From 33f494fcc89711ab7e97f47fe8d9b287aac4730f Mon Sep 17 00:00:00 2001
From: forgingdestiny <development@forgingdestiny.com>
Date: Wed, 17 Apr 2013 10:14:36 -0400
Subject: [PATCH 01/10] add branding and style blocks

---
 .../templates/rest_framework/login_base.html  | 55 +++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 rest_framework/templates/rest_framework/login_base.html

diff --git a/rest_framework/templates/rest_framework/login_base.html b/rest_framework/templates/rest_framework/login_base.html
new file mode 100644
index 000000000..380d58205
--- /dev/null
+++ b/rest_framework/templates/rest_framework/login_base.html
@@ -0,0 +1,55 @@
+{% load url from future %}
+{% load rest_framework %}
+<html>
+
+    <head>
+        {% block style %}
+        {% block bootstrap_theme %}<link rel="stylesheet" type="text/css" href="{% static "rest_framework/css/bootstrap.min.css" %}"/>{% endblock %}
+        <link rel="stylesheet" type="text/css" href="{% static "rest_framework/css/bootstrap-tweaks.css" %}"/>
+        <link rel="stylesheet" type="text/css" href="{% static "rest_framework/css/default.css" %}"/>
+        {% endblock %}
+    </head>
+
+    <body class="container">
+
+<div class="container-fluid" style="margin-top: 30px">
+        <div class="row-fluid">
+         
+        <div class="well" style="width: 320px; margin-left: auto; margin-right: auto">
+            <div class="row-fluid">
+                <div>
+                    {% block branding %}<h3 style="margin: 0 0 20px;">Django REST framework</h3>{% endblock %}
+                </div>
+            </div><!-- /row fluid -->
+
+            <div class="row-fluid">
+                <div>
+                    <form action="{% url 'rest_framework:login' %}" class=" form-inline" method="post">
+                        {% csrf_token %}
+                        <div id="div_id_username" class="clearfix control-group">
+                            <div class="controls">
+                                <Label class="span4">Username:</label>
+                                <input style="height: 25px" type="text" name="username" maxlength="100" autocapitalize="off" autocorrect="off" class="textinput textInput" id="id_username">
+                            </div>
+                        </div>
+                        <div id="div_id_password" class="clearfix control-group">
+                            <div class="controls">
+                                <Label class="span4">Password:</label>
+                                <input style="height: 25px" type="password" name="password" maxlength="100" autocapitalize="off" autocorrect="off" class="textinput textInput" id="id_password">
+                            </div>
+                        </div>
+                        <input type="hidden" name="next" value="{{ next }}" />
+                        <div class="form-actions-no-box">
+                            <input type="submit" name="submit" value="Log in" class="btn btn-primary" id="submit-id-submit">
+                        </div>
+                    </form>
+                </div>
+            </div><!-- /row fluid -->
+        </div><!--/span-->
+
+        </div><!-- /.row-fluid -->
+    </div>
+
+        </div>
+    </body>
+</html>

From 03c736338fa04092da99d7d9ea202c8778998b38 Mon Sep 17 00:00:00 2001
From: forgingdestiny <development@forgingdestiny.com>
Date: Wed, 17 Apr 2013 10:15:02 -0400
Subject: [PATCH 02/10] extend base login template

---
 .../templates/rest_framework/login.html       | 54 +------------------
 1 file changed, 2 insertions(+), 52 deletions(-)

diff --git a/rest_framework/templates/rest_framework/login.html b/rest_framework/templates/rest_framework/login.html
index e10ce20f3..b76293279 100644
--- a/rest_framework/templates/rest_framework/login.html
+++ b/rest_framework/templates/rest_framework/login.html
@@ -1,53 +1,3 @@
-{% load url from future %}
-{% load rest_framework %}
-<html>
+{% extends "rest_framework/login_base.html" %}
 
-    <head>
-        <link rel="stylesheet" type="text/css" href="{% static "rest_framework/css/bootstrap.min.css" %}"/>
-        <link rel="stylesheet" type="text/css" href="{% static "rest_framework/css/bootstrap-tweaks.css" %}"/>
-        <link rel="stylesheet" type="text/css" href="{% static "rest_framework/css/default.css" %}"/>
-    </head>
-
-    <body class="container">
-
-<div class="container-fluid" style="margin-top: 30px">
-        <div class="row-fluid">
-         
-        <div class="well" style="width: 320px; margin-left: auto; margin-right: auto">
-            <div class="row-fluid">
-                <div>
-                    <h3 style="margin: 0 0 20px;">Django REST framework</h3>
-                </div>
-            </div><!-- /row fluid -->
-
-            <div class="row-fluid">
-                <div>
-                    <form action="{% url 'rest_framework:login' %}" class=" form-inline" method="post">
-                        {% csrf_token %}
-                        <div id="div_id_username" class="clearfix control-group">
-                            <div class="controls">
-                                <Label class="span4">Username:</label>
-                                <input style="height: 25px" type="text" name="username" maxlength="100" autocapitalize="off" autocorrect="off" class="textinput textInput" id="id_username">
-                            </div>
-                        </div>
-                        <div id="div_id_password" class="clearfix control-group">
-                            <div class="controls">
-                                <Label class="span4">Password:</label>
-                                <input style="height: 25px" type="password" name="password" maxlength="100" autocapitalize="off" autocorrect="off" class="textinput textInput" id="id_password">
-                            </div>
-                        </div>
-                        <input type="hidden" name="next" value="{{ next }}" />
-                        <div class="form-actions-no-box">
-                            <input type="submit" name="submit" value="Log in" class="btn btn-primary" id="submit-id-submit">
-                        </div>
-                    </form>
-                </div>
-            </div><!-- /row fluid -->
-        </div><!--/span-->
-
-        </div><!-- /.row-fluid -->
-    </div>
-
-        </div>
-    </body>
-</html>
+{# Override this template in your own templates directory to customize #}

From f7fdcd55e451e4a37c518e1916dc2be513edbab5 Mon Sep 17 00:00:00 2001
From: Matt Majewski <development@forgingdestiny.com>
Date: Wed, 17 Apr 2013 12:27:48 -0300
Subject: [PATCH 03/10] Update browsable-api.md

Add login template docs
---
 docs/topics/browsable-api.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/docs/topics/browsable-api.md b/docs/topics/browsable-api.md
index 5f80c4f95..8ee018249 100644
--- a/docs/topics/browsable-api.md
+++ b/docs/topics/browsable-api.md
@@ -60,6 +60,17 @@ All of the [Bootstrap components][bcomponents] are available.
 
 The browsable API makes use of the Bootstrap tooltips component. Any element with the `js-tooltip` class and a `title` attribute has that title content displayed in a tooltip on hover after a 1000ms delay.
 
+### Login Template
+
+To add branding and customize the look-and-feel of the auth login template, create a template called `login.html` and add it to your project, eg: `templates/rest_framework/login.html`, that extends the `rest_framework/base_login.html` template.
+
+You can add your site name or branding by including the branding block:
+
+    {% block branding %}
+        <h3 style="margin: 0 0 20px;">My Site Name</h3>
+    {% endblock %}
+    
+You can also customize the style by adding the `bootstrap_theme` or `style` block similar to `api.html`.
 
 ### Advanced Customization
 

From eb58596b89fcc083e5ad1d13b36006ae6ebbfafb Mon Sep 17 00:00:00 2001
From: Tom Christie <tom@tomchristie.com>
Date: Wed, 17 Apr 2013 23:17:08 +0200
Subject: [PATCH 04/10] Update release-notes.md

---
 docs/topics/release-notes.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md
index 5e0aa0986..106e7cd55 100644
--- a/docs/topics/release-notes.md
+++ b/docs/topics/release-notes.md
@@ -40,6 +40,10 @@ You can determine your currently installed version using `pip freeze`:
 
 ## 2.2.x series
 
+### Master
+
+* Made Login template more easy to restyle.
+
 ### 2.2.7
 
 **Date**: 17th April 2013

From eaac15294080e9cda1610168262f9da2fd088e73 Mon Sep 17 00:00:00 2001
From: Tom Christie <tom@tomchristie.com>
Date: Wed, 17 Apr 2013 23:19:16 +0200
Subject: [PATCH 05/10] Added @forgingdestiny for login template work.

Thanks!  (Refs: #794)
---
 docs/topics/credits.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/docs/topics/credits.md b/docs/topics/credits.md
index da49e5212..02e4dff87 100644
--- a/docs/topics/credits.md
+++ b/docs/topics/credits.md
@@ -116,6 +116,7 @@ The following people have helped make REST framework great.
 * Victor Shih - [vshih]
 * Atle Frenvik Sveen - [atlefren]
 * J. Paul Reed - [preed]
+* Matt Majewski - [forgingdestiny]
 
 Many thanks to everyone who's contributed to the project.
 
@@ -266,3 +267,5 @@ You can also contact [@_tomchristie][twitter] directly on twitter.
 [vshih]: https://github.com/vshih
 [atlefren]: https://github.com/atlefren
 [preed]: https://github.com/preed
+[forgingdestiny]: https://github.com/forgingdestiny
+

From 73019f91fe55f2ac16ce179917f686bf1a931597 Mon Sep 17 00:00:00 2001
From: Tom Christie <tom@tomchristie.com>
Date: Sat, 27 Apr 2013 14:29:32 +0200
Subject: [PATCH 06/10] Update docs on object-level permissions.

Closes #801.
---
 docs/api-guide/permissions.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/docs/api-guide/permissions.md b/docs/api-guide/permissions.md
index 4772c5e0d..a7de77fcc 100644
--- a/docs/api-guide/permissions.md
+++ b/docs/api-guide/permissions.md
@@ -21,7 +21,12 @@ If any permission check fails an `exceptions.PermissionDenied` exception will be
 
 REST framework permissions also support object-level permissioning.  Object level permissions are used to determine if a user should be allowed to act on a particular object, which will typically be a model instance.
 
-Object level permissions are run by REST framework's generic views when `.get_object()` is called.  As with view level permissions, an `exceptions.PermissionDenied` exception will be raised if the user is not allowed to act on the given object.
+Object level permissions are run by REST framework's generic views when `.get_object()` is called.
+As with view level permissions, an `exceptions.PermissionDenied` exception will be raised if the user is not allowed to act on the given object.
+
+If you're writing your own views and want to enforce object level permissions,
+you'll need to explicitly call the `.check_object_permissions(request, obj)` method on the view at the point at which you've retrieved the object.
+This will either raise a `PermissionDenied` or `NotAuthenticated` exception, or simply return if the view has the appropraite permissions.
 
 ## Setting the permission policy
 

From 33a26a76f1e8e1bde715711cca3acfd3992d07db Mon Sep 17 00:00:00 2001
From: Tom Christie <tom@tomchristie.com>
Date: Sat, 27 Apr 2013 16:35:42 +0200
Subject: [PATCH 07/10] Typo

---
 docs/api-guide/permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/api-guide/permissions.md b/docs/api-guide/permissions.md
index a7de77fcc..0c82b2a36 100644
--- a/docs/api-guide/permissions.md
+++ b/docs/api-guide/permissions.md
@@ -26,7 +26,7 @@ As with view level permissions, an `exceptions.PermissionDenied` exception will
 
 If you're writing your own views and want to enforce object level permissions,
 you'll need to explicitly call the `.check_object_permissions(request, obj)` method on the view at the point at which you've retrieved the object.
-This will either raise a `PermissionDenied` or `NotAuthenticated` exception, or simply return if the view has the appropraite permissions.
+This will either raise a `PermissionDenied` or `NotAuthenticated` exception, or simply return if the view has the appropriate permissions.
 
 ## Setting the permission policy
 

From 3b0fa3ebaa9d42723d970bb88be0dfe2586d1a5e Mon Sep 17 00:00:00 2001
From: JC <chenjyw@gmail.com>
Date: Sat, 27 Apr 2013 13:10:39 -0700
Subject: [PATCH 08/10] Changed DepthTest to have depth=2

---
 rest_framework/tests/serializer.py | 31 ++++++++++++++++++------------
 1 file changed, 19 insertions(+), 12 deletions(-)

diff --git a/rest_framework/tests/serializer.py b/rest_framework/tests/serializer.py
index 05217f35a..bd874253d 100644
--- a/rest_framework/tests/serializer.py
+++ b/rest_framework/tests/serializer.py
@@ -3,7 +3,7 @@ from django.utils.datastructures import MultiValueDict
 from django.test import TestCase
 from rest_framework import serializers
 from rest_framework.tests.models import (HasPositiveIntegerAsChoice, Album, ActionItem, Anchor, BasicModel,
-    BlankFieldModel, BlogPost, Book, CallableDefaultValueModel, DefaultValueModel,
+    BlankFieldModel, BlogPost, BlogPostComment, Book, CallableDefaultValueModel, DefaultValueModel,
     ManyToManyModel, Person, ReadOnlyManyToManyModel, Photo)
 import datetime
 import pickle
@@ -767,8 +767,6 @@ class RelatedTraversalTest(TestCase):
         post = BlogPost.objects.create(title="Test blog post", writer=user)
         post.blogpostcomment_set.create(text="I love this blog post")
 
-        from rest_framework.tests.models import BlogPostComment
-
         class PersonSerializer(serializers.ModelSerializer):
             class Meta:
                 model = Person
@@ -968,23 +966,26 @@ class SerializerPickleTests(TestCase):
 
 class DepthTest(TestCase):
     def test_implicit_nesting(self):
+
         writer = Person.objects.create(name="django", age=1)
         post = BlogPost.objects.create(title="Test blog post", writer=writer)
+        comment = BlogPostComment.objects.create(text="Test blog post comment", blog_post=post)
 
-        class BlogPostSerializer(serializers.ModelSerializer):
+        class BlogPostCommentSerializer(serializers.ModelSerializer):
             class Meta:
-                model = BlogPost
-                depth = 1
+                model = BlogPostComment
+                depth = 2
 
-        serializer = BlogPostSerializer(instance=post)
-        expected = {'id': 1, 'title': 'Test blog post',
-                    'writer': {'id': 1, 'name': 'django', 'age': 1}}
+        serializer = BlogPostCommentSerializer(instance=comment)
+        expected = {'id': 1, 'text': 'Test blog post comment', 'blog_post': {'id': 1, 'title': 'Test blog post',
+                    'writer': {'id': 1, 'name': 'django', 'age': 1}}}
 
         self.assertEqual(serializer.data, expected)
 
     def test_explicit_nesting(self):
         writer = Person.objects.create(name="django", age=1)
         post = BlogPost.objects.create(title="Test blog post", writer=writer)
+        comment = BlogPostComment.objects.create(text="Test blog post comment", blog_post=post)
 
         class PersonSerializer(serializers.ModelSerializer):
             class Meta:
@@ -996,9 +997,15 @@ class DepthTest(TestCase):
             class Meta:
                 model = BlogPost
 
-        serializer = BlogPostSerializer(instance=post)
-        expected = {'id': 1, 'title': 'Test blog post',
-                    'writer': {'id': 1, 'name': 'django', 'age': 1}}
+        class BlogPostCommentSerializer(serializers.ModelSerializer):
+            blog_post = BlogPostSerializer()
+
+            class Meta:
+                model = BlogPostComment
+
+        serializer = BlogPostCommentSerializer(instance=comment)
+        expected = {'id': 1, 'text': 'Test blog post comment', 'blog_post': {'id': 1, 'title': 'Test blog post',
+                    'writer': {'id': 1, 'name': 'django', 'age': 1}}}
 
         self.assertEqual(serializer.data, expected)
 

From 8cbb715f4c5550d76e397828608a31a4f254a37d Mon Sep 17 00:00:00 2001
From: JC <chenjyw@gmail.com>
Date: Sat, 27 Apr 2013 13:23:55 -0700
Subject: [PATCH 09/10] Changed definition of NestedModelSerializer to correct
 depth handling

---
 rest_framework/serializers.py | 14 ++------------
 1 file changed, 2 insertions(+), 12 deletions(-)

diff --git a/rest_framework/serializers.py b/rest_framework/serializers.py
index e28bbe81d..add465665 100644
--- a/rest_framework/serializers.py
+++ b/rest_framework/serializers.py
@@ -205,18 +205,6 @@ class BaseSerializer(WritableField):
 
         return ret
 
-    #####
-    # Field methods - used when the serializer class is itself used as a field.
-
-    def initialize(self, parent, field_name):
-        """
-        Same behaviour as usual Field, except that we need to keep track
-        of state so that we can deal with handling maximum depth.
-        """
-        super(BaseSerializer, self).initialize(parent, field_name)
-        if parent.opts.depth:
-            self.opts.depth = parent.opts.depth - 1
-
     #####
     # Methods to convert or revert from objects <--> primitive representations.
 
@@ -619,6 +607,8 @@ class ModelSerializer(Serializer):
         class NestedModelSerializer(ModelSerializer):
             class Meta:
                 model = model_field.rel.to
+                depth = self.opts.depth - 1
+
         return NestedModelSerializer()
 
     def get_related_field(self, model_field, to_many=False):

From 5d357a9b0807311b97de1e999be588f36fcd5b2f Mon Sep 17 00:00:00 2001
From: Tom Christie <tom@tomchristie.com>
Date: Mon, 29 Apr 2013 10:28:51 +0200
Subject: [PATCH 10/10] Added @chenjyw for depth bugfix #802.  Thanks!

---
 docs/topics/credits.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/topics/credits.md b/docs/topics/credits.md
index 02e4dff87..7b8a428ea 100644
--- a/docs/topics/credits.md
+++ b/docs/topics/credits.md
@@ -117,6 +117,7 @@ The following people have helped make REST framework great.
 * Atle Frenvik Sveen - [atlefren]
 * J. Paul Reed - [preed]
 * Matt Majewski - [forgingdestiny]
+* Jerome Chen - [chenjyw]
 
 Many thanks to everyone who's contributed to the project.
 
@@ -268,4 +269,4 @@ You can also contact [@_tomchristie][twitter] directly on twitter.
 [atlefren]: https://github.com/atlefren
 [preed]: https://github.com/preed
 [forgingdestiny]: https://github.com/forgingdestiny
-
+[chenjyw]: https://github.com/chenjyw