Merge branch 'master' of github.com:tomchristie/django-rest-framework

2024-11-11 04:07:39 +03:00 · 2015-07-22 12:36:43 +01:00 · 2015-07-22 12:36:43 +01:00 · 762a30dbda
commit 762a30dbda
parent f9c61e8090 cab981837f
4 changed files with 25 additions and 4 deletions
--- a/docs/tutorial/quickstart.md
+++ b/docs/tutorial/quickstart.md
@ -83,8 +83,6 @@ Rather than write multiple views we're grouping together all the common behavior

 We can easily break these down into individual views if we need to, but using viewsets keeps the view logic nicely organized as well as being very concise.

-For trivial cases you can simply set a `model` attribute on the `ViewSet` class and the serializer and queryset will be automatically generated for you.  Setting the `queryset` and/or `serializer_class` attributes gives you more explicit control of the API behaviour, and is the recommended style for most applications.
-
 ## URLs

 Okay, now let's wire up the API URLs.  On to `tutorial/urls.py`...
--- a/requirements/requirements-optionals.txt
+++ b/requirements/requirements-optionals.txt
@ -1,4 +1,4 @@
 # Optional packages which may be used with REST framework.
 markdown==2.5.2
-django-guardian==1.2.5
+django-guardian==1.3.0
 django-filter==0.10.0
--- a/rest_framework/filters.py
+++ b/rest_framework/filters.py
@ -198,4 +198,7 @@ class DjangoObjectPermissionsFilter(BaseFilterBackend):
            'model_name': get_model_name(model_cls)
        }
        permission = self.perm_format % kwargs
-        return guardian.shortcuts.get_objects_for_user(user, permission, queryset)
+        if guardian.VERSION >= (1, 3):
+            # Maintain behavior compatibility with versions prior to 1.3
+            extra = {'accept_global_perms': False}
+        return guardian.shortcuts.get_objects_for_user(user, permission, queryset, **extra)
--- a/rest_framework/serializers.py
+++ b/rest_framework/serializers.py
@ -153,6 +153,16 @@ class BaseSerializer(Field):
            'You cannot call `.save()` on a serializer with invalid data.'
        )

+        # Guard against incorrect use of `serializer.save(commit=False)`
+        assert 'commit' not in kwargs, (
+            "'commit' is not a valid keyword argument to the 'save()' method. "
+            "If you need to access data before committing to the database then "
+            "inspect 'serializer.validated_data' instead. "
+            "You can also pass additional keyword arguments to 'save()' if you "
+            "need to set extra attributes on the saved model instance. "
+            "For example: 'serializer.save(owner=request.user)'.'"
+        )
+
        validated_data = dict(
            list(self.validated_data.items()) +
            list(kwargs.items())
@ -611,6 +621,16 @@ class ListSerializer(BaseSerializer):
        """
        Save and return a list of object instances.
        """
+        # Guard against incorrect use of `serializer.save(commit=False)`
+        assert 'commit' not in kwargs, (
+            "'commit' is not a valid keyword argument to the 'save()' method. "
+            "If you need to access data before committing to the database then "
+            "inspect 'serializer.validated_data' instead. "
+            "You can also pass additional keyword arguments to 'save()' if you "
+            "need to set extra attributes on the saved model instance. "
+            "For example: 'serializer.save(owner=request.user)'.'"
+        )
+
        validated_data = [
            dict(list(attrs.items()) + list(kwargs.items()))
            for attrs in self.validated_data