encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-07-27 00:19:53 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge e53b66bed8 into 3bcd38b7d0

Browse Source
This commit is contained in:
Michael Elovskikh 2013-01-28 01:55:06 -08:00
commit d710ff9cec
6 changed files with 95 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rest_framework/renderers.py
View File

@ -427,6 +427,7 @@ class BrowsableAPIRenderer(BaseRenderer):
content = self.get_content(renderer, data, accepted_media_type, renderer_context)
put_form = self.get_form(view, 'PUT', request)
patch_form = self.get_form(view, 'PATCH', request)
post_form = self.get_form(view, 'POST', request)
delete_form = self.get_form(view, 'DELETE', request)
options_form = self.get_form(view, 'OPTIONS', request)
@ -448,6 +449,7 @@ class BrowsableAPIRenderer(BaseRenderer):
'allowed_methods': view.allowed_methods,
'available_formats': [renderer.format for renderer in view.renderer_classes],
'put_form': put_form,
'patch_form': patch_form,
'post_form': post_form,
'delete_form': delete_form,
'options_form': options_form,

8
rest_framework/static/rest_framework/js/default.js
View File

@ -3,3 +3,11 @@ prettyPrint();
$('.js-tooltip').tooltip({
delay: 1000
});
$('#patch-form').find('.field-switcher').on('change', function() {
var $this = $(this);
$('#patch-form').find('#'+$this.attr('data-field-id'))
.prop('disabled', !$this.prop('checked'));
});
$('#form-method-switcher a:first').tab('show');

76
rest_framework/templates/rest_framework/base.html
View File

@ -147,32 +147,64 @@
</div>
{% endif %}
{% if put_form %}
{% if put_form or patch_form %}
<div class="well">
<form action="{{ request.get_full_path }}" method="POST" {% if put_form.is_multipart %}enctype="multipart/form-data"{% endif %} class="form-horizontal">
<fieldset>
<input type="hidden" name="{{ api_settings.FORM_METHOD_OVERRIDE }}" value="PUT" />
{% csrf_token %}
{{ put_form.non_field_errors }}
{% for field in put_form %}
<div class="control-group"> <!--{% if field.errors %}error{% endif %}-->
{{ field.label_tag|add_class:"control-label" }}
<div class="controls">
{{ field }}
<span class='help-inline'>{{ field.help_text }}</span>
<!--{{ field.errors|add_class:"help-block" }}-->
<ul class="nav nav-pills" id="form-method-switcher">
{% if put_form %}<li><a href="#put-form" data-toggle="pill">PUT Form</a></li>{% endif %}
{% if patch_form %}<li><a href="#patch-form" data-toggle="pill">PATCH Form</a></li>{% endif %}
</ul>
<div class="tab-content">
{% if put_form %}
<div class="tab-pane" id="put-form">
<form action="{{ request.get_full_path }}" method="POST" {% if put_form.is_multipart %}enctype="multipart/form-data"{% endif %} class="form-horizontal">
<fieldset>
<input type="hidden" name="{{ api_settings.FORM_METHOD_OVERRIDE }}" value="PUT" />
{% csrf_token %}
{{ put_form.non_field_errors }}
{% for field in put_form %}
<div class="control-group"> <!--{% if field.errors %}error{% endif %}-->
{{ field.label_tag|add_class:"control-label" }}
<div class="controls">
{{ field }}
<span class='help-inline'>{{ field.help_text }}</span>
<!--{{ field.errors|add_class:"help-block" }}-->
</div>
</div>
{% endfor %}
<div class="form-actions">
<button class="btn btn-primary js-tooltip" title="Make a PUT request on the {{ name }} resource">PUT</button>
</div>
</div>
{% endfor %}
<div class="form-actions">
<button class="btn btn-primary js-tooltip" title="Make a PUT request on the {{ name }} resource">PUT</button>
</div>
</fieldset>
</form>
</fieldset>
</form>
</div>
{% endif %}
{% if patch_form %}
<div class="tab-pane" id="patch-form">
<form action="{{ request.get_full_path }}" method="POST" {% if patch_form.is_multipart %}enctype="multipart/form-data"{% endif %} class="form-horizontal">
<fieldset>
<input type="hidden" name="{{ api_settings.FORM_METHOD_OVERRIDE }}" value="PATCH" />
{% csrf_token %}
{{ patch_form.non_field_errors }}
{% for field in patch_form %}
<div class="control-group"> <!--{% if field.errors %}error{% endif %}-->
{{ field.label_tag|add_class:"control-label" }}
<div class="controls">
{{ field }}&nbsp;<input checked="checked" type="checkbox" id="{{ field.html_name }}_field_sent" class="field-switcher" data-field-id="{{ field.auto_id }}">
<span class='help-inline'>{{ field.help_text }}</span>
<!--{{ field.errors|add_class:"help-block" }}-->
</div>
</div>
{% endfor %}
<div class="form-actions">
<button class="btn btn-primary js-tooltip" title="Make a PATCH request on the {{ name }} resource">PATCH</button>
</div>
</fieldset>
</form>
</div>
{% endif %}
</div>
</div>
{% endif %}
{% endif %}
</div>

14
rest_framework/tests/authentication.py
View File

@ -1,12 +1,13 @@
from django.contrib.auth.models import User
from django.http import HttpResponse
from django.test import Client, TestCase
from django.test import TestCase
from rest_framework import permissions
from rest_framework.authtoken.models import Token
from rest_framework.authentication import TokenAuthentication, BasicAuthentication, SessionAuthentication
from rest_framework.compat import patterns
from rest_framework.views import APIView
from rest_framework.tests.utils import Client
import json
import base64
@ -18,6 +19,9 @@ class MockView(APIView):
def post(self, request):
return HttpResponse({'a': 1, 'b': 2, 'c': 3})
def patch(self, request):
return HttpResponse({'a': 1, 'b': 2, 'c': 3})
def put(self, request):
return HttpResponse({'a': 1, 'b': 2, 'c': 3})
@ -103,6 +107,14 @@ class SessionAuthTests(TestCase):
response = self.non_csrf_client.put('/session/', {'example': 'example'})
self.assertEqual(response.status_code, 200)
def test_patch_form_session_auth_passing(self):
"""
Ensure PATCHting form over session authentication with logged in user and CSRF token passes.
"""
self.non_csrf_client.login(username=self.username, password=self.password)
response = self.non_csrf_client.patch('/', {'example': 'example'})
self.assertEqual(response.status_code, 200)
def test_post_form_session_auth_failing(self):
"""
Ensure POSTing form over session authentication without logged in user fails.

4
rest_framework/tests/renderers.py
View File

@ -111,6 +111,9 @@ class POSTDeniedView(APIView):
def put(self, request):
return Response()
def patch(self, request):
return Response()
class DocumentingRendererTests(TestCase):
def test_only_permitted_forms_are_displayed(self):
@ -119,6 +122,7 @@ class DocumentingRendererTests(TestCase):
response = view(request).render()
self.assertNotContains(response, '>POST<')
self.assertContains(response, '>PUT<')
self.assertContains(response, '>PATCH<')
class RendererEndToEndTests(TestCase):

16
rest_framework/tests/utils.py
View File

@ -1,9 +1,9 @@
from django.test.client import RequestFactory, FakePayload
from django.test.client import Client as _Client, RequestFactory as _RequestFactory, FakePayload
from django.test.client import MULTIPART_CONTENT
from urlparse import urlparse
class RequestFactory(RequestFactory):
class RequestFactory(_RequestFactory):
def __init__(self, **defaults):
super(RequestFactory, self).__init__(**defaults)
@ -25,3 +25,15 @@ class RequestFactory(RequestFactory):
}
r.update(extra)
return self.request(**r)
class Client(_Client, RequestFactory):
def patch(self, path, data={}, content_type=MULTIPART_CONTENT,
follow=False, **extra):
"""
Send a resource to the server using PATCH.
"""
response = super(Client, self).patch(path, data=data, content_type=content_type, **extra)
if follow:
response = self._handle_redirects(response, **extra)
return response