GitHub link in toolbar

2025-01-24 08:14:16 +03:00 · 2012-09-12 13:11:26 +01:00 · 2012-09-12 13:11:26 +01:00 · dac4cb9e8b
commit dac4cb9e8b
parent 2469cd2c83
4 changed files with 27 additions and 6 deletions
--- a/docs/api-guide/exceptions.md
+++ b/docs/api-guide/exceptions.md
@ -8,7 +8,7 @@

 ## Exception handling in REST framework views

-REST framework's views handle various exceptions, and deal with returning appropriate error responses for you.
+REST framework's views handle various exceptions, and deal with returning appropriate error responses.

 The handled exceptions are:

@ -16,9 +16,9 @@ The handled exceptions are:
 * Django's `Http404` exception.
 * Django's `PermissionDenied` exception.

-In each case, REST framework will return a response, rendering it to an appropriate content-type.
+In each case, REST framework will return a response with an appropriate status code and content-type.  The body of the response will include any additional details regarding the nature of the error.

-By default all error messages will include a key `details` in the body of the response, but other keys may also be included.
+By default all error responses will include a key `details` in the body of the response, but other keys may also be included.

 For example, the following request:

--- a/docs/api-guide/permissions.md
+++ b/docs/api-guide/permissions.md
@ -12,7 +12,7 @@ Permission checks are always run at the very start of the view, before any other

 ## How permissions are determined

-Permissions in REST framework are always defined as a list of permission classes.  Before running the main body of the view, each permission in the list is checked.
+Permissions in REST framework are always defined as a list of permission classes.  Before running the main body of the view each permission in the list is checked.

 If any permission check fails an `exceptions.PermissionDenied` exception will be raised, and the main body of the view will not run.

@ -73,7 +73,18 @@ This permission is suitable if you want to your API to allow read permissions to

 ## DjangoModelPermissions

-This permission class ties into Django's standard `django.contrib.auth` model permissions.  When applied to a view that has a `.model` property, permission will only be granted if the user
+This permission class ties into Django's standard `django.contrib.auth` [model permissions][contribauth].  When applied to a view that has a `.model` property, authorization will only be granted if the user has the relevant model permissions assigned.
+
+* `POST` requests require the user to have the `add` permission on the model.
+* `PUT` and `PATCH` requests require the user to have the `change` permission on the model.
+* `DELETE` requests require the user to have the `delete` permission on the model.
+ 
+The default behaviour can also be overridden to support custom model permissions.  For example, you might want to include a `view` model permission for `GET` requests.
+
+To use custom model permissions, override `DjangoModelPermissions` and set the `.perms_map` property.  Refer to the source code for details.
+
+The `DjangoModelPermissions` class also supports object-level permissions.  Third-party authorization backends such as [django-guardian][guardian] should work just fine with `DjangoModelPermissions` without any custom configuration required.
+

 ## Custom permissions

@ -84,4 +95,6 @@ The method should return `True` if the request should be granted access, and `Fa

 [cite]: https://developer.apple.com/library/mac/#documentation/security/Conceptual/AuthenticationAndAuthorizationGuide/Authorization/Authorization.html
 [authentication]: authentication.md
-[throttling]: throttling.md
+[throttling]: throttling.md
+[contribauth]: https://docs.djangoproject.com/en/1.0/topics/auth/#permissions
+[guardian]: https://github.com/lukaszb/django-guardian
--- a/docs/static/css/drf-styles.css
+++ b/docs/static/css/drf-styles.css
@ -22,6 +22,13 @@ pre {
    display: block;
 }

+/* Header link to GitHub */
+.repo-link {
+    float: right;
+    margin-right: 10px;
+    margin-top: 7px;
+}
+
 /* GitHub 'Star' badge */
 body.index #main-content iframe {
    float: right;
--- a/docs/template.html
+++ b/docs/template.html
@ -21,6 +21,7 @@
    <div class="navbar navbar-inverse navbar-fixed-top">
      <div class="navbar-inner">
        <div class="container-fluid">
+            <a class="repo-link btn btn-primary btn-small" href="https://github.com/tomchristie/django-rest-framework/tree/restframework2">GitHub</a>
          <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
            <span class="icon-bar"></span>
            <span class="icon-bar"></span>