A boolean representation.
+When using HTML encoded form input be aware that omitting a value will always be treated as setting a field to False, even if it has a default=True option specified. This is because HTML checkbox inputs represent the unchecked state by omitting the value, so REST framework treats omission as if it is an empty checkbox input.
Corresponds to django.db.models.fields.BooleanField.
Signature: BooleanField()
Together with authentication and throttling, permissions determine whether a request should be granted or denied access.
Permission checks are always run at the very start of the view, before any other code is allowed to proceed. Permission checks will typically use the authentication information in the request.user and request.auth properties to determine if the incoming request should be permitted.
Permissions are used to grant or deny access different classes of users to different parts of the API.
+The simplest style of permission would be to allow access to any authenticated user, and deny access to any unauthenticated user. This corresponds the IsAuthenticated class in REST framework.
A slightly less strict style of permission would be to allow full access to authenticated users, but allow read-only access to unauthenticated users. This corresponds to the IsAuthenticatedOrReadOnly class in REST framework.
Permissions in REST framework are always defined as a list of permission classes.
Before running the main body of the view each permission in the list is checked.
-If any permission check fails an exceptions.PermissionDenied exception will be raised, and the main body of the view will not run.
exceptions.PermissionDenied or exceptions.NotAuthenticated exception will be raised, and the main body of the view will not run.
+When the permissions checks fail either a "403 Forbidden" or a "401 Unauthorized" response will be returned, according to the following rules:
+WWW-Authenticate headers. — An HTTP 403 Forbidden response will be returned.WWW-Authenticate headers. — An HTTP 401 Unauthorized response, with an appropriate WWW-Authenticate header will be returned.REST framework permissions also support object-level permissioning. Object level permissions are used to determine if a user should be allowed to act on a particular object, which will typically be a model instance.
Object level permissions are run by REST framework's generic views when .get_object() is called.
@@ -526,7 +535,7 @@ def example_view(request, format=None):
This permission is suitable if you want your API to only be accessible to registered users.
The IsAdminUser permission class will deny permission to any user, unless user.is_staff is True in which case permission will be allowed.
This permission is suitable is you want your API to only be accessible to a subset of trusted administrators.
+This permission is suitable if you want your API to only be accessible to a subset of trusted administrators.
The IsAuthenticatedOrReadOnly will allow authenticated users to perform any request. Requests for unauthorised users will only be permitted if the request method is one of the "safe" methods; GET, HEAD or OPTIONS.
This permission is suitable if you want to your API to allow read permissions to anonymous users, and only allow write permissions to authenticated users.
diff --git a/api-guide/relations/index.html b/api-guide/relations/index.html index 03e88565a..2c4fe9b65 100644 --- a/api-guide/relations/index.html +++ b/api-guide/relations/index.html @@ -792,7 +792,7 @@ class Note(models.Model): return 'Note: ' + value.text raise Exception('Unexpected type of tagged object') -If you need the target of the relationship to have a nested representation, you can use the required serializers inside the .to_native() method:
If you need the target of the relationship to have a nested representation, you can use the required serializers inside the .to_representation() method:
def to_representation(self, value):
"""
Serialize bookmark instances using a bookmark serializer,
diff --git a/api-guide/routers/index.html b/api-guide/routers/index.html
index 892e9df46..e204b48ed 100644
--- a/api-guide/routers/index.html
+++ b/api-guide/routers/index.html
@@ -462,7 +462,7 @@ urlpatterns = router.urls
Note: The base_name argument is used to specify the initial part of the view name pattern. In the example above, that's the user or account part.
-Typically you won't need to specify the base-name argument, but if you have a viewset where you've defined a custom get_queryset method, then the viewset may not have a .queryset attribute set. If you try to register that viewset you'll see an error like this:
+Typically you won't need to specify the base_name argument, but if you have a viewset where you've defined a custom get_queryset method, then the viewset may not have a .queryset attribute set. If you try to register that viewset you'll see an error like this:
'base_name' argument not specified, and could not automatically determine the name from the viewset, as it does not have a '.queryset' attribute.
This means you'll need to explicitly set the base_name argument when registering the viewset, as it could not be automatically determined from the model name.
diff --git a/api-guide/serializers/index.html b/api-guide/serializers/index.html
index 71da4a993..548888968 100644
--- a/api-guide/serializers/index.html
+++ b/api-guide/serializers/index.html
@@ -369,6 +369,10 @@
Validation
+
+ Accessing the initial data and instance
+
+
Partial updates
@@ -736,6 +740,9 @@ class GameRecord(serializers.Serializer):
)
For more information see the validators documentation.
+When passing an initial object or queryset to a serializer instance, the object will be made available as .instance. If no initial object is passed then the .instance attribute will be None.
When passing data to a serializer instance, the unmodified data will be made available as .initial_data. If the data keyword argument is not passed then the .initial_data attribute will not exist.
By default, serializers must be passed values for all required fields or they will raise validation errors. You can use the partial argument in order to allow partial updates.
# Update `comment` with partial data
diff --git a/img/.DS_Store b/img/.DS_Store
new file mode 100644
index 000000000..ad96cb498
Binary files /dev/null and b/img/.DS_Store differ
diff --git a/img/1-kuwaitnet.png b/img/1-kuwaitnet.png
new file mode 100644
index 000000000..c73b68154
Binary files /dev/null and b/img/1-kuwaitnet.png differ
diff --git a/img/autocomplete.png b/img/autocomplete.png
new file mode 100644
index 000000000..29075b257
Binary files /dev/null and b/img/autocomplete.png differ
diff --git a/img/sponsors/.DS_Store b/img/sponsors/.DS_Store
new file mode 100644
index 000000000..24ff55088
Binary files /dev/null and b/img/sponsors/.DS_Store differ
diff --git a/tutorial/1-serialization/index.html b/tutorial/1-serialization/index.html
index 435d47e6c..5682989c4 100644
--- a/tutorial/1-serialization/index.html
+++ b/tutorial/1-serialization/index.html
@@ -535,7 +535,7 @@ content
Deserialization is similar. First we parse a stream into Python native datatypes...
# This import will use either `StringIO.StringIO` or `io.BytesIO`
# as appropriate, depending on if we're running Python 2 or Python 3.
-from rest_framework.compat import BytesIO
+from django.utils.six import BytesIO
stream = BytesIO(content)
data = JSONParser().parse(stream)
@@ -565,7 +565,7 @@ Open the file snippets/serializers.py again, and edit the Sni
model = Snippet
fields = ('id', 'title', 'code', 'linenos', 'language', 'style')
-One nice property that serializers have is that you can inspect all the fields in a serializer instance, by printing it's representation. Open the Django shell with python manange.py shell, then try the following:
+One nice property that serializers have is that you can inspect all the fields in a serializer instance, by printing it's representation. Open the Django shell with python manage.py shell, then try the following:
>>> from snippets.serializers import SnippetSerializer
>>> serializer = SnippetSerializer()
>>> print(repr(serializer))
diff --git a/tutorial/2-requests-and-responses/index.html b/tutorial/2-requests-and-responses/index.html
index 9fa4b0920..e9436d2aa 100644
--- a/tutorial/2-requests-and-responses/index.html
+++ b/tutorial/2-requests-and-responses/index.html
@@ -547,7 +547,7 @@ http --json POST http://127.0.0.1:8000/snippets/ code="print 456"
"id": 4,
"title": "",
"code": "print 456",
- "linenos": true,
+ "linenos": false,
"language": "python",
"style": "friendly"
}
diff --git a/tutorial/quickstart/index.html b/tutorial/quickstart/index.html
index 64243dc00..b81e1dc4a 100644
--- a/tutorial/quickstart/index.html
+++ b/tutorial/quickstart/index.html
@@ -403,7 +403,7 @@ pip install django
pip install djangorestframework
# Set up a new project with a single application
-django-admin.py startproject tutorial .
+django-admin.py startproject tutorial . # Note the trailing '.' character
cd tutorial
django-admin.py startapp quickstart
cd ..