From 5c87db96c54aeb8ee62213b3ab2a054546d9756c Mon Sep 17 00:00:00 2001 From: elmkarami Date: Wed, 19 Mar 2014 15:41:25 +0000 Subject: [PATCH 1/3] Update serializers.py Prevent iterating over a string that is supposed to be an iterable <==> Prevent read_only_fields = ('some_string) --- rest_framework/serializers.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/rest_framework/serializers.py b/rest_framework/serializers.py index 10256d479..62ef5eedc 100644 --- a/rest_framework/serializers.py +++ b/rest_framework/serializers.py @@ -757,6 +757,9 @@ class ModelSerializer(Serializer): field.read_only = True ret[accessor_name] = field + + #Ensure that 'read_only_fields is an iterable + assert isinstance(self.opts.read_only_fields, (list, tuple)), '`read_only_fields` must be a list or tuple' # Add the `read_only` flag to any fields that have bee specified # in the `read_only_fields` option @@ -771,7 +774,10 @@ class ModelSerializer(Serializer): "on serializer '%s'." % (field_name, self.__class__.__name__)) ret[field_name].read_only = True - + + # Ensure that 'write_only_fields' is an iterabe + assert isinstance(self.opts.write_only_fields, (list, tuple)), '`read_only_fields` must be a list or tuple' + for field_name in self.opts.write_only_fields: assert field_name not in self.base_fields.keys(), ( "field '%s' on serializer '%s' specified in " From 03f96988baa6b7fa3a94fd49a5a1631f92b19b4a Mon Sep 17 00:00:00 2001 From: elmkarami Date: Wed, 19 Mar 2014 17:11:44 +0000 Subject: [PATCH 2/3] Update serializers.py Prevent iterating over a string that is supposed to be an iterable <==> Prevent read_only_fields = ('some_string) --- rest_framework/serializers.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rest_framework/serializers.py b/rest_framework/serializers.py index 62ef5eedc..03db418dc 100644 --- a/rest_framework/serializers.py +++ b/rest_framework/serializers.py @@ -758,7 +758,7 @@ class ModelSerializer(Serializer): ret[accessor_name] = field - #Ensure that 'read_only_fields is an iterable + # Ensure that 'read_only_fields' is an iterable assert isinstance(self.opts.read_only_fields, (list, tuple)), '`read_only_fields` must be a list or tuple' # Add the `read_only` flag to any fields that have bee specified @@ -775,7 +775,7 @@ class ModelSerializer(Serializer): (field_name, self.__class__.__name__)) ret[field_name].read_only = True - # Ensure that 'write_only_fields' is an iterabe + # Ensure that 'write_only_fields' is an iterable assert isinstance(self.opts.write_only_fields, (list, tuple)), '`read_only_fields` must be a list or tuple' for field_name in self.opts.write_only_fields: From 499d3cb8f0cb2f8327050e4fe775ee4bdf288285 Mon Sep 17 00:00:00 2001 From: elmkarami Date: Wed, 19 Mar 2014 17:23:15 +0000 Subject: [PATCH 3/3] Update serializers.py --- rest_framework/serializers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rest_framework/serializers.py b/rest_framework/serializers.py index 03db418dc..4cb2d81c8 100644 --- a/rest_framework/serializers.py +++ b/rest_framework/serializers.py @@ -776,7 +776,7 @@ class ModelSerializer(Serializer): ret[field_name].read_only = True # Ensure that 'write_only_fields' is an iterable - assert isinstance(self.opts.write_only_fields, (list, tuple)), '`read_only_fields` must be a list or tuple' + assert isinstance(self.opts.write_only_fields, (list, tuple)), '`write_only_fields` must be a list or tuple' for field_name in self.opts.write_only_fields: assert field_name not in self.base_fields.keys(), (