This commit is contained in:
Tim Watts 2013-10-27 21:46:08 +00:00
commit 1854f26b5d
33 changed files with 557 additions and 127 deletions

View File

@ -82,7 +82,7 @@ Note that the exception handler will only be called for responses generated by r
## APIException
**Signature:** `APIException(detail=None)`
**Signature:** `APIException()`
The **base class** for all exceptions raised inside REST framework.

View File

@ -165,8 +165,8 @@ For more advanced filtering requirements you can specify a `FilterSet` class tha
from rest_framework import generics
class ProductFilter(django_filters.FilterSet):
min_price = django_filters.NumberFilter(lookup_type='gte')
max_price = django_filters.NumberFilter(lookup_type='lte')
min_price = django_filters.NumberFilter(name="price", lookup_type='gte')
max_price = django_filters.NumberFilter(name="price", lookup_type='lte')
class Meta:
model = Product
fields = ['category', 'in_stock', 'min_price', 'max_price']
@ -176,10 +176,49 @@ For more advanced filtering requirements you can specify a `FilterSet` class tha
serializer_class = ProductSerializer
filter_class = ProductFilter
Which will allow you to make requests such as:
http://example.com/api/products?category=clothing&max_price=10.00
You can also span relationships using `django-filter`, let's assume that each
product has foreign key to `Manufacturer` model, so we create filter that
filters using `Manufacturer` name. For example:
import django_filters
from myapp.models import Product
from myapp.serializers import ProductSerializer
from rest_framework import generics
class ProductFilter(django_filters.FilterSet):
class Meta:
model = Product
fields = ['category', 'in_stock', 'manufacturer__name`]
This enables us to make queries like:
http://example.com/api/products?manufacturer__name=foo
This is nice, but it shows underlying model structure in REST API, which may
be undesired, but you can use:
import django_filters
from myapp.models import Product
from myapp.serializers import ProductSerializer
from rest_framework import generics
class ProductFilter(django_filters.FilterSet):
manufacturer = django_filters.CharFilter(name="manufacturer__name")
class Meta:
model = Product
fields = ['category', 'in_stock', 'manufacturer`]
And now you can execute:
http://example.com/api/products?manufacturer=foo
For more details on using filter sets see the [django-filter documentation][django-filter-docs].
---

View File

@ -65,7 +65,8 @@ The following attributes control the basic view behavior.
* `queryset` - The queryset that should be used for returning objects from this view. Typically, you must either set this attribute, or override the `get_queryset()` method.
* `serializer_class` - The serializer class that should be used for validating and deserializing input, and for serializing output. Typically, you must either set this attribute, or override the `get_serializer_class()` method.
* `lookup_field` - The field that should be used to lookup individual model instances. Defaults to `'pk'`. The URL conf should include a keyword argument corresponding to this value. More complex lookup styles can be supported by overriding the `get_object()` method. Note that when using hyperlinked APIs you'll need to ensure that *both* the API views *and* the serializer classes use lookup fields that correctly correspond with the URL conf.
* `lookup_field` - The model field that should be used to for performing object lookup of individual model instances. Defaults to `'pk'`. Note that when using hyperlinked APIs you'll need to ensure that *both* the API views *and* the serializer classes set the lookup fields if you need to use a custom value.
* `lookup_url_kwarg` - The URL keyword argument that should be used for object lookup. The URL conf should include a keyword argument corresponding to this value. If unset this defaults to using the same value as `lookup_field`.
**Shortcuts**:
@ -120,11 +121,27 @@ For example:
Note that if your API doesn't include any object level permissions, you may optionally exclude the ``self.check_object_permissions, and simply return the object from the `get_object_or_404` lookup.
#### `get_filter_backends(self)`
Returns the classes that should be used to filter the queryset. Defaults to returning the `filter_backends` attribute.
May be override to provide more complex behavior with filters, as using different (or even exlusive) lists of filter_backends depending on different criteria.
For example:
def get_filter_backends(self):
if "geo_route" in self.request.QUERY_PARAMS:
return (GeoRouteFilter, CategoryFilter)
elif "geo_point" in self.request.QUERY_PARAMS:
return (GeoPointFilter, CategoryFilter)
return (CategoryFilter,)
#### `get_serializer_class(self)`
Returns the class that should be used for the serializer. Defaults to returning the `serializer_class` attribute, or dynamically generating a serializer class if the `model` shortcut is being used.
May be override to provide dynamic behavior such as using different serializers for read and write operations, or providing different serializers to different types of uesr.
May be override to provide dynamic behavior such as using different serializers for read and write operations, or providing different serializers to different types of users.
For example:
@ -327,7 +344,7 @@ You can then simply apply this mixin to a view or viewset anytime you need to ap
serializer_class = UserSerializer
lookup_fields = ('account', 'username')
Using custom mixins is a good option if you have custom behavior that needs to be used
Using custom mixins is a good option if you have custom behavior that needs to be used
## Creating custom base classes
@ -336,7 +353,7 @@ If you are using a mixin across multiple views, you can take this a step further
class BaseRetrieveView(MultipleFieldLookupMixin,
generics.RetrieveAPIView):
pass
class BaseRetrieveUpdateDestroyView(MultipleFieldLookupMixin,
generics.RetrieveUpdateDestroyAPIView):
pass

View File

@ -54,7 +54,7 @@ Would serialize to the following representation.
{
'album_name': 'Things We Lost In The Fire',
'artist': 'Low'
'artist': 'Low',
'tracks': [
'1: Sunflower',
'2: Whitetail',
@ -86,7 +86,7 @@ Would serialize to a representation like this:
{
'album_name': 'The Roots',
'artist': 'Undun'
'artist': 'Undun',
'tracks': [
89,
90,
@ -121,7 +121,7 @@ Would serialize to a representation like this:
{
'album_name': 'Graceland',
'artist': 'Paul Simon'
'artist': 'Paul Simon',
'tracks': [
'http://www.example.com/api/tracks/45/',
'http://www.example.com/api/tracks/46/',
@ -159,7 +159,7 @@ Would serialize to a representation like this:
{
'album_name': 'Dear John',
'artist': 'Loney Dear'
'artist': 'Loney Dear',
'tracks': [
'Airport Surroundings',
'Everything Turns to You',
@ -194,7 +194,7 @@ Would serialize to a representation like this:
{
'album_name': 'The Eraser',
'artist': 'Thom Yorke'
'artist': 'Thom Yorke',
'track_listing': 'http://www.example.com/api/track_list/12/',
}
@ -234,7 +234,7 @@ Would serialize to a nested representation like this:
{
'album_name': 'The Grey Album',
'artist': 'Danger Mouse'
'artist': 'Danger Mouse',
'tracks': [
{'order': 1, 'title': 'Public Service Announcement'},
{'order': 2, 'title': 'What More Can I Say'},
@ -271,7 +271,7 @@ This custom field would then serialize to the following representation.
{
'album_name': 'Sometimes I Wish We Were an Eagle',
'artist': 'Bill Callahan'
'artist': 'Bill Callahan',
'tracks': [
'Track 1: Jim Cain (04:39)',
'Track 2: Eid Ma Clack Shaw (04:19)',

View File

@ -67,6 +67,21 @@ At this point we've translated the model instance into Python native datatypes.
json
# '{"email": "leila@example.com", "content": "foo bar", "created": "2012-08-22T16:20:09.822"}'
### Customizing field representation
Sometimes when serializing objects, you may not want to represent everything exactly the way it is in your model.
If you need to customize the serialized value of a particular field, you can do this by creating a `transform_<fieldname>` method. For example if you needed to render some markdown from a text field:
description = serializers.TextField()
description_html = serializers.TextField(source='description', read_only=True)
def transform_description_html(self, obj, value):
from django.contrib.markup.templatetags.markup import markdown
return markdown(value)
These methods are essentially the reverse of `validate_<fieldname>` (see *Validation* below.)
## Deserializing objects
Deserialization is similar. First we parse a stream into Python native datatypes...
@ -84,7 +99,6 @@ Deserialization is similar. First we parse a stream into Python native datatype
# True
serializer.object
# <Comment object at 0x10633b2d0>
>>> serializer.deserialize('json', stream)
When deserializing data, we can either create a new instance, or update an existing instance.

View File

@ -205,10 +205,10 @@ You can use any of REST framework's test case classes as you would for the regul
Ensure we can create a new account object.
"""
url = reverse('account-list')
expected = {'name': 'DabApps'}
data = {'name': 'DabApps'}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.assertEqual(response.data, expected)
self.assertEqual(response.data, data)
---

View File

@ -59,7 +59,7 @@ using the `APIView` class based views.
Or, if you're using the `@api_view` decorator with function based views.
@api_view('GET')
@throttle_classes(UserRateThrottle)
@throttle_classes([UserRateThrottle])
def example_view(request, format=None):
content = {
'status': 'request was permitted'

View File

@ -167,7 +167,32 @@
<div id="table-of-contents">
<ul class="nav nav-list side-nav well sidebar-nav-fixed">
{{ toc }}
<div>
<hr>
<p><strong>The team behind REST framework are launching a new API service.</strong></p>
<p>If you want to be first in line when we start issuing invitations, please sign up here:</p>
<!-- Begin MailChimp Signup Form -->
<link href="//cdn-images.mailchimp.com/embedcode/slim-081711.css" rel="stylesheet" type="text/css">
<style type="text/css">
#mc_embed_signup{background:#fff; clear:left; font:14px Helvetica,Arial,sans-serif; }
/* Add your own MailChimp form style overrides in your site stylesheet or in this style block.
We recommend moving this block and the preceding CSS link to the HEAD of your HTML file. */
</style>
<div id="mc_embed_signup" style="background: rgb(245, 245, 245)">
<form action="http://dabapps.us1.list-manage1.com/subscribe/post?u=cf73a9994eb5b8d8d461b5dfb&amp;id=cb6af8e8bd" method="post" id="mc-embedded-subscribe-form" name="mc-embedded-subscribe-form" class="validate" target="_blank" novalidate>
<!-- <label for="mce-EMAIL">Keep me posted!</label>
--> <input style="width: 90%" type="email" value="" name="EMAIL" class="email" id="mce-EMAIL" placeholder="email address" required>
<div class="clear"><input class="btn btn-success" type="submit" value="Yes, keep me posted!" name="subscribe" id="mc-embedded-subscribe" class="button"></div>
</form>
</div>
</style></div>
</ul>
<!--End mc_embed_signup-->
</div>
</div>

View File

@ -6,7 +6,7 @@
## Javascript clients
If your building a javascript client to interface with your Web API, you'll need to consider if the client can use the same authentication policy that is used by the rest of the website, and also determine if you need to use CSRF tokens or CORS headers.
If youre building a JavaScript client to interface with your Web API, you'll need to consider if the client can use the same authentication policy that is used by the rest of the website, and also determine if you need to use CSRF tokens or CORS headers.
AJAX requests that are made within the same context as the API they are interacting with will typically use `SessionAuthentication`. This ensures that once a user has logged in, any AJAX requests made can be authenticated using the same session-based authentication that is used for the rest of the website.

View File

@ -170,6 +170,13 @@ The following people have helped make REST framework great.
* Ben Reilly - [bwreilly]
* Tai Lee - [mrmachine]
* Markus Kaiserswerth - [mkai]
* Henry Clifford - [hcliff]
* Thomas Badaud - [badale]
* Colin Huang - [tamakisquare]
* Ross McFarland - [ross]
* Jacek Bzdak - [jbzdak]
* Alexander Lukanin - [alexanderlukanin13]
* Yamila Moreno - [yamila-moreno]
Many thanks to everyone who's contributed to the project.
@ -376,3 +383,10 @@ You can also contact [@_tomchristie][twitter] directly on twitter.
[bwreilly]: https://github.com/bwreilly
[mrmachine]: https://github.com/mrmachine
[mkai]: https://github.com/mkai
[hcliff]: https://github.com/hcliff
[badale]: https://github.com/badale
[tamakisquare]: https://github.com/tamakisquare
[ross]: https://github.com/ross
[jbzdak]: https://github.com/jbzdak
[alexanderlukanin13]: https://github.com/alexanderlukanin13
[yamila-moreno]: https://github.com/yamila-moreno

View File

@ -58,7 +58,7 @@ You can determine your currently installed version using `pip freeze`:
* 'Raw data' and 'HTML form' tab preference in browseable API now saved between page views.
* Bugfix: `required=True` argument fixed for boolean serializer fields.
* Bugfix: `client.force_authenticate(None)` should also clear session info if it exists.
* Bugfix: Client sending emptry string instead of file now clears `FileField`.
* Bugfix: Client sending empty string instead of file now clears `FileField`.
* Bugfix: Empty values on ChoiceFields with `required=False` now consistently return `None`.
### 2.3.7

View File

@ -225,7 +225,7 @@ For the moment we won't use any of REST framework's other features, we'll just w
We'll start off by creating a subclass of HttpResponse that we can use to render any data we return into `json`.
Edit the `snippet/views.py` file, and add the following.
Edit the `snippets/views.py` file, and add the following.
from django.http import HttpResponse
from django.views.decorators.csrf import csrf_exempt

View File

@ -35,7 +35,7 @@ The wrappers also provide behaviour such as returning `405 Method Not Allowed` r
Okay, let's go ahead and start using these new components to write a few views.
We don't need our `JSONResponse` class anymore, so go ahead and delete that. Once that's done we can start refactoring our views slightly.
We don't need our `JSONResponse` class in `views.py` anymore, so go ahead and delete that. Once that's done we can start refactoring our views slightly.
from rest_framework import status
from rest_framework.decorators import api_view
@ -64,7 +64,7 @@ We don't need our `JSONResponse` class anymore, so go ahead and delete that. On
Our instance view is an improvement over the previous example. It's a little more concise, and the code now feels very similar to if we were working with the Forms API. We're also using named status codes, which makes the response meanings more obvious.
Here is the view for an individual snippet.
Here is the view for an individual snippet, in the `views.py` module.
@api_view(['GET', 'PUT', 'DELETE'])
def snippet_detail(request, pk):

View File

@ -4,7 +4,7 @@ We can also write our API views using class based views, rather than function ba
## Rewriting our API using class based views
We'll start by rewriting the root view as a class based view. All this involves is a little bit of refactoring.
We'll start by rewriting the root view as a class based view. All this involves is a little bit of refactoring of `views.py`.
from snippets.models import Snippet
from snippets.serializers import SnippetSerializer
@ -30,7 +30,7 @@ We'll start by rewriting the root view as a class based view. All this involves
return Response(serializer.data, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
So far, so good. It looks pretty similar to the previous case, but we've got better separation between the different HTTP methods. We'll also need to update the instance view.
So far, so good. It looks pretty similar to the previous case, but we've got better separation between the different HTTP methods. We'll also need to update the instance view in `views.py`.
class SnippetDetail(APIView):
"""
@ -62,7 +62,7 @@ So far, so good. It looks pretty similar to the previous case, but we've got be
That's looking good. Again, it's still pretty similar to the function based view right now.
We'll also need to refactor our URLconf slightly now we're using class based views.
We'll also need to refactor our `urls.py` slightly now we're using class based views.
from django.conf.urls import patterns, url
from rest_framework.urlpatterns import format_suffix_patterns
@ -83,7 +83,7 @@ One of the big wins of using class based views is that it allows us to easily co
The create/retrieve/update/delete operations that we've been using so far are going to be pretty similar for any model-backed API views we create. Those bits of common behaviour are implemented in REST framework's mixin classes.
Let's take a look at how we can compose our views by using the mixin classes.
Let's take a look at how we can compose the views by using the mixin classes. Here's our `views.py` module again.
from snippets.models import Snippet
from snippets.serializers import SnippetSerializer
@ -126,7 +126,7 @@ Pretty similar. Again we're using the `GenericAPIView` class to provide the cor
## Using generic class based views
Using the mixin classes we've rewritten the views to use slightly less code than before, but we can go one step further. REST framework provides a set of already mixed-in generic views that we can use.
Using the mixin classes we've rewritten the views to use slightly less code than before, but we can go one step further. REST framework provides a set of already mixed-in generic views that we can use to trim down our `views.py` module even more.
from snippets.models import Snippet
from snippets.serializers import SnippetSerializer

View File

@ -12,7 +12,7 @@ Currently our API doesn't have any restrictions on who can edit or delete code s
We're going to make a couple of changes to our `Snippet` model class.
First, let's add a couple of fields. One of those fields will be used to represent the user who created the code snippet. The other field will be used to store the highlighted HTML representation of the code.
Add the following two fields to the model.
Add the following two fields to the `Snippet` model in `models.py`.
owner = models.ForeignKey('auth.User', related_name='snippets')
highlighted = models.TextField()
@ -52,7 +52,7 @@ You might also want to create a few different users, to use for testing the API.
## Adding endpoints for our User models
Now that we've got some users to work with, we'd better add representations of those users to our API. Creating a new serializer is easy:
Now that we've got some users to work with, we'd better add representations of those users to our API. Creating a new serializer is easy. In `serializers.py` add:
from django.contrib.auth.models import User
@ -65,7 +65,7 @@ Now that we've got some users to work with, we'd better add representations of t
Because `'snippets'` is a *reverse* relationship on the User model, it will not be included by default when using the `ModelSerializer` class, so we needed to add an explicit field for it.
We'll also add a couple of views. We'd like to just use read-only views for the user representations, so we'll use the `ListAPIView` and `RetrieveAPIView` generic class based views.
We'll also add a couple of views to `views.py`. We'd like to just use read-only views for the user representations, so we'll use the `ListAPIView` and `RetrieveAPIView` generic class based views.
class UserList(generics.ListAPIView):
queryset = User.objects.all()
@ -75,8 +75,12 @@ We'll also add a couple of views. We'd like to just use read-only views for the
class UserDetail(generics.RetrieveAPIView):
queryset = User.objects.all()
serializer_class = UserSerializer
Make sure to also import the `UserSerializer` class
Finally we need to add those views into the API, by referencing them from the URL conf.
from snippets.serializers import UserSerializer
Finally we need to add those views into the API, by referencing them from the URL conf. Add the following to the patterns in `urls.py`.
url(r'^users/$', views.UserList.as_view()),
url(r'^users/(?P<pk>[0-9]+)/$', views.UserDetail.as_view()),
@ -94,7 +98,7 @@ On **both** the `SnippetList` and `SnippetDetail` view classes, add the followin
## Updating our serializer
Now that snippets are associated with the user that created them, let's update our `SnippetSerializer` to reflect that. Add the following field to the serializer definition:
Now that snippets are associated with the user that created them, let's update our `SnippetSerializer` to reflect that. Add the following field to the serializer definition in `serializers.py`:
owner = serializers.Field(source='owner.username')

View File

@ -123,6 +123,7 @@ class Field(object):
use_files = False
form_field_class = forms.CharField
type_label = 'field'
widget = None
def __init__(self, source=None, label=None, help_text=None):
self.parent = None
@ -134,9 +135,29 @@ class Field(object):
if label is not None:
self.label = smart_text(label)
else:
self.label = None
if help_text is not None:
self.help_text = strip_multiple_choice_msg(smart_text(help_text))
else:
self.help_text = None
self._errors = []
self._value = None
self._name = None
@property
def errors(self):
return self._errors
def widget_html(self):
if not self.widget:
return ''
return self.widget.render(self._name, self._value)
def label_tag(self):
return '<label for="%s">%s:</label>' % (self._name, self.label)
def initialize(self, parent, field_name):
"""
@ -306,6 +327,7 @@ class WritableField(Field):
return
try:
data = data or {}
if self.use_files:
files = files or {}
try:
@ -756,6 +778,7 @@ class IntegerField(WritableField):
type_name = 'IntegerField'
type_label = 'integer'
form_field_class = forms.IntegerField
empty = 0
default_error_messages = {
'invalid': _('Enter a whole number.'),
@ -787,6 +810,7 @@ class FloatField(WritableField):
type_name = 'FloatField'
type_label = 'float'
form_field_class = forms.FloatField
empty = 0
default_error_messages = {
'invalid': _("'%s' value must be a float."),
@ -807,6 +831,7 @@ class DecimalField(WritableField):
type_name = 'DecimalField'
type_label = 'decimal'
form_field_class = forms.DecimalField
empty = Decimal('0')
default_error_messages = {
'invalid': _('Enter a number.'),

View File

@ -25,13 +25,13 @@ def strict_positive_int(integer_string, cutoff=None):
ret = min(ret, cutoff)
return ret
def get_object_or_404(queryset, **filter_kwargs):
def get_object_or_404(queryset, *filter_args, **filter_kwargs):
"""
Same as Django's standard shortcut, but make sure to raise 404
if the filter_kwargs don't match the required types.
"""
try:
return _get_object_or_404(queryset, **filter_kwargs)
return _get_object_or_404(queryset, *filter_args, **filter_kwargs)
except (TypeError, ValueError):
raise Http404
@ -54,6 +54,7 @@ class GenericAPIView(views.APIView):
# If you want to use object lookups other than pk, set this attribute.
# For more complex lookup requirements override `get_object()`.
lookup_field = 'pk'
lookup_url_kwarg = None
# Pagination settings
paginate_by = api_settings.PAGINATE_BY
@ -147,8 +148,8 @@ class GenericAPIView(views.APIView):
page_query_param = self.request.QUERY_PARAMS.get(self.page_kwarg)
page = page_kwarg or page_query_param or 1
try:
page_number = strict_positive_int(page)
except ValueError:
page_number = paginator.validate_number(page)
except InvalidPage:
if page == 'last':
page_number = paginator.num_pages
else:
@ -174,6 +175,14 @@ class GenericAPIView(views.APIView):
method if you want to apply the configured filtering backend to the
default queryset.
"""
for backend in self.get_filter_backends():
queryset = backend().filter_queryset(self.request, queryset, self)
return queryset
def get_filter_backends(self):
"""
Returns the list of filter backends that this view requires.
"""
filter_backends = self.filter_backends or []
if not filter_backends and self.filter_backend:
warnings.warn(
@ -184,10 +193,8 @@ class GenericAPIView(views.APIView):
PendingDeprecationWarning, stacklevel=2
)
filter_backends = [self.filter_backend]
return filter_backends
for backend in filter_backends:
queryset = backend().filter_queryset(self.request, queryset, self)
return queryset
########################
### The following methods provide default implementations
@ -278,9 +285,11 @@ class GenericAPIView(views.APIView):
pass # Deprecation warning
# Perform the lookup filtering.
# Note that `pk` and `slug` are deprecated styles of lookup filtering.
lookup_url_kwarg = self.lookup_url_kwarg or self.lookup_field
lookup = self.kwargs.get(lookup_url_kwarg, None)
pk = self.kwargs.get(self.pk_url_kwarg, None)
slug = self.kwargs.get(self.slug_url_kwarg, None)
lookup = self.kwargs.get(self.lookup_field, None)
if lookup is not None:
filter_kwargs = {self.lookup_field: lookup}

View File

@ -158,7 +158,8 @@ class UpdateModelMixin(object):
Set any attributes on the object that are implicit in the request.
"""
# pk and/or slug attributes are implicit in the URL.
lookup = self.kwargs.get(self.lookup_field, None)
lookup_url_kwarg = self.lookup_url_kwarg or self.lookup_field
lookup = self.kwargs.get(lookup_url_kwarg, None)
pk = self.kwargs.get(self.pk_url_kwarg, None)
slug = self.kwargs.get(self.slug_url_kwarg, None)
slug_field = slug and self.slug_field or None

View File

@ -272,7 +272,9 @@ class TemplateHTMLRenderer(BaseRenderer):
return [self.template_name]
elif hasattr(view, 'get_template_names'):
return view.get_template_names()
raise ImproperlyConfigured('Returned a template response with no template_name')
elif hasattr(view, 'template_name'):
return [view.template_name]
raise ImproperlyConfigured('Returned a template response with no `template_name` attribute set on either the view or response')
def get_exception_template(self, response):
template_names = [name % {'status_code': response.status_code}
@ -334,71 +336,15 @@ class HTMLFormRenderer(BaseRenderer):
template = 'rest_framework/form.html'
charset = 'utf-8'
def data_to_form_fields(self, data):
fields = {}
for key, val in data.fields.items():
if getattr(val, 'read_only', True):
# Don't include read-only fields.
continue
if getattr(val, 'fields', None):
# Nested data not supported by HTML forms.
continue
kwargs = {}
kwargs['required'] = val.required
#if getattr(v, 'queryset', None):
# kwargs['queryset'] = v.queryset
if getattr(val, 'choices', None) is not None:
kwargs['choices'] = val.choices
if getattr(val, 'regex', None) is not None:
kwargs['regex'] = val.regex
if getattr(val, 'widget', None):
widget = copy.deepcopy(val.widget)
kwargs['widget'] = widget
if getattr(val, 'default', None) is not None:
kwargs['initial'] = val.default
if getattr(val, 'label', None) is not None:
kwargs['label'] = val.label
if getattr(val, 'help_text', None) is not None:
kwargs['help_text'] = val.help_text
fields[key] = val.form_field_class(**kwargs)
return fields
def render(self, data, accepted_media_type=None, renderer_context=None):
"""
Render serializer data and return an HTML form, as a string.
"""
# The HTMLFormRenderer currently uses something of a hack to render
# the content, by translating each of the serializer fields into
# an html form field, creating a dynamic form using those fields,
# and then rendering that form.
# This isn't strictly neccessary, as we could render the serilizer
# fields to HTML directly. The implementation is historical and will
# likely change at some point.
self.renderer_context = renderer_context or {}
renderer_context = renderer_context or {}
request = renderer_context['request']
# Creating an on the fly form see:
# http://stackoverflow.com/questions/3915024/dynamically-creating-classes-python
fields = self.data_to_form_fields(data)
DynamicForm = type(str('DynamicForm'), (forms.Form,), fields)
data = None if data.empty else data
template = loader.get_template(self.template)
context = RequestContext(request, {'form': DynamicForm(data)})
context = RequestContext(request, {'form': data})
return template.render(context)
@ -419,8 +365,13 @@ class BrowsableAPIRenderer(BaseRenderer):
"""
renderers = [renderer for renderer in view.renderer_classes
if not issubclass(renderer, BrowsableAPIRenderer)]
non_template_renderers = [renderer for renderer in renderers
if not hasattr(renderer, 'get_template_names')]
if not renderers:
return None
elif non_template_renderers:
return non_template_renderers[0]()
return renderers[0]()
def get_content(self, renderer, data,
@ -468,6 +419,13 @@ class BrowsableAPIRenderer(BaseRenderer):
In the absence of the View having an associated form then return None.
"""
if request.method == method:
data = request.DATA
files = request.FILES
else:
data = None
files = None
with override_method(view, request, method) as request:
obj = getattr(view, 'object', None)
if not self.show_form_for_method(view, method, request, obj):
@ -480,9 +438,10 @@ class BrowsableAPIRenderer(BaseRenderer):
or not any(is_form_media_type(parser.media_type) for parser in view.parser_classes)):
return
serializer = view.get_serializer(instance=obj)
serializer = view.get_serializer(instance=obj, data=data, files=files)
serializer.is_valid()
data = serializer.data
form_renderer = self.form_renderer_class()
return form_renderer.render(data, self.accepted_media_type, self.renderer_context)
@ -574,6 +533,7 @@ class BrowsableAPIRenderer(BaseRenderer):
renderer = self.get_default_renderer(view)
raw_data_post_form = self.get_raw_data_form(view, 'POST', request)
raw_data_put_form = self.get_raw_data_form(view, 'PUT', request)
raw_data_patch_form = self.get_raw_data_form(view, 'PATCH', request)
raw_data_put_or_patch_form = raw_data_put_form or raw_data_patch_form
@ -592,12 +552,11 @@ class BrowsableAPIRenderer(BaseRenderer):
'put_form': self.get_rendered_html_form(view, 'PUT', request),
'post_form': self.get_rendered_html_form(view, 'POST', request),
'patch_form': self.get_rendered_html_form(view, 'PATCH', request),
'delete_form': self.get_rendered_html_form(view, 'DELETE', request),
'options_form': self.get_rendered_html_form(view, 'OPTIONS', request),
'raw_data_put_form': raw_data_put_form,
'raw_data_post_form': self.get_raw_data_form(view, 'POST', request),
'raw_data_post_form': raw_data_post_form,
'raw_data_patch_form': raw_data_patch_form,
'raw_data_put_or_patch_form': raw_data_put_or_patch_form,

View File

@ -334,7 +334,7 @@ class Request(object):
self._CONTENT_PARAM in self._data and
self._CONTENTTYPE_PARAM in self._data):
self._content_type = self._data[self._CONTENTTYPE_PARAM]
self._stream = BytesIO(self._data[self._CONTENT_PARAM].encode(HTTP_HEADER_ENCODING))
self._stream = BytesIO(self._data[self._CONTENT_PARAM].encode(self.parser_context['encoding']))
self._data, self._files = (Empty, Empty)
def _parse(self):

View File

@ -32,6 +32,13 @@ from rest_framework.relations import *
from rest_framework.fields import *
def pretty_name(name):
"""Converts 'first_name' to 'First name'"""
if not name:
return ''
return name.replace('_', ' ').capitalize()
class RelationsList(list):
_deleted = []
@ -255,10 +262,13 @@ class BaseSerializer(WritableField):
for field_name, field in self.fields.items():
if field_name in self._errors:
continue
source = field.source or field_name
if self.partial and source not in attrs:
continue
try:
validate_method = getattr(self, 'validate_%s' % field_name, None)
if validate_method:
source = field.source or field_name
attrs = validate_method(attrs, source)
except ValidationError as err:
self._errors[field_name] = self._errors.get(field_name, []) + list(err.messages)
@ -301,14 +311,19 @@ class BaseSerializer(WritableField):
"""
ret = self._dict_class()
ret.fields = self._dict_class()
ret.empty = obj is None
for field_name, field in self.fields.items():
if field.read_only and obj is None:
continue
field.initialize(parent=self, field_name=field_name)
key = self.get_field_key(field_name)
value = field.field_to_native(obj, field_name)
method = getattr(self, 'transform_%s' % field_name, None)
if callable(method):
value = method(obj, value)
ret[key] = value
ret.fields[key] = field
ret.fields[key] = self.augment_field(field, field_name, key, value)
return ret
def from_native(self, data, files):
@ -316,6 +331,7 @@ class BaseSerializer(WritableField):
Deserialize primitives -> objects.
"""
self._errors = {}
if data is not None or files is not None:
attrs = self.restore_fields(data, files)
if attrs is not None:
@ -326,6 +342,15 @@ class BaseSerializer(WritableField):
if not self._errors:
return self.restore_object(attrs, instance=getattr(self, 'object', None))
def augment_field(self, field, field_name, key, value):
# This horrible stuff is to manage serializers rendering to HTML
field._errors = self._errors.get(key) if self._errors else None
field._name = field_name
field._value = self.init_data.get(key) if self._errors and self.init_data else value
if not field.label:
field.label = pretty_name(key)
return field
def field_to_native(self, obj, field_name):
"""
Override default so that the serializer can be used as a nested field
@ -381,7 +406,7 @@ class BaseSerializer(WritableField):
return
# Set the serializer object if it exists
obj = getattr(self.parent.object, field_name) if self.parent.object else None
obj = get_component(self.parent.object, self.source or field_name) if self.parent.object else None
obj = obj.all() if is_simple_callable(getattr(obj, 'all', None)) else obj
if self.source == '*':
@ -890,7 +915,7 @@ class ModelSerializer(Serializer):
def save_object(self, obj, **kwargs):
"""
Save the deserialized object and return it.
Save the deserialized object.
"""
if getattr(obj, '_nested_forward_relations', None):
# Nested relationships need to be saved before we can save the

View File

@ -110,7 +110,9 @@
<div class="content-main">
<div class="page-header"><h1>{{ name }}</h1></div>
{% block description %}
{{ description }}
{% endblock %}
<div class="request-info" style="clear: both" >
<pre class="prettyprint"><b>{{ request.method }}</b> {{ request.get_full_path }}</pre>
</div>
@ -151,7 +153,7 @@
{% with form=raw_data_post_form %}
<form action="{{ request.get_full_path }}" method="POST" class="form-horizontal">
<fieldset>
{% include "rest_framework/form.html" %}
{% include "rest_framework/raw_data_form.html" %}
<div class="form-actions">
<button class="btn btn-primary" title="Make a POST request on the {{ name }} resource">POST</button>
</div>
@ -188,7 +190,7 @@
{% with form=raw_data_put_or_patch_form %}
<form action="{{ request.get_full_path }}" method="POST" class="form-horizontal">
<fieldset>
{% include "rest_framework/form.html" %}
{% include "rest_framework/raw_data_form.html" %}
<div class="form-actions">
{% if raw_data_put_form %}
<button class="btn btn-primary js-tooltip" name="{{ api_settings.FORM_METHOD_OVERRIDE }}" value="PUT" title="Make a PUT request on the {{ name }} resource">PUT</button>
@ -219,9 +221,6 @@
</div><!-- ./wrapper -->
{% block footer %}
<!--<div id="footer">
<a class="powered-by" href='http://django-rest-framework.org'>Django REST framework</a>
</div>-->
{% endblock %}
{% block script %}

View File

@ -1,13 +1,15 @@
{% load rest_framework %}
{% csrf_token %}
{{ form.non_field_errors }}
{% for field in form %}
<div class="control-group"> <!--{% if field.errors %}error{% endif %}-->
{% for field in form.fields.values %}
{% if not field.read_only %}
<div class="control-group {% if field.errors %}error{% endif %}">
{{ field.label_tag|add_class:"control-label" }}
<div class="controls">
{{ field }}
<span class="help-block">{{ field.help_text }}</span>
<!--{{ field.errors|add_class:"help-block" }}-->
{{ field.widget_html }}
{% if field.help_text %}<span class="help-block">{{ field.help_text }}</span>{% endif %}
{% for error in field.errors %}<span class="help-block">{{ error }}</span>{% endfor %}
</div>
</div>
{% endif %}
{% endfor %}

View File

@ -0,0 +1,12 @@
{% load rest_framework %}
{% csrf_token %}
{{ form.non_field_errors }}
{% for field in form %}
<div class="control-group">
{{ field.label_tag|add_class:"control-label" }}
<div class="controls">
{{ field }}
<span class="help-block">{{ field.help_text }}</span>
</div>
</div>
{% endfor %}

View File

@ -80,3 +80,16 @@ class FileSerializerTests(TestCase):
serializer = UploadedFileSerializer(data={'created': now, 'file': 'abc'})
self.assertFalse(serializer.is_valid())
self.assertEqual(serializer.errors, {'file': [errmsg]})
def test_validation_with_no_data(self):
"""
Validation should still function when no data dictionary is provided.
"""
now = datetime.datetime.now()
file = BytesIO(six.b('stuff'))
file.name = 'stuff.txt'
file.size = len(file.getvalue())
uploaded_file = UploadedFile(file=file, created=now)
serializer = UploadedFileSerializer(files={'file': file})
self.assertFalse(serializer.is_valid())

View File

@ -430,3 +430,88 @@ class TestCustomPaginationSerializer(TestCase):
'objects': ['john', 'paul']
}
self.assertEqual(serializer.data, expected)
class NonIntegerPage(object):
def __init__(self, paginator, object_list, prev_token, token, next_token):
self.paginator = paginator
self.object_list = object_list
self.prev_token = prev_token
self.token = token
self.next_token = next_token
def has_next(self):
return not not self.next_token
def next_page_number(self):
return self.next_token
def has_previous(self):
return not not self.prev_token
def previous_page_number(self):
return self.prev_token
class NonIntegerPaginator(object):
def __init__(self, object_list, per_page):
self.object_list = object_list
self.per_page = per_page
def count(self):
# pretend like we don't know how many pages we have
return None
def page(self, token=None):
if token:
try:
first = self.object_list.index(token)
except ValueError:
first = 0
else:
first = 0
n = len(self.object_list)
last = min(first + self.per_page, n)
prev_token = self.object_list[last - (2 * self.per_page)] if first else None
next_token = self.object_list[last] if last < n else None
return NonIntegerPage(self, self.object_list[first:last], prev_token, token, next_token)
class TestNonIntegerPagination(TestCase):
def test_custom_pagination_serializer(self):
objects = ['john', 'paul', 'george', 'ringo']
paginator = NonIntegerPaginator(objects, 2)
request = APIRequestFactory().get('/foobar')
serializer = CustomPaginationSerializer(
instance=paginator.page(),
context={'request': request}
)
expected = {
'links': {
'next': 'http://testserver/foobar?page={0}'.format(objects[2]),
'prev': None
},
'total_results': None,
'objects': objects[:2]
}
self.assertEqual(serializer.data, expected)
request = APIRequestFactory().get('/foobar')
serializer = CustomPaginationSerializer(
instance=paginator.page('george'),
context={'request': request}
)
expected = {
'links': {
'next': None,
'prev': 'http://testserver/foobar?page={0}'.format(objects[0]),
},
'total_results': None,
'objects': objects[2:]
}
self.assertEqual(serializer.data, expected)

View File

@ -328,7 +328,7 @@ if yaml:
class YAMLRendererTests(TestCase):
"""
Tests specific to the JSON Renderer
Tests specific to the YAML Renderer
"""
def test_render(self):
@ -354,6 +354,17 @@ if yaml:
data = parser.parse(StringIO(content))
self.assertEqual(obj, data)
def test_render_decimal(self):
"""
Test YAML decimal rendering.
"""
renderer = YAMLRenderer()
content = renderer.render({'field': Decimal('111.2')}, 'application/yaml')
self.assertYAMLContains(content, "field: '111.2'")
def assertYAMLContains(self, content, string):
self.assertTrue(string in content, '%r not in %r' % (string, content))
class XMLRendererTestCase(TestCase):
"""

View File

@ -5,6 +5,7 @@ from __future__ import unicode_literals
from django.contrib.auth.models import User
from django.contrib.auth import authenticate, login, logout
from django.contrib.sessions.middleware import SessionMiddleware
from django.core.handlers.wsgi import WSGIRequest
from django.test import TestCase
from rest_framework import status
from rest_framework.authentication import SessionAuthentication
@ -15,12 +16,13 @@ from rest_framework.parsers import (
MultiPartParser,
JSONParser
)
from rest_framework.request import Request
from rest_framework.request import Request, Empty
from rest_framework.response import Response
from rest_framework.settings import api_settings
from rest_framework.test import APIRequestFactory, APIClient
from rest_framework.views import APIView
from rest_framework.compat import six
from io import BytesIO
import json
@ -146,6 +148,34 @@ class TestContentParsing(TestCase):
request.parsers = (JSONParser(), )
self.assertEqual(request.DATA, json_data)
def test_form_POST_unicode(self):
"""
JSON POST via default web interface with unicode data
"""
# Note: environ and other variables here have simplified content compared to real Request
CONTENT = b'_content_type=application%2Fjson&_content=%7B%22request%22%3A+4%2C+%22firm%22%3A+1%2C+%22text%22%3A+%22%D0%9F%D1%80%D0%B8%D0%B2%D0%B5%D1%82%21%22%7D'
environ = {
'REQUEST_METHOD': 'POST',
'CONTENT_TYPE': 'application/x-www-form-urlencoded',
'CONTENT_LENGTH': len(CONTENT),
'wsgi.input': BytesIO(CONTENT),
}
wsgi_request = WSGIRequest(environ=environ)
wsgi_request._load_post_and_files()
parsers = (JSONParser(), FormParser(), MultiPartParser())
parser_context = {
'encoding': 'utf-8',
'kwargs': {},
'args': (),
}
request = Request(wsgi_request, parsers=parsers, parser_context=parser_context)
method = request.method
self.assertEqual(method, 'POST')
self.assertEqual(request._content_type, 'application/json')
self.assertEqual(request._stream.getvalue(), b'{"request": 4, "firm": 1, "text": "\xd0\x9f\xd1\x80\xd0\xb8\xd0\xb2\xd0\xb5\xd1\x82!"}')
self.assertEqual(request._data, Empty)
self.assertEqual(request._files, Empty)
# def test_accessing_post_after_data_form(self):
# """
# Ensures request.POST can be accessed after request.DATA in

View File

@ -159,8 +159,7 @@ class BasicTests(TestCase):
expected = {
'email': '',
'content': '',
'created': None,
'sub_comment': ''
'created': None
}
self.assertEqual(serializer.data, expected)
@ -512,6 +511,33 @@ class CustomValidationTests(TestCase):
self.assertFalse(serializer.is_valid())
self.assertEqual(serializer.errors, {'email': ['Enter a valid email address.']})
def test_partial_update(self):
"""
Make sure that validate_email isn't called when partial=True and email
isn't found in data.
"""
initial_data = {
'email': 'tom@example.com',
'content': 'A test comment',
'created': datetime.datetime(2012, 1, 1)
}
serializer = self.CommentSerializerWithFieldValidator(data=initial_data)
self.assertEqual(serializer.is_valid(), True)
instance = serializer.object
new_content = 'An *updated* test comment'
partial_data = {
'content': new_content
}
serializer = self.CommentSerializerWithFieldValidator(instance=instance,
data=partial_data,
partial=True)
self.assertEqual(serializer.is_valid(), True)
instance = serializer.object
self.assertEqual(instance.content, new_content)
class PositiveIntegerAsChoiceTests(TestCase):
def test_positive_integer_in_json_is_correctly_parsed(self):
@ -1659,3 +1685,38 @@ class SerializerSupportsManyRelationships(TestCase):
serializer = SimpleSlugSourceModelSerializer(data={'text': 'foo', 'targets': [1, 2]})
self.assertTrue(serializer.is_valid())
self.assertEqual(serializer.data, {'text': 'foo', 'targets': [1, 2]})
class TransformMethodsSerializer(serializers.Serializer):
a = serializers.CharField()
b_renamed = serializers.CharField(source='b')
def transform_a(self, obj, value):
return value.lower()
def transform_b_renamed(self, obj, value):
if value is not None:
return 'and ' + value
class TestSerializerTransformMethods(TestCase):
def setUp(self):
self.s = TransformMethodsSerializer()
def test_transform_methods(self):
self.assertEqual(
self.s.to_native({'a': 'GREEN EGGS', 'b': 'HAM'}),
{
'a': 'green eggs',
'b_renamed': 'and HAM',
}
)
def test_missing_fields(self):
self.assertEqual(
self.s.to_native({'a': 'GREEN EGGS'}),
{
'a': 'green eggs',
'b_renamed': None,
}
)

View File

@ -0,0 +1,15 @@
from django.test import TestCase
from rest_framework import serializers
class EmptySerializerTestCase(TestCase):
def test_empty_serializer(self):
class FooBarSerializer(serializers.Serializer):
foo = serializers.IntegerField()
bar = serializers.SerializerMethodField('get_bar')
def get_bar(self, obj):
return 'bar'
serializer = FooBarSerializer()
self.assertEquals(serializer.data, {'foo': 0})

View File

@ -244,3 +244,70 @@ class WritableNestedSerializerObjectTests(TestCase):
serializer = self.AlbumSerializer(data=data, many=True)
self.assertEqual(serializer.is_valid(), True)
self.assertEqual(serializer.object, expected_object)
class ForeignKeyNestedSerializerUpdateTests(TestCase):
def setUp(self):
class Artist(object):
def __init__(self, name):
self.name = name
def __eq__(self, other):
return self.name == other.name
class Album(object):
def __init__(self, name, artist):
self.name, self.artist = name, artist
def __eq__(self, other):
return self.name == other.name and self.artist == other.artist
class ArtistSerializer(serializers.Serializer):
name = serializers.CharField()
def restore_object(self, attrs, instance=None):
if instance:
instance.name = attrs['name']
else:
instance = Artist(attrs['name'])
return instance
class AlbumSerializer(serializers.Serializer):
name = serializers.CharField()
by = ArtistSerializer(source='artist')
def restore_object(self, attrs, instance=None):
if instance:
instance.name = attrs['name']
instance.artist = attrs['artist']
else:
instance = Album(attrs['name'], attrs['artist'])
return instance
self.Artist = Artist
self.Album = Album
self.AlbumSerializer = AlbumSerializer
def test_create_via_foreign_key_with_source(self):
"""
Check that we can both *create* and *update* into objects across
ForeignKeys that have a `source` specified.
Regression test for #1170
"""
data = {
'name': 'Discovery',
'by': {'name': 'Daft Punk'},
}
expected = self.Album(artist=self.Artist('Daft Punk'), name='Discovery')
# create
serializer = self.AlbumSerializer(data=data)
self.assertEqual(serializer.is_valid(), True)
self.assertEqual(serializer.object, expected)
# update
original = self.Album(artist=self.Artist('The Bats'), name='Free All the Monsters')
serializer = self.AlbumSerializer(instance=original, data=data)
self.assertEqual(serializer.is_valid(), True)
self.assertEqual(serializer.object, expected)

View File

@ -89,6 +89,9 @@ else:
node.flow_style = best_style
return node
SafeDumper.add_representer(decimal.Decimal,
SafeDumper.represent_decimal)
SafeDumper.add_representer(SortedDict,
yaml.representer.SafeRepresenter.represent_dict)
SafeDumper.add_representer(DictWithMetadata,

View File

@ -154,8 +154,8 @@ class APIView(View):
Returns a dict that is passed through to Parser.parse(),
as the `parser_context` keyword argument.
"""
# Note: Additionally `request` will also be added to the context
# by the Request object.
# Note: Additionally `request` and `encoding` will also be added
# to the context by the Request object.
return {
'view': self,
'args': getattr(self, 'args', ()),