Version 2.3.3

2025-11-04 01:47:59 +03:00 · 2013-05-16 15:08:12 +01:00 · 2013-05-16 15:08:12 +01:00 · aff88d15f7
commit aff88d15f7
parent af88a5b175
4 changed files with 20 additions and 9 deletions
--- a/docs/topics/release-notes.md
+++ b/docs/topics/release-notes.md
@ -40,12 +40,15 @@ You can determine your currently installed version using `pip freeze`:

 ## 2.3.x series

-### Master
+### 2.3.2
+
+**Date**: 16th May 2013

 * Added SearchFilter
 * Added OrderingFilter
 * Added GenericViewSet
 * Bugfix: Multiple `@action` and `@link` methods now allowed on viewsets. 
+* Bugfix: Fix API Root view issue with DjangoModelPermissions

 ### 2.3.2

--- a/rest_framework/init.py
+++ b/rest_framework/init.py
@ -1,4 +1,4 @@
-__version__ = '2.3.2'
+__version__ = '2.3.3'

 VERSION = __version__  # synonym

--- a/rest_framework/permissions.py
+++ b/rest_framework/permissions.py
@ -126,6 +126,11 @@ class DjangoModelPermissions(BasePermission):
        if model_cls is None and queryset is not None:
            model_cls = queryset.model

+        # Workaround to ensure DjangoModelPermissions are not applied
+        # to the root view when using DefaultRouter.
+        if model_cls is None and getattr(view, '_ignore_model_permissions'):
+            return True
+
        assert model_cls, ('Cannot apply DjangoModelPermissions on a view that'
                           ' does not have `.model` or `.queryset` property.')

--- a/rest_framework/routers.py
+++ b/rest_framework/routers.py
@ -16,6 +16,7 @@ For example, you might have a `urls.py` that looks something like this:
 from __future__ import unicode_literals

 from collections import namedtuple
+from rest_framework import views
 from rest_framework.compat import patterns, url
 from rest_framework.decorators import api_view
 from rest_framework.response import Response
@ -217,14 +218,16 @@ class DefaultRouter(SimpleRouter):
        for prefix, viewset, basename in self.registry:
            api_root_dict[prefix] = list_name.format(basename=basename)

-        @api_view(('GET',))
-        def api_root(request, format=None):
-            ret = {}
-            for key, url_name in api_root_dict.items():
-                ret[key] = reverse(url_name, request=request, format=format)
-            return Response(ret)
+        class APIRoot(views.APIView):
+            _ignore_model_permissions = True

-        return api_root
+            def get(self, request, format=None):
+                ret = {}
+                for key, url_name in api_root_dict.items():
+                    ret[key] = reverse(url_name, request=request, format=format)
+                return Response(ret)
+
+        return APIRoot.as_view()

    def get_urls(self):
        """