 @@ class APIView(View):
         If request is not permitted, determine what kind of exception to raise.
         """
         if request.authenticators and not request.successful_authenticator:
-            raise exceptions.NotAuthenticated()
+            raise exceptions.NotAuthenticated(detail=message)
         raise exceptions.PermissionDenied(detail=message)
 
     def throttled(self, request, wait):

From b54c7221e8939bb84775c79a82d8ab941b57552f Mon Sep 17 00:00:00 2001
From: Yaser-Amiri <yaser.amiri95@gmail.com>
Date: Wed, 29 Aug 2018 17:05:42 +0430
Subject: [PATCH 2/3] add unit test
 (test_permission_denied_for_object_with_custom_detail_by_anonymous_user)

---
 tests/test_permissions.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/tests/test_permissions.py b/tests/test_permissions.py
index 37540eb8e..aed2fde6d 100644
--- a/tests/test_permissions.py
+++ b/tests/test_permissions.py
@@ -522,3 +522,11 @@ class CustomPermissionsTests(TestCase):
             detail = response.data.get('detail')
             self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
             self.assertEqual(detail, self.custom_message)
+
+    def test_permission_denied_for_object_with_custom_detail_by_anonymous_user(self):
+            anonymous_request = factory.get('/1', format='json')
+            response = denied_object_view_with_detail(anonymous_request, pk=1)
+            detail = response.data.get('detail')
+            print(response.status_code, detail)
+            self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
+            self.assertEqual(detail, self.custom_message)

From 4ca09514da868e5af44f30c9162d90fb20e9d313 Mon Sep 17 00:00:00 2001
From: Yaser Amiri <yaser.amiri95@gmail.com>
Date: Wed, 29 Aug 2018 22:30:29 +0430
Subject: [PATCH 3/3] Remove print calls

---
 tests/test_permissions.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tests/test_permissions.py b/tests/test_permissions.py
index aed2fde6d..159834f89 100644
--- a/tests/test_permissions.py
+++ b/tests/test_permissions.py
@@ -527,6 +527,5 @@ class CustomPermissionsTests(TestCase):
             anonymous_request = factory.get('/1', format='json')
             response = denied_object_view_with_detail(anonymous_request, pk=1)
             detail = response.data.get('detail')
-            print(response.status_code, detail)
             self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
             self.assertEqual(detail, self.custom_message)