mirror of
https://github.com/encode/django-rest-framework.git
synced 2025-08-04 20:40:14 +03:00
Merge branch 'master' into localizedfloatfield
This commit is contained in:
commit
878a0a577f
|
@ -95,7 +95,7 @@ The following packages are optional:
|
|||
|
||||
* [coreapi][coreapi] (1.32.0+) - Schema generation support.
|
||||
* [Markdown][markdown] (2.1.0+) - Markdown support for the browsable API.
|
||||
* [django-filter][django-filter] (0.9.2+) - Filtering support.
|
||||
* [django-filter][django-filter] (1.0.1+) - Filtering support.
|
||||
* [django-crispy-forms][django-crispy-forms] - Improved HTML display for filtering.
|
||||
* [django-guardian][django-guardian] (1.1.1+) - Object level permissions support.
|
||||
|
||||
|
|
|
@ -148,4 +148,4 @@ To implement a hypermedia API you'll need to decide on an appropriate media type
|
|||
[image-django-rest-swagger]: ../img/django-rest-swagger.png
|
||||
[image-apiary]: ../img/apiary.png
|
||||
[image-self-describing-api]: ../img/self-describing.png
|
||||
[schemas-examples]: api-guide/schemas/#examples
|
||||
[schemas-examples]: ../api-guide/schemas/#examples
|
||||
|
|
|
@ -64,7 +64,7 @@ There are a wide range of resources available for learning and using Django REST
|
|||
* [Classy Django REST Framework][cdrf.co]
|
||||
* [DRF-schema-adapter][drf-schema]
|
||||
|
||||
Want your Django REST Framework talk/tutorial/article to be added to our website? Or know of a resource that's not yet included here? Please [submit a pull request][submit-pr] or [email us][mailto:anna@django-rest-framework.org]!
|
||||
Want your Django REST Framework talk/tutorial/article to be added to our website? Or know of a resource that's not yet included here? Please [submit a pull request][submit-pr] or [email us][anna-email]!
|
||||
|
||||
|
||||
[beginners-guide-to-the-django-rest-framework]: http://code.tutsplus.com/tutorials/beginners-guide-to-the-django-rest-framework--cms-19786
|
||||
|
@ -107,3 +107,4 @@ Want your Django REST Framework talk/tutorial/article to be added to our website
|
|||
[drf-tutorial]: https://tests4geeks.com/django-rest-framework-tutorial/
|
||||
[building-a-restful-api-with-drf]: http://agiliq.com/blog/2014/12/building-a-restful-api-with-django-rest-framework/
|
||||
[submit-pr]: https://github.com/tomchristie/django-rest-framework
|
||||
[anna-email]: mailto:anna@django-rest-framework.org
|
||||
|
|
|
@ -5,6 +5,7 @@ from __future__ import unicode_literals
|
|||
|
||||
from django.http import Http404
|
||||
|
||||
from rest_framework import exceptions
|
||||
from rest_framework.compat import is_authenticated
|
||||
|
||||
|
||||
|
@ -108,6 +109,10 @@ class DjangoModelPermissions(BasePermission):
|
|||
'app_label': model_cls._meta.app_label,
|
||||
'model_name': model_cls._meta.model_name
|
||||
}
|
||||
|
||||
if method not in self.perms_map:
|
||||
raise exceptions.MethodNotAllowed(method)
|
||||
|
||||
return [perm % kwargs for perm in self.perms_map[method]]
|
||||
|
||||
def has_permission(self, request, view):
|
||||
|
@ -169,6 +174,10 @@ class DjangoObjectPermissions(DjangoModelPermissions):
|
|||
'app_label': model_cls._meta.app_label,
|
||||
'model_name': model_cls._meta.model_name
|
||||
}
|
||||
|
||||
if method not in self.perms_map:
|
||||
raise exceptions.MethodNotAllowed(method)
|
||||
|
||||
return [perm % kwargs for perm in self.perms_map[method]]
|
||||
|
||||
def has_object_permission(self, request, view, obj):
|
||||
|
|
|
@ -200,6 +200,15 @@ class ModelPermissionsIntegrationTests(TestCase):
|
|||
response = empty_list_view(request, pk=1)
|
||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||
|
||||
def test_calling_method_not_allowed(self):
|
||||
request = factory.generic('METHOD_NOT_ALLOWED', '/')
|
||||
response = root_view(request)
|
||||
self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED)
|
||||
|
||||
request = factory.generic('METHOD_NOT_ALLOWED', '/1')
|
||||
response = instance_view(request, pk='1')
|
||||
self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED)
|
||||
|
||||
|
||||
class BasicPermModel(models.Model):
|
||||
text = models.CharField(max_length=100)
|
||||
|
@ -384,6 +393,11 @@ class ObjectPermissionsIntegrationTests(TestCase):
|
|||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||
self.assertListEqual(response.data, [])
|
||||
|
||||
def test_cannot_method_not_allowed(self):
|
||||
request = factory.generic('METHOD_NOT_ALLOWED', '/')
|
||||
response = object_permissions_list_view(request)
|
||||
self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED)
|
||||
|
||||
|
||||
class BasicPerm(permissions.BasePermission):
|
||||
def has_permission(self, request, view):
|
||||
|
|
Loading…
Reference in New Issue
Block a user